Language Selection

English French German Italian Portuguese Spanish

$629 Blackphone aims to hide you from the NSA

Filed under
Android
Linux

Like the idea of using a pocket-sized computer to make calls, send messages, surf the web, and smash birds into pigs… but don’t like the idea of government agencies snooping on your communications?

Read more ►

This promise of security

This promise of security smells of closed source and vendor lock-in ... I'm not in a hurry buy it (also, the price is quite unrealistic).

Trust

The backers of the phone have reputation that give them some trust (earned, not inherited).

I know, I have one of the

I know, I have one of the Geeksphone Firefox OS devices, but this is something else. Once they open source everything, _maybe_ then I'll change my opinion.

Fair point

Fair point. Either way, if they keep it proprietary they'll lose credibility.

A friend of mine wrote a bit

A friend of mine wrote a bit more on the subject:
https://manurevah.com/blah/en/blog/Monetising-Fear-Presents-the-Blackphone

SSL

Your friend's SSL cert is making it hard to access the site (the cert needs to be updated). There is now more coverage of the false promise of security, so you were right.

"This experience has taught me one very important lesson: without congressional action or a strong judicial precedent, I would _strongly_ recommend against anyone trusting their private data to a company with physical ties to the United States." -Important quote from the messenger himself

Android now has some nice Tor clients that Rianne and I are using, accessing this site via Russia, India, and so on. The server has good security, but it is located in the US and the Web side uses no SSL cert.

Self Signed SSL

Hi,

Just to add to Nux's comment, the SSL is fine. The issue you might be seeing is that it is signed by my own "CA".

You could avoid warnings by importing my Root CA, but that would mean I could produce and sign a certificate for google.com for example and your browser would trust it. This could worry some people as the average browser trusts over a 100 various organisations to behave and to be secure.

So as Nux said, there's nothing wrong with my SSL, there's something wrong with how SSL is implemented.

BTW, you can verify my SSL by using `dig`

dig manurevah.com TXT

Also, my website is available in cleartext as well: http://manurevah.com/blah/en/blog/Monetising-Fear-Presents-the-Blackphone

Cheers,

Useful to know perhaps

For some visitors that head towards the HTTPS version it might be hard to enter. It can be useful to know.

The SSL is just fine, feel

The SSL is just fine, feel free to inspect the cert. Smile

speaking of ssl

there is a https://tuxmachines.org
but it opens something else.

Host

I wasn't aware of it. Maybe we should just turn this site to SSL-enabled (at least as an option) for privacy?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

How To Make Good Use Of 'grep' Command

​Linux and UNIX systems come with a shell command known as ‘grep’. This simply looks for a specified text, or pattern, in a file or an entire directory. The most common usage is for quickly searching a file for occurrences of a pattern, which can be in plain text, or in the form of a regular expression. Here, the patterns used will be simple text rather than regular expressions. Read
more

Android Leftovers

An Early Look At Linux 4.16 Performance On Five Systems

Here are some preliminary benchmarks of the Linux 4.16 development kernel compared to Linux 4.15 stable on five different systems. Last week I began testing out the Linux 4.16 kernel on a few different boxes and it's been going rather well (sans the ongoing AMD Raven Ridge Linux issues...). For some initial Linux 4.16 kernel benchmarks I have results today to share for a Core i5 6600K, Core i7 6800K, Xeon E3-1280 v5, Core i9 7980XE, and Ryzen 7 1800X as a few of the available boxes for testing. Tests on other hardware and a greater variety of tests will be coming in the days and weeks ahead as Linux 4.16 continues to stabilize. Read more

Oracle open-sources DTrace under the GPL

Oracle appears to have open-sourced DTrace, the system instrumentation tool that Sun Microsystems created in the early 2000s and which has been beloved of many-a-sysadmin ever since. As noted by developer Mark J. Wielaard, this commit by an Oracle developer shows that something is afoot. Read more