Software bug made the seemingly secure Blackphone vulnerable to snooping
The Blackphone might not be as secure as advertised.
Ars Technica reports that the device had a bug which allowed anyone to read messages sent to it, write code to its internal storage, view its contacts list, and track its location.
The researcher who discovered the bug claims the only thing needed to exploit it was the phone number or unique Silent Circle identification number associated with the device.
Silent Circle makes the Blackphone's software and the encrypted communications tools meant to prevent the device's contacts, phone calls, or messages from being spied on.
The device was among the first products to take advantage of the renewed interest in security tools following the revelation of surveillance programs by Edward Snowden.
Other devices, of course, are known to provide similar information to countless outside companies -- which then, knowingly or not, provide it to intelligence agencies -- without an exploit.
Yet those products aren't advertised based on their security, and unlike the Blackphone, many smartphones don't require consumers to pay more than $600 for them up front.
Silent Circle is said to have fixed the bug allowing this data to be stolen, and the company has some interesting ideas about how it can make smartphones more private.
But this issue shows that even though "secure" products are becoming more popular in the post-Snowden era, nothing is ever truly un-hackable, or impervious to snooping.