6.3. How to get out of an inprivacy jail

How to Get Out of an InPrivacy Jail
By Yury Chemerkin
June 7, 2014

 MULTISKILLED SECURITY RESEARCHER
 EXPERIENCED IN :
 REVERSE ENGINEERING & AV, DEVELOPMENT (IN THE PAST)
 MOBILE SECURITY, INCL. IAM, MDM, MAM, etc.
 CYBER SECURITY & CLOUD SECURITY (INCL. IAM)
 IAM & COMPLIANCE & FORENSICS ON MOBILE & CLOUD SECURITY
 WRITING (STO BLOG, HAKING, PENTEST, eFORENSICS Magazines)
 PARTICIPATION AT CONFERENCES:
 INFOSECURITY RUSSIA, NULLCON, ATHCON, CONFIDENCE, PHDAYS, HACKERHALTED,
 DEFCON MOSCOW, HACKTIVITY, HACKFEST, NOTACON, HACKMIAMI;
 CYBERCRIME FORUM, CYBER INTELLIGENCE EUROPE/INTELLIGENCE-SEC, DEEPINTEL;
 ICITST, CTICON, ITA, I-SOCIETY;
[ YURY CHEMERKIN ]
linkedin.com/in/yurychemerkin http://sto-strategy.com yury.s@chemerkin.com

 Wild Animals :: < Mobile Apps >
 Wild Tools :: < Forensics Tools, Data/Backup Tools >
 Wild Security Concepts :: < Data Protection Concepts, Best Practices >
 Wild Environment :: < OS: iOS, Android , BlackBerry >
 Wild Security Solutions :: < OS Security, MDM, MAM, MIM Solutions >
 State of Facts :: < Mobile Data Application Report - BlackBerry, iOS, Android >
 Recommendations :: < MAM, Development Advices, etc. >
 Other Salvation Ideas :: < BlackPhone >
WILD ANIMALS: ANIMAL PLANET
AGENDA

Forensics Capabilities on Application Data Access

Data-at-Rest (DAR) protection
Data-in-Use (DIU) protection
Data-in-Transit (DIT) protection
Data-in-motion (DIM) protection (~DIT)
Data-in-action (DIA) protection (~DIU)
App Disablement (similar to DIU &
DAR)
Location Masking (similar to DIT/DIM)
Depends on sandbox & FS architecture
More about developer’s imagination
Mix two previous in regards to whole
device
Like DIT but depends on app
OS API and developer’s imagination 
Rule based policies, out of dev activity
Policies & DIM/DIT characteristics
DATA PROTECTION CONCEPTS
Type Roots

SQLite storage
 any type of data
Binary cookies
 depends, usually, credentials, tokens
Keyboard Cache
 auto correction, word list counts 600
Snapshot Storage
 any preview info, like email from Banks
File Cache
 attachments, files from clouds, etc.
Error logs
 any data, even credentials
iCloud
 all data backup to cloud, even
credentials
Storing Information on device ::
iOS data-in-rest Specifics

Where & What stores ::
/data/data/<package>/…
 App
 analytics, dump, misc
 Cache
 up/downloaded files
 Databases
 history, chat, bank info
 Files
 attachments, crypto-keys
 Shared_prefs
 credentials, token, history
How does it store
 Shared preferences (lightweight XML
format)
 Internal storage (/data/data/ + shared docs
& media)
 External storage (cache, debug, db, maps)
 SQLite (DB, discussed earlier)
 Network (logs/event, datestamp,
credentials)
Android data-in-rest Specifics

BlackBerry Backup
 What :: app, app data, app config, all
documents, etc.
 How :: ElcomSoft, any other that works with
BB backup
Shared folders
 What :: docs, media, backup with credentials
may happen
 How :: live access, spyware, rarely encrypted
Remotely accessed data
 What :: device entirely plus SD-Card
 How :: BB Link should authorized PC before
gaining access
Android application data files
 What :: cached files, any other like Android
App
 Where :: Device/misc/android/Android/data)
 How :: like a shared folders or remote access
Misc tracks
 Device/Misc
 What :: Misc files, backup like
whatsapp,
 How:: like a shared folders or remote
access
 Device/Android except android data
 What :: any data Android and Android
apps usually store on SD card
 How :: :: like a shared folders or remote
access
The rest data protected except you got an access
to backup or find a way how to root/jailbreak OS 
BlackBerry data-in-rest Specifics

[ EMM FRAMEWORK ]
EMM (EnterpriseMobileManagement) 3rd PartySolutionstoEMM
NAC: Network Access Control
(Management)
AV: Antiviruses Solution
Mobile SIEM: Log Management
Solution
DLP: Data-Leakage Prevention
COMPLIANCE: Standards, Best-
Practices, Guidelines, etc.
MDM: Mobile Device Management
MAM: Mobile Application
Management
MEM: Mobile Email Management
MIM: Mobile Information Management
Devices: Smartphones, Tablets

 Password protection & reset
 Remote & Selective device wipe
 Remote lock
 Set VPN, Wi-Fi, APN, proxy/gateway settings
 Configuration monitoring/auditing
 Automated provisioning/enrollment
 Disable basic features (camera, Bluetooth, Wi-Fi, NFC, Cellular, etc.)
 Manage mobile-attached devices (e.g printers, scanners)
EMM FEATURES
EMM :: MDM

 Full-featured enterprise app store
 Containerization/sandboxing
 App containerization using developer SDK/toolkit, app wrapping
 Block copy/paste between apps, from email, etc.
 Restrict which apps can open a given file
 App inventory tracking / usage monitoring
 Remote desktop access to apps and data on desktop from mobile
EMM FEATURES
EMM :: MAM

[ EMM FRAMEWORK :: MEM SOLUTIONS ]
(Management)
Solution
MDM: Mobile Device
Management
Management
MIM: Mobile Information
Management

[ EMM FRAMEWORK :: MIM SOLUTIONS ]
(Management)
Solution
MDM: Mobile Device
Management
Management
MIM: Mobile Information
Management

SECURE BOOTLOADER
SYSTEM SOFTWARE SECURITY (UPDATES)
APPLICATION CODE SIGNING
RUNTIME PROCESS SECURITY (SANDBOX,
APIs)
HARDWARE SECURITY FEATURES
IN-REST PROTECTION
IN-TRANSIT PROTECTION (SSL, TLS, VPN)
PASSCODE PROTECTION
CENTRALIZED APPLICATION DISTRIBUTION
SETTINGS DELIVERY (PERMISSIONS,
CONFIGURATIONS)
REMOTE MAGAGEMENT
LOG COLLECTION
[ MOBILE DEVICE SECURITY ENVIRONMENT ]
SPOT THE DIFFERENCE  NO DIFFERENCE, RIGHT 

[ KNOW YOUR APPS – 3RD PARTY REPORTS ]
AFFECTED PLATFORMS

APPTHORITY REPORT HIGHLIGHTS
AppReputationReport,Winter2014%
91%
83%
70%
56%
58%
24%
31%
22%
91% iOS apps exhibited risky behaviors
83% Android apps exhibited risky behaviors
70% iOS and Android apps allow location tracking
56% iOS and Android apps identify the user’s ID (UDID)
58% free Android apps share data with ad networks
24% paid Android apps share data with ad networks
31% free apps access users’ contact list or address book
22% paid apps access users’ contact list or address book

[ KNOW YOUR APPLICATIONS ]
AFFECTED PLATFORMS

Email; 73,00%
Messages; 85,00%
Calendar; 76,00%
Contacts; 95,00%
Notes; 89,00%
Calls; 93,00%
FEATURES VS PRIVACY :: BUILT-IN APP

Kik Messenger;
79,00%
Viber; 87,00%
Whatsapp; 85,00%
Hangouts; 80,00%
Yahoo Messenger;
75,00%
Skout; 76,00%
WeChat; 78,00%
BBM; 86,00%
Facebook
Messenger; 87,00%
Lync; 61,00%
FEATURES VS PRIVACY :: IM APP

 Account
 country code, phone number
 login / tokens Facebook wasn’t revealed
 ‘Buy me for….$$$’ 
 Avatars :: phone+@s.whatsapp.net.j (jfif)
 Address book
 No records of address book were revealed…
 Check log-file and find these records (!)
 Messages
 Messages
 Date & Time
 content of message
 ID :: phone@s.whatsapp.net
 Attachments (as is)
[ APPLICATION EXAMINATION ]
ONLYTHOSEI HAVETOUSEEVERYDAY FORENSICSEXAMINATION

 Account
 country code, phone number
 Device Hardware Key
 login / tokens of Twitter & Facebook
 Calls history
 Name + internal ID
 Duration + date and time
 Address book
 Quantity of contacts / viber-contacts
 Full name / Email / phone numbers
 Messages
 Conversations
 Quantity of messages & participants
per conversations
 Additional participant info (full name,
phone)
 Messages
 Date & Time
 content of message
 ID
 Attachments & Preview (as is)
 VoiceMessages
 Media
 Snapshots (iOS only)
 Snapshot of active chat

 Account ::: PIN , Names, Status "74afbe19","Yury Chemerkin“, "*fly*“, "@ Holiday Inn (MOSCOW)"
 Information
 Barcode / QR history (when, what)
"QR_CODE","bbm:2343678095c7649723436780","1382891450014"
 Transferred files "RemotePin“, "Path","ContentType“, "image/jpeg“, "23436780“,
 "/storage/sdcard0/Android/data/com.skype.raider/cache/photo_1383731771908.jpg“
 Transferred as a JFIF file :: FFD8FFE000104A464946 ......JFIF
 Invitations: "Pin","Greeting","Timestamp",”LocalPublicKey/PrivateKey","EncryptionKey«
 Messages (Date, Text,…) :: "1383060689","Gde","Edu k metro esche, probka tut","Park
pobedy”,"Aha","А щас","Belorusskaja","Долго"
 Logs
 Revealing PINs, Email, device information,
 Applications actions associated with applications modules *.c files, *.so, etc.
 It helps to analyze .apk in future

 Contacts
 Full Name
 Work Info
 Phone number (00-country-code-….)
 Email
 Is AppName user
 App Info
 App Name (list of app)
 App Icon
 Misc
 Friends group,
 Friends requests
 Members
 Messages
 Country Name
 FB number ID
 G+ number ID
 Twitter numeric ID
 Foursquare numeric ID
 FB access token
 NickName (Device name is like iPhone (Yury)
 Media
 Snapshots
 Profile photos
 App icons
 Credentials
 Nothing revealed

Vkontakte; 78,00%
Facebook; 83,00%
Instagram; 67,00%
Twitter; 81,00%
Google+; 55,00%
LinkedIn; 59,00%
Pinterest; 57,00%
MySpace; 61,00%
Groupon; 68,00%
So.Cl; 42,00%
Scribd; 63,00%
SlideShare; 67,00%
FEATURES VS PRIVACY :: SOCIAL APP

 Media
 User images/avatar (first of all, of those
who're on messenger/chat)
 Snapshot of app screen (iOS only)
 Pic/avatar URL,
 Image cache .jfif
 Conversation
 Thread ID, Name , Date & Time
 Quantity of Messages
 Message / body
 ID of sender/recipient
 Status :: Unread/archived/can reply
 Account
 Tokens, incl. private
 Lot of configs
 Numeric ID of account
(100001827345335.plist)
 Address book / Synchronized
 Full Name, Email , Phone number
 Users
 User ID, User Name , User NickName
 Has a mobile messenger? Is a Friend ?
 Email
 FB Messenger
 configs
 User Phone Number
 Friend avatars
 Credentials

 Media
 Snapshots
 Profile Info
 Friend profile URL + Full Name + Photo
 Twitter User name
 FB Permissions – publish stream
 FB token key & expiration
 Login name
 Actions
 Comments & profile name of those who
comment photo
 Cache of uploaded photos plus date & time
 Stored on Amazon S3 
 Credentials
 Network (in-transit)
 Profile Name + URL
 Friends’ Name + Url
 Upload /Download photos
 Comments
 Seems everything except credentials

 Media
 Snapshots
 Messages time
 Conversations
 Attachment Info, URL
 Uploading attachments in plaintext
 Sending messages in plaintext
 Friends
 Full Name
 Profile URL Avatar
 Birthday
 Misc tokens (?)
 Credentials

Google Maps;
73,00%
FourSquare; 85,00%
Yandex Maps;
76,00%
Navitel; 64,00%TrackMe; 51,00%
GeoBucket; 54,00%
2GIS; 61,00%
Banjo; 62,00%
Trover; 69,00%
FEATURES VS PRIVACY :: GEO APP

 Media
 Snapshots
 PNG map shots of friends & check-ins
 Uploaded photos via app on check-in event
 User/Credentials
 Search request info by name/location/etc.
 Like, Comments + friend username per
check-ins
 Badges + description and who unlocked it
 Credentials weren’t revealed

Box; 67,00%
Dropbox; 67,00%
OneDrive; 51,00%
Yandex.Disk; 65,00%
Mail.Ru; 65,00%
Amazon Cloud
Drive; 67,00%DocsToGo; 71,00%
AdobeReader;
51,00%
QuickOffice; 71,00%
Office Mobile;
51,00%
eFax; 73,00%
AsusWebStorage;
51,00%
Google Disk; 57,00%
FEATURES VS PRIVACY :: OFFICE APP

 Logs
 iOS version as a log-file-name
 Settings like upload_over_cell or
geofence_state
 User_id (numeric)
 Perms like “permission.photos.granted”
 Extension
 Connection time – WiFi, Cellular
 Size
 Download info (started, finished, failures)
 Device ID
 Uploads
 Images, resized images
 Other files as is even (cpp )
 Cached PDF as separated jpg pages
 Media
 Snapshots (iOS only), profile photo
 Credentials

 OneDrive + OneDrive for Business
 Uploads
 URL to download (have to login via liveID)
 Full url to download file
 Full user name
 Downloaded files as is
 Permissions info
 PDF stored NOT as separated jpg pages
 Credentials
 Office Mobile
 login name (= email)
 cached files w/o name
 Sharepoint URL even it's not public
 Media
 Snapshots (iOS only)
 holiday inn reservation pdf as a jpeg

Yelp; 57,00%Hotels.com; 64,00%BlackBerry Travel;
73,00%
Hilton; 78,00%
IHG; 81,00%
Hilton; 73,00%
SPG; 79,00%
Booking.com; 54,00%
Marriott; 56,00%Delta; 67,00%
British Airways; 23,00%
Aeroflot; 73,00%
United Airlines; 61,00%
American Airlines;
56,00%
JetBlue; 43,00%
HotelByMe; 23,00%
Miles & More; 27,00%
Lufthansa; 26,00%
KLM; 64,00%
S7; 62,00%
AnywayAnyday; 74,00%Taxi (any); 31,00%
FEATURES VS PRIVACY :: TRAVEL APP

 AeroExpress
 Account & Credentials
 Email address = login
 Password
 Phone Number
 Products
 Tickets number & QR-ticket
 How to use e-Ticket
 What time train departs & arrives 
 Payment Info
 Full Name
 Card number
 Expiration Data
 CVC/CV2 wasn’t revealed
 Repack app and grab any type of data
 Aeroflot
 Account
 ID , email, password
 Other id & tokens
 Information
 Loyalty (bonus) of your membership
 all you ever type
 Date of birth
 Passport details
 All PASSPORT INFO (not only travel data)
 Your work data (address, job, etc.) you have
never typed! (except preparing member
card)
 Flights tickets
 Repack app and grab it

 Account
 ID , email, password
 Information
 Loyalty (bonus) of your membership
 all you ever type
 Date of birth
 Passport details
 Book/order history
 Routes,
 Date and time,
 Bonus earning
 Full info per each order
 Connected cards
 Encryption?
 AES
 256 bit
 On password
anywayanydayanywayanyday
 Store in plaintext
 Sizeof(anywayanydayanywayanyday) =
192 bit

 Delta (Fly with Delta)
 Account
 ID , password is seems encrypted on
Android& BB, password not found on iOS
 Information (android & bb only, nothing found on
iOS, seems not precached)
 Loyalty, Membership 901***** Skymiles
 Flight
 confirmations, depart time, flight #::
GCXXXX || 0467 || 2013-11-
07T12:40:00+04:00 || DL90
 "checkedIn": "false“, "seatNumber":
"09B",
 Issued date, ticket # :: "2013-10-
26T15:37:00-04:00", 006xxxxxxxxxxx
 Aeroports ::
 SVO/ "Sheremetyevo Arpt, JFK/"John
F Kennedy International“, NYC / "New
York-Kennedy“…
 British Airways
 Account
 ID , password on Android, BB
 ID on iOS
 Loyalty card number & Info
 Tracked Flights Info (iOS)
 Full Name (iOS), Email (iOS)
 Product
 Not revealed (tickets, history or else)
 PassBook Integration (iOS only)
 Media
 Snapshots
 Cached images with exif (like NY SkyBridge)

AlfaBank; 4,00%Raffeisen; 4,00%RSB; 4,00%
Sberbank; 6,00%
Citibak; 3,00%
Tinkoff; 3,00%
Paypal; 16,00%
Qiwi; 14,00%
Megafon Money;
17,00%
Yandex Money;
17,00%
RBK Money; 22,00%
Mail.Ru Money;
15,00%
A

 Account
 Phone number
 Password, secret code weren’t revealed
 Trace app, find the methods use it
 Repack app and have a fun
 No masking of data typed
 Information
 Amount
 Full info in history section (incl. info about
who receive money)
 Connected cards
 Encryption?
 No 
 Bank cards
 Masked card number only
 Qiwi Bank cards
 Full & masked number
 Cvv/cvc
 All other card info 

 Megafon.Money
 Account
 Phone number
 tokens
 Other
 Password wasn’t revealed
 Rest data wasn’t found
 RePack app and find everything
 Mail.Ru Money
 Account
 ID (email = payment ID)
 Password , salt hash (seems, SHA_X,
not detected which SHA)
 Payment Info
 Amount
 Masked bank card number

 Yandex Money
 ID info for Yandex Money
 ID info for Yandex
 Bank name per attached card
 Transaction history
 ID , Amount , User comments
 Status, Time & Date, Favorite or not
 Login per transaction
 misc
 Other
 Password and payment password weren’t
revealed
 RBK Money
 Email = login
 Password
 Payment Info
 Payment /Transaction History
 Phone number on SIM payments
 Masked bank card number like xxxx****xxxx

 Bank apps
 Rarely store anything in-the-rest
 Obfuscation happens / NDK instead of JDK
 Alfabank reveals geo data in-the-rest
 Alfabank reveals the latest phone number in
payments
 Repack app and grab everything from
memory (credentials too)
 Tinkoff offers his own input field,
seems protected
 Other
 Password and payment password weren’t
revealed
 Snapshots are protected (!)

In-the-Rest; 57,00%
In-the-Transit;
71,00%
In-the-Memory;
95,00%
PRIVACY LEAKAGE :: % OF DATA LEAKAGE

FORENSICSAPPLICATIONEXAMINATION:: EXCITINGFAILS
App Type/Protection In-Rest In-Memory In-Transit
built-in apps Plain-Text Plain-Text Rarely Encrypted
IM apps Plain-Text Plain-Text Weak Encryption or SSL
Social app Plain-Text & Rarely Store smth Plain-Text Best case - SSL/HTTPS
Geo Apps Plain-Text Plain-Text Best case - SSL/HTTPS
Office Apps Plain-Text Plain-Text SSL/HTTPS
Travel Apps Best case - weak encryption Plain-Text Partially Encrypted
Bank apps Rarely Store smth & Good Encryption Plain-Text Encrypted

 PACKAGED/WRAPPED APPLICATIONS
 QUANTITY OF APPLICATION CHALLENGE ( OBVIOUSLY > 100  )
 COOPERATION WITH APPLICATION VENDOR
 SEPARATION OF PERSONAL, WORK, AND SUSPICIOUS APP
 SERIOUSLY DIFFERENCE ON APP INTERFACES PER EACH OS WITH THE SAME APP
 VPN
 ENCRYPTION
 ACCESS RESTRICTION (GEO, CREDENTIALS)
EMM FAILS :: MAM

 LACK OF TYPE FILES’ MANAGEMENT
 LACK OF STORAGE SERVICES’ MANAGEMENT
 LACK OF DEVICE FILES’ MANAGEMENT
 LACK OF VENDOR SUPPORT
 NEED OF A ROOT ACCESS TO DEVICE IN CERTAIN CASES
 MOBILE OS INCAPABILITIES TO BE INTEGRATED WITH MIM SOLUTIONS
EMM FAILS :: MIM

EMM :: WHO IS GOOD FOR ?
AirWatch an MDM and MAM specialist that helped Lowes deploy and manage iPhones
App47
which offers a platform that allows enterprises to deploy their own App stores (hot
opportunity alert)
AppBlade
which supports application deployments and management across iPhone iPad BlackBerry
and Android platforms.
AppCentral which also helps enterprises to develop app stores
BlackBerry
(BES/Fusion) is good for MDM partially MIM & MAM. Supports all mobile OS
MaaS360 is good with BlackBerry together
Kony which has a platform that allows partners to build enterprise app stores for customers.
MobileIron focused heavily on MDM
Nukona another provider of enterprise app store technology
Partnerpedia
the former builder of channel partner communities; now focused on private labeled app
stores.
WorkLight now owned by IBM; focused on mobile development tools middleware and management
Terria Mobile which offers a platform for app management.
Good Technology supports application deployments and management across modern OS

Call ‘setStorageEncryption’ API for locally stored files (new Android OS v4+)
Encrypt externally stored files on SD Card or Cloud (any OS)
Reduce using of ‘MODE_WORLD_READABLE ’ unless it really needs
Avoid hardcoded and debug tracks as much as possible (it’s easy to
decompile)
Add extra protect beyond OS (encryption, wiping, etc.)
ANDROID SPECIFIC REMEDIATION

Never store credentials on the phone file system. Use API or web scheme instead
Define when encryption signature doesn’t matter, else avoid it
Use implemented protection mechanism in iOS…
But … add extra protection layer beyond OS protection in case of jailbreak
Use any API and protection mechanisms properly but never default settings
Don’t forget to encrypt SQL databases
iOS SPECIFIC REMEDIATION

One More Salvation – Black Phone (?)
GeeksPhone–SpanishHardwareStartUp SilentCircleisprivatelyfunded(Americans)

 Silent Circle is U.S. based company
 Zimmermann is cofounder of mobile privacy software firm Silent Circle
 GeeksPhone is a Spanish smartphone hardware company/start-up
 GeelsPhone sells open Android phones and developer devices of Firefox OS.
 SPG Technology is a Switzerland-based join venture
 IntelliJ IDEA is used to build applications
Black Phone – Examination of Rumors
Websiteoffersnodetailsonhowthoseextralevelsofsecuritywillbeimplemented,but..

 How was the idea for the Blackphone
conjured up?
 Large market of folks who didn't want
to build their own car, but they
wanted a good car
 Why should users want to have a
Blackphone? Security Center
 At $629 is the total package.
 Lot of security magic to stop leaks out
 Who is buying the Blackphone?
 45 percent of orders have come from
Europe and 38 percent from North
America
 Blackphone is gathering as little
information as possible on who is
buying its product
 Who should be buying a Blackphone?
 There are clearly industries that are
already predisposed to seek privacy,
such as stockbrokers, attorneys,
senior executives
 Why is this phone safer than what's
currently out there?
 It's safer because it's more usable
 Every bit of information the phone
sends out is encrypted whether it's a
call or a text. No one can offers it now
 BYOD/Enterprise?
 Absolutely, even MDM tools
 How secure is the Blackphone?
 Anybody who claims that anything is
hackproof is clearly selling snake oil
Black Phone Software – Examination of Rumors
ComputerRetailWeekinterviewsfoundersandstates

 Silent Circle Apps
 Silent Phone
 Silent Text
 Silent Contacts
 Blackphone-built Apps
 Blackphone Security Center
 Blackphone Activation Wizard
 Blackphone Remote Wipe
 3rd-party Apps
 Disconnect Secure Wireless
 SpiderOak Blackphone Edition
 Kismet Smart Wi-Fi Manager
 Misc
 PrivatOS
 International Power Adapter Kit
Black Phone - Software
TheBlackphoneisanannouncedsmartphonedevelopedbySGPTechnologies,thatwill
provideencryptionforphonecalls,emails,texts,andinternetbrowsing.

 Silent Phone: Encrypted voice and
video calls on iOS and Android, it can
be used with Wi-Fi, EDGE, 3G or 4G
cellular. Encrypted VoIP from
Windows computers.
 Silent Text: Encrypted text messaging
and secure cloud content transfer
with “burn notice” feature for
permanently deleting messages from
devices.
 Silent Mail: Discontinued August 9,
2013. Encrypted e-mail on Silent
Circle’s private, secure network and
compatibility with popular e-mail
client software.
 Silent Contacts: App is prebuilt with all
previous
Black Phone - Examination
Serversofitscustom-builtnetworkarelocatedinCanada
AlsoSupportsiOS,Android,WindowsDesktop

 Silent Phone/Text/Contact: available for iOS & Android with source code on GitHub
 Remote Wipe: Provides no centralized cloud service to manage device
 Private OS: Android 4.4 KitKat
 International Power Adapter Kit: Android 4.4 KitKat
 Disconnect Secure Wireless: its custom-built VPN client
 Kismet Smart Wi-Fi Manager: Public Wi-Fi Manager
 SpiderOak: Encrypted Cloud Storage
Black Phone - Examination
Thecompany'sproductsenableencryptedmobilephonecalls,e-mail,textmessaging,
andvideochat.Serversofitscustom-builtnetworkarelocatedinCanada

 It manages Android phone Wi-Fi
connection by automatically learning
where you use networks. Wi-Fi is only
enabled when you are in a location
have previously used Wi-Fi, increasing
battery life, security, and privacy.
 It is a paid app in Google Play but fully
open source under the GPLv2 license.
 It aims to be smart, invisible and will
manage Wi-Fi state in the background.
 Airplane mode and Wi-Fi Tethering
modes are detected and respected
 Since Wi-Fi will be turned off, your
phone won't be broadcasting your
home network name everywhere you
go! It prevents spoof attacks
 Successfully installed on BlackBerry 10
Black Phone /
Smart Wi-Fi Manager
Isthatsecured?

 It is US based online backup tool to
back up, share, sync, access and store
data using an off-site server.
 It is accessible through an app for
Windows, Mac and Linux computer
platforms, and Android, N900 Maemo
and iOS mobile platforms
 It uses encrypted cloud storage and
client-side encryption key creation, so
even employees of SpiderOak cannot
access users' information
 It provides automatic de-duplication
of data
Black Phone /
SpiderOak
WhynotBoxorMega?

 It can be incorporated to the typical
policy and management tools in a
business environment
 A web-based console which grants a
nominated customer administrator
“super user” status within his or her
own network.
 Create, organize and bulk distribute
via email to provide team members
with Silent Phone, Silent Text, and
Out-Circle Access.
 Create groups and sub-groups to
reflect your company’s organization
and allocate encrypted mobile apps
accordingly.
 Dynamically manage and control
(enable/deny access) for all users
under your administration.
 Enable outliers, contractors, and third
parties to communicate securely with
your team on the fly.
Black Phone /
SCMC (MDM)
Oh,God

Encrypted Contacts, splitted for personal &
business uses
Encrypted Text, Media Messenger
VoIP for encrypted Calls
Smart WiFi Manager to prevent attacks
Disconnect Secure Wireless VPN
Privat OS is Android 4.4 KitKat
MDM w/o MAM, MIM, MEM
BlackPhone gathers little info on who is buying it
Alike any other app on AppStore or
GooglePlay,WorkBalance MDM Solution
TextSecure,CryptoCat, BBM, etc?
VoIP is everywhere for the less price 
Gather Geo, Network Data, AutoLearn
VPN is everywhere too
GeeksPhone offers a root access …
Impractical, MAM need at least
Name, Address, Payment method, Personal or
Enterprise
Black Phone: Pros & Cons
Fullyprotected(noanyPoCyet) Impractical&too commercial

Black Phone: Pros & Cons : Storages
SpiderOak Isthatonlyone?
Provider Encrypted storage Personal Encryption2
Carbonite + +
Copy + +
CrashPlan + +
ElephantDrive + +
Handy Backup + +
IASO Backup + +
Jungle Disk + +
KeepVault + +
MediaFire + +
MEGA + +
Norton Zone + +
OwnDrive + +
SpiderOak + +
Sync + +
TeamDrive + +
Wuala + +
Box (PreBuild on BlackBerry) + +

Black Phone: Pros & Cons
PrivatOS Android iOS BlackBerry
PrivatOS Enhancement Android Default BlackBerry iOS
Search Anonymous Trackable Both & Flexible Both
Bundled Apps Few, and all privacy-enabled
Many, with privacy disabled
by default Least privilege access control On-Demand Access
Wi-Fi usage
Smart disabling of all Wi-Fi
except trusted hotspots
Always on for geolocation
and user tracking Separate + Per Apps Global + Separate Per App
App permissions
Fine-grained control in a
single interface All-or-nothing Fine-Grained Control On-Demand Access
Communication tools
Private calls, texting, video
chat, file exchange up to
100MB, browsing and
conference calls
Traceable dialer, SMS, MMS,
browser. Vulnerable to
spoofed cell networks and
Wi-Fi
Both, need VPN
configuration
Both, need VPN
configuration
Updates
Frequent secure updates
from Blackphone directly
Supplied infrequently after
carrier blessing
from BlackBerry directly
from Apple directly
Remote Wipe & Anti Theft Anonymous (??)
Requires use of centralized
cloud account Cloud account Cloud account
Business Model
Delivering privacy as a
premium, valued feature
Personal data mining for
tracking and marketing
Delivering secure & privacy
as a default valued feature
last 20+ years Music, App, Games :)
Management MDM
Weak MDM
Features/Samsung enhanced MDM, MAM, MEM, MIM,… MDM, MAM, MEM, MIM,…

6.3. How to get out of an inprivacy jail

Recomendados

Recomendados

Mais conteúdo relacionado

Semelhante a 6.3. How to get out of an inprivacy jail

Semelhante a 6.3. How to get out of an inprivacy jail (20)

Mais de defconmoscow

Mais de defconmoscow (20)

Último

Último (20)

6.3. How to get out of an inprivacy jail