Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Android Encryption Cellphones Privacy Security The Almighty Buck News Technology Your Rights Online

Sirin Labs Launches Solarin, a $14,000 Privacy-Focused Smartphone (venturebeat.com) 95

An anonymous reader writes from a report via VentureBeat: Sirin Labs has launched its high-end Android smartphone called Solarin. The company's mission is to create the Rolls-Royce of smartphones -- an advanced device that combines "the highest privacy settings, operated faster than any other phone, [and is] built with the best materials from around the world." Solarin promises "the most advanced privacy technology, currently unavailable outside the agency world." It has partnered with KoolSpan to integrate chip-to-chip 256-bit AES encryption, which is similar to what the military uses to protect its communications. As for the specs, Solarin features a Qualcomm Snapdragon 810 processor, with support for 24 bands of LTE, and "far superior" Wi-Fi connectivity than standard mobile phones. There's a 23.8-megapixel rear camera sensor and a 5.5" IPS LED 2K resolution display. The phone goes on sale June 1st for nearly $14,000 ($13,800 to be exact).
This discussion has been archived. No new comments can be posted.

Sirin Labs Launches Solarin, a $14,000 Privacy-Focused Smartphone

Comments Filter:
  • by Anonymous Coward

    Do they even *know* what's in the Snapdragon SoC? I mean, even with an (hypothetical, but thanks to LowRISC perhaps reachable) open design SoC you'd have to trust the foundry to not play shenanigans on you [1], but blindly buying from Qualcomm/ARM and whatever other parties are in there, with a mutual assured destruction level of NDAs between them?

    Hmmm.

    [1] http://static1.1.sqspcdn.com/s... [sqspcdn.com]

    • Yeah. This thing smells of snakeoil like those $50k gold audio cables.

      • by Dunbal ( 464142 ) *
        Pretty sure it will have a backdoor with a hard coded password like Niralos1234. These kinds of things usually do.
      • Yeah. This thing smells of snakeoil like those $50k gold audio cables.

        Big difference. The audio cables are in your home, where nobody sees them until they already know you. But this cellphone can be used to make a first impression. When a human male reaches mating age, he develops a need to display fitness and social status in order to attract a desirable mate. We already have $15,000 watches, so why not a $15,000 cellphone, that he can display by setting it on the table during a first date. He could even prearrange with one of his friends to call the phone, and pose as

      • Also wouldn't the privacy be useless unless the other party has a similar phone? I mean sure, your end of the exchange could be secure, so it would just mean the 3 letter agency would go after whoever you are communicating with.

        and face it, if they are after you -- to the point where they are trying to drop eaves on your conversations, they already know who you're associating and communicating with. And probably have a warrant to get your phone records anyways.

  • by ricky-road-flats ( 770129 ) on Wednesday June 01, 2016 @05:08AM (#52224083) Homepage
    ...and then the Facebook app gets installed. Game over.
    • Secure/privacy "phone" had camera -- fail.

      • by Junta ( 36770 )

        And a microphone! Can't have a private phone with a microphone. What does a phone need with a microphone anyway?

        Seriously though, a camera can be effectively taken care of by a piece of tape if someone is that worried. The microphone is a much more tricky reality.

        Either way, this device is BS preying upon the rich and gullible (frankly I doubt that's a big market, people don't generally get/stay rich if they are so gullible).

        • you can't secure android. cannot. be. done.

          android is a steaming pile that ONCE was a respectable linux install.

          google had their way, they messed it up and its broken by design, now.

          even if we ignore the software, there are many layers to the radio system and you cannot, just CANNOT secure that. diff entities (groups) have access to diff layers of the radio and phone mgmt.

          yes, this is for the gullible.

          the real secure guys would not be using a phone network, not be using off the shelf carrier-approved chip

          • you can't secure android. cannot. be. done.

            As opposed to? You think you can trust Apple, or Microsoft, or even Blackberry?

            At least with Android, you could theoretically compile your own from source.

        • by Desler ( 1608317 )

          A phone isn't much of a phone if you are unable to talk to the person on the other end due to no microphone.

    • It was game over once the SIM was installed and the power turned on. Connecting to the legacy network that has no notion of privacy means that no matter how privacy-focused your phone is it doesn't matter at all.

    • Yeah, confusing that it has 8 cores but doesn't mention anything like the sort of VM isolation that blackphone or qubes would have to help with the app/malware problem. And the Blackphone 2 is like... 13k cheaper.
    • ...and then the Facebook app gets installed. Game over.

      Much like OpenBSD, this device is likely designed to be secure by default.

      Unfortunately, exactly 0.00% of people will want to run it that configuration.

    • I'm wondering at what point we'll have a phone that is a hypervisor or physical cluster under the hood, capable of delivering a virtual environment or separate physical environment for secure access.

      All the insecure shit like Facebook or other dubious software applications could go in its own VM or on the "insecure" side, along with the baseband hardware. It'd be nice to be able to deploy multiple VMs for multiple VMs for various security levels.

      • by tlhIngan ( 30335 )

        I'm wondering at what point we'll have a phone that is a hypervisor or physical cluster under the hood, capable of delivering a virtual environment or separate physical environment for secure access.

        All the insecure shit like Facebook or other dubious software applications could go in its own VM or on the "insecure" side, along with the baseband hardware. It'd be nice to be able to deploy multiple VMs for multiple VMs for various security levels.

        Already exists, actually.

        ARM supports hypervisors, and most hi

  • At this price tag and if they really enforce security it should come with a private app store where everything is verified thoroughly by the constructor. 256-bit AES encryption won't do any good when the user starts installing malware...
    • At this price tag and if they really enforce security it should come with a private app store where everything is verified thoroughly by the constructor. 256-bit AES encryption won't do any good when the user starts installing malware...

      Needless to say, at this price point they're targeting what I would like to call "celebrity-grade" security.

  • "...The phone goes on sale June 1st for nearly $14,000 ($13,800 to be exact)."

    Still cheaper than the "Rolls Royce" Apple Watch models.

    C'mon, you can do better than that for people who have money to burn. Where's my solid gold option? This smartphone is only the price of a car. Surely you can figure out a way to charge as much as a house would cost for an electronic device that will be obsolete in 3 years.

    Sirin, did you not learn anything from Apple?

  • by Anonymous Coward

    This overpriced heap of junk uses a Qualcomm Snapdragon baseband, It is dead on arrival.

    https://www.usenix.org/system/files/conference/woot12/woot12-final24.pdf
    https://www.youtube.com/watch?v=fQqv0v14KKY

    Qualcomm often designs their basebands to have shared memory access to the RAM of the Application Processor that runs your Android/OS

    Qualcomm is one of the worst from a security and privacy standpoint.

    The Neo900 http://neo900.org/ is going to be much more secure, and much cheaper

  • by Anonymous Coward on Wednesday June 01, 2016 @05:25AM (#52224113)

    Well Ennetcom produced a PGP phone, they even marketed it to lawyers as secure enough for lawyer - client privileged conversations. It was built ontop of Blackberry's platform.

    The Dutch police raided it, seized its servers claiming the phone was being used by criminals hence it had the right to close it down as a tool of crime. It looked a bit from the timing like the Dutch police wanted to influence the iPhone encryption court case.

    So we were sure it actually WAS secure only after this (blatantly illegal) police action.

    And in turn we're also sure the Blackberry phone is backdoored, because police are very happy with that phone and make no attempt to raid Blackberry servers these days, and Blackerry CTO says they take a more balanced approach to end to end encryption than some of their competitors (i.e. Apple).

    So we won't know that this phone is secure, till its shutdown by an out of control police force.

    • Since I am Dutch, I would very much like to know what input you used to come to the conclusion this was an illegal police action.
    • So we were sure it actually WAS secure only after this (blatantly illegal) police action.

      You mean aside from the business itself being investigated and shutdown for money laundering, and the owners brought up on charges of weapon possession, and the police after seizing the servers informing all users that the servers are shutdown and not using them for a potential honeypot.

      Yeah all sounds suspicious to me, but not at all for the same reasons you're suggesting.

  • All that is needed is a pure android with some added functions to detect when you are on a government or police fake cellphone tower and other crud that leaks information.

    no need to build any hardware as a nexus unlocked phone or even a oneplus unlocked phone will do what is needed. it is simply a clean install of android with no added bullshit shovelled in and some extra tools.

  • Viewing angles (Score:5, Interesting)

    by esperto ( 3521901 ) on Wednesday June 01, 2016 @05:45AM (#52224151)
    A supposedly secure minded phone with screen with 178 viewing angle... genius!

    You may scape the NSA but you will not scape the prying eyes of your neighbor.
    • by AmiMoJo ( 196126 )

      Do they offer a privacy enhancing screen protector for it? In east Asia (and probably on Amazon) you can get ones that are polarized to reduce the viewing angle down to about 20 degrees, with optional matte or mirror finish. They also have little cleaning pads on spring cords so you can wipe the screen and erase any fingerprints, but most western phones (and western models of phones released in east Asia) seem to have removed the strap holes.

    • In fact you never know whether your neighbor works for a three letter agency. In the case of the silk road founder for example, he was in a public library, when two federal agents faked a quarrel so he was distracted and another federal agent then grabbed his laptop while it was unlocked. Its a quite low tech attack and even the best hdd encryption didn't help him after that.

      Most likely the Solarin phone wouldn't have protected him in this situation either.

      • Then add a daemon in the background that watches for your something you wear (bluetooth watch/nfc ring) and when it's out of range lock everything down.

  • by ytene ( 4376651 ) on Wednesday June 01, 2016 @06:13AM (#52224221)
    I guess (and I am by no means qualified to say) that as a secure appliance, this sort of solution might have something going for it. However, if you think about the threat landscape that a mobile phone has by definition to operate in, then isn't this an awful lot of money to pay for a minimal reduction in exposure? For example, here is a hastily-thought-up list of threats/attacks that even the most perfectly secure handset cannot shield you from:-

    1. The remote phone numbers that you call, or, if themselves for mobile devices, send SMS messages to.
    2. Potentially, the phone numbers that call you.
    3. Your location, as determined by triangulation from cell towers [assuming that you don't have a compromised GPS sensor in the handset.
    4. The duration of the calls you make and/or receive, plus your location, time of day, etc, whilst those conversations happen.
    5. The superset of data relating to you - that is: the location and activities of the counter-parties you communicate with, the on-chain communications that *they* participate in...
    6. All of your web and email activity [unless you have an effective S/MIME solution, and/or have a remote proxy server that you can configure into your phone browser.

    In other words, it is trivially easy to gather so much additional data from even the most secure handset that it simply isn't possible to disguise the activities you perform through a handset. EVEN IF YOUR OBSERVER CAN'T CRACK YOUR HANDSET.

    I would be very reluctant to dismiss this handset as the mobile phone equivalent of snake oil, but I wonder if clients are fully aware of the inherent limitations of the solution they are being offered, and if they think it's still worth $14,000?
  • Which is today, so just PM me for my address and have them ship it on over.
  • ... that some half-wit web/mobile developer n00b can find a hack for this in under 30 minutes.

    Another 100 Euros that any small Linux PC set up by a decent admin with Ekiga Voicechat over SSH is a bazillion times safer and way harder to crack for ye 3-letter agencies.

  • Unless they own the fabs, they can't guarantee the TLAs won't pown the very silicon laid down by their industry buddies. Remember when GCHQ wanted certain parts of The Guardian's laptops smashed to bits? Yeah.
  • by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Wednesday June 01, 2016 @07:11AM (#52224433) Homepage Journal

    From twitter [twitter.com]:

    â@laginimaineb May 29
    Just managed to extract the Qualcomm KeyMaster keys directly from TrustZone! Writeup coming soon :) (1/2)
    @laginimaineb May 29
    @laginimaineb And wrote a script to decrypt all keystore keys. This can also be used to bruteforce the FDE passphrase off the device! (2/2)

    Farewall, $14,000 phone. We hardly knew ye.

  • Sounds like a marketing scam to me, or perhaps just a scam.

    I'd suspect the market for a $14,000 phone is kinda slim. Unless it lets me talk to my future self in my domed habitat on Mars, I'll pass.

    I'd also suspect that anyone buying a $14,000 "privacy" phone will immediately go on a heightened surveillance list because, you know, terrorism.

    In addition, who's to say it's not a front company for the CIA/FBI/DHS floated out there as a way to lure in the suckers who want a secure phone to conduct illegal busine

    • I'd suspect the market for a $14,000 phone is kinda slim

      Well, the market for cell phones is in the billions. If they only sell to 0.01% of the richest and stupidest of possible customers, that's a billion dollars of sales.

      Heck, if they just sell seventy or eighty of them, that's a million dollars. Not bad for a hundred dollars worth of hardware and some coding that none of the users are likely to understand anyway.

      • If they only sell to 0.01% of the richest and stupidest of possible customers, that's a billion dollars of sales.

        Maybe, but I've seen this wishful statistical thinking before. Let's say I decide to sell my special super-pencils for $1000 a piece...all I need to do is sell 10 of them and I've made $10,000! Whoo hoo! That would be fantastic, except no one pays $1000 for a pencil, not even NASA. In reality my sales will be zero and I'll make nothing. This "you-only-need-to-sell-a-few" idea is great in theory, but doesn't usually translate well into reality.

        Now this phone may be different, but to find that 0.01% of the ri

  • by sjbe ( 173966 ) on Wednesday June 01, 2016 @08:28AM (#52224803)

    So I'm supposed to depend on some company I've never heard of, who doesn't own the intellectual property involved, who clearly doesn't have the resources to evaluate the code or audit the hardware properly, is "partnering" with other companies I've never heard of (who the F is Koolspan?), and who wants to sell me a phone "focused on privacy" (whatever that is supposed to mean) for an outrageous amount of money? For a piece of hardware that even if it makes it to market will be obsolete faster than the milk in my refrigerator will spoil.

    Umm, ok. What a deal.... [/sarcasm]

  • For that price, it had better come with a beautiful girl who blows you every time you make a phone call.

  • But cyptography and marketing don't really mix. The marketing subtext is that because this uses the very best chips and is too expensive for ordinary people to own, it's secure. But of course that's nonsense. Security is a system property. It's not the chips or algorithms, it's how you use them. And it costs money to figure out how to use them securely, an expense that you amortize over the total number of units sold.

    And at number of units you'll sell at a unit price of $14K, the gross revenues you have

  • At $14k you'd think they would round off the corners, but instead they made them taper into points. I see complaints of them wearing hold in Armani's suits left and right.

  • Toss out all the "valuable" materials (I don't give a shit if the phone is out of brushed steel or plastic, what matters is that I notice if it's been tampered with), lose the camera (privacy also means no picture), lose the insane resolution screen (it's a phone. As long as it can display numbers and letters we'll be fine). Then we're talking about a device for the security conscious, not yet another toy for people with more money than brains.

  • The only way to secure a modern smartphone is to shut it off, remove the battery, and then snap the thing into two pieces and then run the pieces through a shredder.

    And even then I'm not so certain about it being secure.

    Let's face it: once you make a call, at least the carrier and most likely the NSA, has metadata on your call. Does the phone come with a secure carrier that answers to no one? Didn't think so. Then there's GPS tracking. Then there's looking over your shoulder at the screen. Then there's the

  • "Solarin is pioneering new, uncompromising privacy measures to provide customers with greater confidence and the reassurance necessary to handle business-critical information."

    Selling a secure phone (whatever that even means) but with such weeping, drooling, confident marketing speak... Well, they are just begging to be a target. This is assuming they have written their own super-duper security software version 1.0. Either this is total bullshit or they will end up with egg on their via courtesy of their hu

  • built with the best materials from around the world

    If they aren't using Monster cables, I'm not buying it.

  • Comment removed based on user account deletion

Things are not as simple as they seems at first. - Edward Thorp

Working...