To Customer Support To Customer Support

'Super-secure' BlackPhone pwned by super-silly txt msg bug

  • 27 January 2015
  • 2 replies
  • 233 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

People always talk about your reputation ... Just be good to free()

27 Jan 2015 at 22:41, Darren Pauli
 
Exclusive The maker of BlackPhone – a mobile marketed as offering unusually high levels of security – has patched a critical vulnerability that allows hackers to run malicious code on the handsets.
Attackers need little more than a phone number to send a message that can compromise the devices via the Silent Text application.
The impact of the flaw is troubling because BlackPhone attracts what hackers see as high-value victims: those willing to invest AU$765 (£415, $630) in a phone that claims to put security above form and features may well have valuable calls and texts to hide from eavesdroppers.
Noted Sydney-based hacker Mark Dowd (@mdowd) and co-founder of security consultancy Azimuth Security discovered the flaw during casual research in the latter months of last year, and shared the findings with The Register while the fix – due to be disclosed today – was being developed.
 
Full Article

2 replies

R
Rank
Userlevel 7

Posted on 28 January 2015.BlackPhone, a mobile phone aimed at users who want to keep their communications secure from mass surveillance attempts, is affected by a critical security vulnerability that can be exploited to reveal users' contacts, the content of their (encrypted) messages, and their location information, as well as to load additional code that can lead to the attacker having complete control over the handset.

The good news is that the hole has been plugged.

The flaw was discovered by Australian security researcher and co-founder of security consultancy Azimuth Security Mark Dowd, who responsibly disclosed it to the device creators and Silent Circle, the developers of the SilentText app that is actually the application that introduced it into the device. full article
Petrovic
Rank
Userlevel 7
Badge +52
No device can be totally secure, states a researcher by exposing security vulnerability in Blackphone
 
Super secure Blackphone security stands exposed! A researcher has found out a vulnerability in Blackphone security suite which allows a potential attacker to access and decrypts messages, steal contacts and control the mobile device remotely.
 
Blackphone which is touted as world’s most secure smartphone and was developed in light of post-Snowden privacy
concerns faced by users has found success among them. The device contains custom Android operating system called PrivatOS, and features remote wiping tools and an app suite which uses encryption technology for making calls, sending texts and sharing files.
 
Full Article
Helpful Webroot Links: Download (PC) | Download (Best Buy Subscription) | Submit Support Ticket | Account Console | User_Guides | BrightCloud URL lookup

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.