> Mobile security platform
More like, now comes with Komodo/Superfish and special Hezbollah detector.
Security specialist Kaymera – based in Herzliya, Israel – has launched a mobile security platform aimed at paranoid corporations. The Kaymera 360° software consists of a secure build of Android and accompanying MDM functions. The company describes it as a three-layer approach of protection, prevention and detection. Using a …
Funny, the gangstas, bankstas, terroristas(yep, you did spelled it wrong), and others, from your words, can't have the joy of the ultimate privacy, nevertheless they are plenty around and still doing business...so, how it would be different? And you forget to include the MEPAS and politiciansas...
Apple is already there, if you use Facetime it is encrypted end to end and Apple does not possess the technical means to decrypt it - the two phones use secure key exchange using device keys Apple does not hold to create a session key for the call. The infrastructure already exists for Apple to do this for all iPhone to iPhone calls. I hope they do it with iOS 9, even though (or especially because) it'll really have the government up in arms, a lot more than they were last fall when iOS and Android tightened things up for device encryption!
I'm sure Android has some similar provision for at least those phones using Google's services to do a secure key exchange. It would be a little more difficult to do iPhone -> Android encrypted calling by default, but I'm sure the clever people at Apple, Google and Microsoft could get together on an interoperable standard.
There should be no reason people have to rely on special firmware or special calling apps. Encrypted calling done in a way the phone/OS OEM doesn't possess the means of decryption needs to be built into all phones by default, and not rely solely on the SIM's encryption which we now know has been compromised by the NSA for years.
I know the "paranoid OS" is more than just secure calling, but that seems to be the thing this company is basing their offering on. Without secure calling having a secure OS is like having a high security lock on your house with an open window on the ground floor in the backyard.
"but I'm sure the clever people at Apple, Google and Microsoft could get together on an interoperable standard."
Doesn't that already exist, called 'Skype'?
I seem to recall some acronymous agency offering a bounty to anyone who could crack Skype encryption?
Or was that misdirection?
No need for black helicopters in any post on this topic; they're there by default.
"Phones can be flashed by Kaymera and then sent out, or flashed by the company on-premises at secure facilities – which is what they do with government customers – or the build can be downloaded and installed by a corporate IT department."
We all know well now how NSA loves to intercept things during delivery...
Quite so. I would love a properly security-minded Android phone, but all the (few) ones I've seen so far imply astronomical prices and / or ongoing subscriptions, which I'm not really happy to pay - as much as I value privacy, I'm not exactly printing money here. It seem privacy is a corporate-targeted commodity indeed.
AceRimmer, that's closer to the truth than you may realise. Several members of the Paranoid Android team are now on the payroll at OnePlus, tasked with developing the new official ROM for the OnePlus One to replace CyanogenMod...
The problem with yet another security offering is the question why anyone would trust this. This is not because where it comes from this time, but quite simply a generic issue.
Don't trust that black box! Use our black box which uses more fancy words!
Nope, not working for me.
Well you cannot secure Android as it's just _far_ to complex to be secured.
Even little things like a proprietary closed source audio codec driver are large enough to hide malware.
If you actually want to have something secure, you'd have to go through another route. You'd need to make the system _much_ simpler and open. Plus you'd need to use hardware separation for different tasks. On some modern "smart"-phones your GSM baseband can access the memory of your application processor. Since the GSM baseband runs very complex very closed source software, it's likely to be very buggy or even contain malware. If it can access the memory of your application processor there is no way it can guarantee security. However if, on the other side, you have a separate processor just to deal with the GSM, and it only talks via very simple protocols with the rest of the device, chances are much lower that a network side attack is possible.
So if I'd be building such a device, it would just be a bunch of simple micro-controllers, each one having a single fixed task. There would, ideally, be no local storage and the software would be simple enough you could just put epoxy on the programming ports since there wouldn't be a need for updates. It would just be a simple (graphical) terminal. Application software would be run on a server belonging to the user and stored in a safe place. Phone calls would also be routed through it.
Of course that won't save you from being tracked, but for some people that's not an issue.
Biting the hand that feeds IT © 1998–2020