Blackphone Cracked in Under Five Minutes at Hacker Conference

blackphoneSGP Technologies Blackphone, marketed as the worlds first privacy-optimised smartphone, has been rooted and cracked in less than five minutes at the DefCon hacker conference.

The phone, which began shipping to pre-order customers at the end of June, was designed with an array of integrated features designed to protect the users identity and data, including private encrypted voice and video calls, a wi-fi manager that prevents hotspots from capturing data and a remote wipe and protect functionality.

The phone was cracked by security researchers at engineering group TeamAndIRC by exploiting a crack in the Debugger Kit code for the Android OS the phone is built upon. The hack wasnt based on exploiting weak code, but rather using a hole discovered in the debugger that developers can access when programming apps for the heavily-secured device.

Blackphone has expressed thanks towards the team for bringing the issue to their attention. They wrote on crowd publication site Medium, saying: “According to TeamAndIRC there were three issues discovered. The first one is that he was able to get ADB turned on. Turning ADB on is not a vulnerability as this is part of the Android operating system. We turned ADB off because it causes a software bug and potentially impacts the user experience, a patch is forthcoming.

“His second discovery is accurate and here is the point I want to stress to the community. We found this vulnerability on July 30, had the patch in QA on July 21, and the OTA update released on 1 August. That is pretty fast, no?”