Upwardly Mobile
developing private and secure phones
The pursuit of secure telecommunications has an entertaining history and the capabilities of this technology has greatly increased over the years. If you take into account the technical specifications of today’s iPhones, for example, you might wonder why smart phones should not be able to equal laptops and desktops when it comes to generating and executing the strongest cryptologic functions now available given that they are capable of comparable processing power.
Books can be written about the subject. After chronicling the story of a phone company that served clients engaging in various dirty deeds, Joseph Cox concludes his recently published book Dark Wire with a discussion about what encrypted phones might mean for non-criminals. The author concedes that take down of criminal enterprises does nothing to end the drug trade. The race against internet security and the war against communications privacy are also futile. This is why, referencing at least one company, Graphene OS, Cox writes that "the impediment to action advances action," meaning that this effort to undermine communications privacy will only contribute to the redoubling of efforts to fortify such an essential human concern.
Additionally, most professional cybersecurity experts will admit that a backdoor for the government is equally a backdoor for bad actors in every system, including the (spyphone, ankle bracelet) devices that practically everyone in modern society carries with them at all times.
But if you do not want encryption for organized crime, why would you want it for the military or police? Police constantly abuse our civil liberties and act unaccountably in the dark and violate our rights with immunity. No one is going to see their phone records and internet traffic. Can we plaintext $390+ million police phones? Why not?
The Kicksecure Datasheet
Before dividing this article into a few crucial technical subsections, the inquisitive reader might appreciate this brief overview of the privacy and security focused phones available on the market today.
Now, apprised of several of the available mobile phones in this class and of their technical characteristics and the goals of their respective developers and software communities, there are a few questions we might ask ourselves before choosing among these options or developing our own phones.
Later, if you haven’t already decided for yourself what phone best meets your needs, you might return to this discussion with a more developed view able to discern for yourself the better from the worse according to your informed judgment. The point is to recognize that there is agency in technology--and it varies--not a definite, singular arithmetic. Although the uniformity of mass productions and the specialized nature of technical information might present consumer choices as dictated defaults chosen by another instead of elected selections chosen by oneself, it is worthwhile to consider good tech as the aggregate of a series of trade-offs met with discernment.
What to do about Updates?
In my experience, the best way to update Linux devices is with tor and onion repositories. This is because, for instance, updating with http but no encrypted transport, even if it is GPG signed (verified) as is the case with dnf5, means that an attacker still has access to metadata that can be used to target and attack a victim or obstruct the update. Since it is possible to access tor tor on mobile devices and to access onionsites, why not update phones with tor and onionized repositories? If you don’t think this is possible, just take a few minutes to try out Tor Browser on Android or iOS by downloading the browser from your app store and then simply navigate to Startpage or Duckduckgo .onion search. It works! Then, Mobian OS, derived from Debian which has onionized repositories, should be able to be configured to update over tor from onionized repositories without excessive difficulty.
We need a lot more tor development on mobile. For more information, check out these links:
Graphene OS can be updated with encrypted private system DNS (tls://) and with certain VPNs and proxies but not with tor. GOS apps can be updated over tor with Orbot and Fdroid--even with Accrescent and perhaps with Obtainium—but not with Google Play Store.
At one time, GOS intended Vanadium to proxy with VPN or “tor.” That intention seems to have been removed.
What are the Best Encrypted Messengers?
First, you might ask if network layers and modes matter or if it is all just about the encryption at the application level. If we are to draw any conclusion from the fact that the inventor of PGP, Philip Zimmermann, abandoned the Blackphone hardware project and works only on the Silent Circle app, it must be true that the application layer can make up for insecurities in the network and lower level layers. Or, making the full hardware and software package was too challenging. If you were not even aware that cellular networks come with protocol insecurities like SS7 and vulnerabilities in the baseband radio firmware and are operated by Federal entities, then the question might have appeared moot at first glance. But if there are incorrigible flaws in the carrier, perhaps our phones could be connected by a netowrk infrastructure we maintain. There are no “local control” cellular LANs. But it is possible to build community owned infrastructure with LoRa (low bandwith but considerable distance) radio towers or use Bluetooth in a close local area. The last option might require verifying that it is really possible to secure the notorious Bluetooth protocol as Briar must claim. However, Briar if fully capable of utilizing tor on cellular or wireless networks even if this app requires real-time communication or a dedicated mailbox device.
Cwcth
Cwcth looks like the best option to me because an individual or organization can build their own onionsite server to relay messages.
Molly
Molly is a fork of Signal that works with tor. Signal is currently the secure messenger standard but is only available on Company app stores and does not utilize metadata protection networking as Molly does with tor (socks5).
Briar
Briar is an interesting messaging app that utilizes tor and can communicate locally in case larger scale networks are down or undesirable. The need for an always-on inbox might detract slightly, but if used for real-time event communication, it would be very secure and useful. Couldn't have been shut down in Tahrir Square or Hong Kong's Umbrella Revolution. No reason Bluetooth can't be secured like LTE and wireless, although perhaps more easily scanned for than cellular.
LoRa is also of interest for local communication and can serve as a method to carry encrypted messages.
DIY Hardware and Software Alternatives
Pine 64 - https://pine64.com/product-category/pinephone/
Mecha Comet - Mecha is a crowd source project to build a mobile linux computer set to debut this spring. One of their project options is a phone, which will require a cellular hat of some variety.
Mecha is recommending Ada Fruit Fona or the 3/4G Pi Talk (sixfab). But since LTE doesn’t always do the trick, there is a n258 5G mm wave but Quectel is on the list and this hat is bulky (even minus casing)
Mecha is reminscent of this project, but for phones instead of laptops.
Mobian OS - Debian for mobile.
NixOS - Always want to get in to terminal on a phone. There is more than Termux with NixOS.
Fedora Touch (Google tracking schill like Ubuntu)
https://discussion.fedoraproject.org/t/how-to-install-fedora-linux-on-android-mobile-devices/85867
https://devices.ubuntu-touch.io/
Miscellaneous Security Features
Kernel hardening is important. I guess GOS doesn’t like joydev. . . Take a look at this blacklist in Kicksecure (/etc/modprobe.d/30_security misc)
Sandboxing in GOS - https://grapheneos.org/features#improved-sandboxing
Sandbox Firefox browser (Fennec) - https://www.ghacks.net/2017/01/23/how-to-change-firefoxs-sandbox-security-level/
ROMs (.img) and Memory Safety in Mobile Devices
Something to think deeply about. True of mobile devices as with larger platforms.