Friday, October 03, 2014

Blackphone review: putting a price on privacy

Source: http://www.engadget.com/2014/10/03/blackphone-review/

Whether it's government agencies, identity thieves, opportunistic hackers or marketers, everyone wants your personal data. As we live more of our lives than ever online, we're increasingly aware of how much data we produce, and the need to protect it. With smartphones playing a key role in our always-connected lifestyle, there's a new breed of services and devices for consumers who want to stay off the grid without going offline. Leading the charge is the Blackphone, a $629 handset that prioritizes privacy over everything else. Running a custom, secure version of Android and shipping with a wealth of privacy tools preinstalled, it claims to be an "unparalleled product" where data protection is concerned. Thanks to the awesome folks at online retailer GSM Nation, who were kind enough to send one for review, I've been getting to know the device and finding out how it keeps data safe from prying eyes.

Hardware

The Blackphone is billed as a security- and privacy-first device, not one with a record-breaking spec sheet or award-winning design. It shouldn't come as much of surprise, then, that its creators haven't invested in making the phone visually desirable. A company called SGP Technologies officially makes the Blackphone, but it is, in fact, a joint venture of encrypted-comms specialist Silent Circle and Spanish handset-maker GeeksPhone. While the latter's creations tend to prioritize function over form, none have looked quite as generic as the Blackphone, which could've easily come from any OEM competent in making squares with rounded corners. And the reality is that's exactly where it came from: The Wax from French company Wiko is essentially the same phone, albeit with a slightly lower-clocked processor and less internal storage.

There's no prize for guessing what color options the Blackphone comes in, because there's only one. A mixture of different types of black plastic make up the entire body of the phone, with a matte-effect back panel hiding the removable battery and microSD/micro-SIM slots. The outer rim of the device is clad in a deeper, almost shiny plastic dashed with silvery flecks throughout. The same material is used to cap off the lower end of the device -- a design flourish reminiscent of some older Sony phones.

The Blackphone is laid out in pretty standard fashion. On the top edge, you'll find the micro-USB port and headphone jack; on the bottom rim is the primary mic; and over on the right are the power button and volume rocker. Up front is a 4.7-inch display, with the earpiece, a multicolor notification LED and front-facing camera above. Below the screen are three backlit capacitive keys in the normal Android arrangement. Moving around to the backside, everything runs down a central column. From the bottom up, we have: a small loudspeaker grille and white Blackphone logo; a secondary mic; the main camera; and an oblong companion flash. The camera protrudes from the back by about 2mm, meaning it comes in contact with surfaces when the phone is lying face-up. While there's a ring of metal around the lens, it's not elevated and thus won't stop an abrasive surface from having its way with the glass cover.

OLYMPUS DIGITAL CAMERA

Considering the Blackphone only sports a 4.7-inch display, its dimensions are quite... healthy, at approximately 141 x 69 x 9mm (not counting the camera bulge). That means there's a decent amount of bezel framing the screen, but not enough to appear outside of normal proportions. More importantly, the Blackphone is comfortable to hold and use one-handed. An agreeable width takes some credit, but then there are the rounded corners that sit nicely in the palm, and the slight curvature to the back panel as it meets the edge of the device. The matte plastic of the battery cover also adds some grip, which helps with single-handed operation.

At 119g (4.2 ounces), the handset is extremely light. That's great for when you're carrying the phone around in your pocket all day, but it also reminds you this is basically an all-plastic affair. Don't get me wrong, everything is put together with a relatively high level of care, but I wouldn't call the build quality robust when you can bend and flex the thing easily. Then there are little lapses the QA department has obviously let slide, like the back panel not fitting snugly at the top edge, or the glass covering the camera lens glued slightly off-center.

So, the Blackphone doesn't look special, but the generic design almost complements the discreet nature of the device. It's unlikely to attract the attention of an opportunistic thief scoping out tables at the local bar, for example. I doubt creating a furtive device was a conscious choice, though, and more the result of trying to keep hardware costs down. People are interested in the Blackphone because of its security-focused Android build and app suite, so I understand why visual appeal wasn't much of a priority. It's important to remember, however, that this is a $629 phone, and yet it looks and feels like something for which you wouldn't even pay half that. Nothing about the actual hardware is integral to the Blackphone's security features, so again, if you strip away the custom software, this is basically a Wiko Wax, which costs €187, or around $240.

OLYMPUS DIGITAL CAMERA

The Blackphone has a 4.7-inch, 1,280 x 720 display, which is all the resolution you need on a screen that size. With a pixel density of 312.47 ppi, even the smallest, thinnest fonts are well-defined. The color temperature of the display is worth praising, with blacks and whites absolutely spot-on. Other colors, too, look rich without being needlessly saturated. The quality of the panel is good in that respect, but it's lacking in other areas. Brightness is an issue, for one, as there isn't enough of a difference between the lowest and highest settings. This isn't a problem in most scenarios, but on a bright day, the display doesn't kick out nearly enough power to cut through glare and whatever fingerprint grime is stuck to the glass. Viewing angles are also disappointing, with definition and colors falling away quickly as reflections from the glass take over. Nonetheless, it's a pretty good panel; I just wish it were easier to read in direct sunlight.

Software

PrivatOS

And now, the real reason the Blackphone exists: its privacy-focused software. The handset runs a custom fork of Android 4.4.2 KitKat with the catchy name PrivatOS (pronounced private O S). While custom builds usually layer additional features or UI elements on top of what's already there, PrivatOS does the exact opposite. In fact, it strips away almost everything you're used to seeing on an Android device. You get only the bare essentials for making calls, sending messages and storing contacts, as well as a calendar, internet browser, calculator, email and camera apps. The sound recorder is almost a luxury, as is the music player and gallery app, which doubles as the video player. That is quite literally the entirety of stock Android apps, meaning there's no Google integration whatsoever -- no app store, no maps, or anything else you might use regularly outside of the basic smartphone functions. But, that's the whole point of the Blackphone, because a raw device is as secure as it gets.

Phone manufacturers have to license Google's services if they want them to work on their devices, but this doesn't really make sense for the Blackphone. It would introduce all manner of counterintuitive data traffic that's more or less out of your control -- think Google Now pulling appointment information from your calendar, Gmail syncing your contacts and Play Music cataloging the MP3s stored on your device. That being said, SGP is working toward a Google license so Blackphone users can install these services at their own discretion, and risk.

Since the Blackphone doesn't have Google Play access, you'll need to get your apps elsewhere. This means sideloading or downloading APK files straight onto the device (on that note, you'll need to get an APK installer from somewhere) and/or trusting a different app store. You can sideload the Play store, by the way, but it won't even load. Of the alternatives that don't require a license, Amazon's is an obvious choice due to its relatively broad app selection and how easy it is to get hold of. Going down this route, however, will inevitably lead to the discovery that some apps simply aren't compatible with the Blackphone, or tend to crash regularly. That's part of the deal, I'm afraid.

Out of the box, a setup wizard guides you through various steps to secure the handset. The first layer is the classic (and mandatory) lock-screen PIN, which has to be at least five digits. Then you're prompted to agree to standard Android data encryption, which takes around half an hour on a fresh device. After that, you have to set up your Silent Circle account, which is for the encrypted communication apps that come bundled with the Blackphone. That completes the initial setup, but personalizing the device is a little more complicated. Every potential chink in Android's armor has been plugged, or rather, removed. There's no way to sync contacts or calendars, for example, meaning you have to import these manually. And as I found out, it was useless exporting my Google Rolodex to a microSD card because the contacts app won't look for it there (and there's no file manager to move it to the internal storage). Instead, I ended up plugging in an email account and forwarding a vCard library to myself.

I can't claim to be an expert in smartphone security, and yet when reaching the point of actually being able to use the phone instead of just staring at it, I was acutely aware of how walled-in it was. It's a trade-off of privacy over convenience. Apart from the email app requesting updates once every five minutes, I wasn't connected to anything. There's just no data coming in and out of the phone -- no app store checking for updates, no weather widget pinging a server for info, no freemium game hitting me with discount notifications. Silence.

But, how do you know PrivatOS is really as secure as the company says? Well, apart from having a little faith, there's the fact it's attracted the attention of several security researchers in search of a challenge. SGP Technologies even made the seemingly brave move of bringing the Blackphone to a recent Def Con hacking conference, where it was rooted (which grants access to a handset's inner workings). While this is essentially true and something that shouldn't be possible, the phone was running an older version of PrivatOS that still contained a key vulnerability. Also, standard Android encryption hadn't been enabled, and the handset in question was unlocked, meaning the hack took place after the lock-screen PIN had been entered. So in Blackphone's defense, it wasn't the most realistic of hacking scenarios.

The team at Bluebox Security also discovered a method of getting the usernames and passwords for the bundled privacy apps, which was patched 11 days later. A bug bounty program has launched recently, too, offering security researchers cash money in exchange for finding vulnerabilities in either the Blackphone itself, or the Silent Circle suite of apps.

Since launch, the Blackphone has received a PrivatOS update every month with bug fixes and usability improvements. SGP will also tell you how it delivers OTA upgrades securely (if you can understand it), and admits its "products and solutions will never be perfect." It appears committed to taking quick action when vulnerabilities are found, however, and intends to be transparent with any information it can share about security issues.

Silent Circle

Part of PrivatOS is the bundled suite of security apps, including the Silent Circle encrypted communications collection that comes straight from one of the companies that own SGP Technologies. You have to "unlock" the apps each time you restart the handset and from there, you can make HD voice or video calls over any data network (3G/4G/WiFi). The calls are encrypted from end to end, and Silent Circle is more than happy to talk you through the fancy encryption protocols it uses to make sure your call is private. There's also an encrypted instant messing app and separate Silent Circle address book. It all works cross-platform, too, across iOS, Android and Windows. The only issue is the other person has to have the same software to receive the encrypted call, so it's not like you're immediately James Bond. The bad news is that Silent Circle requires a subscription, with the basic package costing $10 per month. The good news is the Blackphone includes one free year of the basic plan for you, and one free year for one of your nearest and dearest.

Third-party partners

There's also a trio of privacy apps preinstalled on the Blackphone from "selected" friends. Disconnect Secure Wireless is an application that routes any internet traffic through a VPN if it deems you're on an unsecured network. You can turn it on or off manually, of course, and with the Blackphone, you get 1GB of VPN-piped traffic per month for one year (this can be upgraded to an unlimited plan for $3 per month or $30 per year). Disconnect Secure Wireless also includes a private browsing feature that hinders the tracking ability of websites, and you get Disconnect Search, too. This lets you search anonymously while still using popular engines like Google, Bing and Yahoo.

SpiderOak Blackphone Edition is a secure cloud-storage service, allowing you to back up files, as well as share them with others using password-protected invites. Your data is encrypted all through the process, so not even from the SpiderOak server room can you access it. Only the mobile and desktop clients, when logged in, have the right keys to unlock your files. Like most apps bundled on the Blackphone, this level of protection means you, and you alone, are the gatekeeper. There's no password-recovery feature because that would require storing sensitive data remotely. SpiderOak offers 2GB of storage free, but with the Blackphone that jumps up to 5GB for one year (this is an exclusive offer, as SpiderOak subscription plans start at $10 per month/$100 per year for a 100GB "professional" account).

The final third-party app included in your Blackphone purchase is a free version of the Kismet Smarter Wi-Fi Manager. It basically switches off WiFi when you're away from a trusted network, and turns it back on when you're near an access point you've connected to before. It does this by remembering the position of the WiFi network in relation to specific cell towers. You can also set it up to disable WiFi when you're in range of a familiar Bluetooth device, or turn it on and off for specified periods of time.

Blackphone-only

A couple of privacy features are specific to Blackphone, like the aforementioned setup wizard, and an accompanying License Manager tool. This app is for reading a QR-code that's printed on a card included with the smartphone, and it automatically unlocks the one-year subscriptions to the Silent Circle suite, Disconnect Secure Wireless and SpiderOak. Another app, Remote Wipe, does exactly what its name suggests: It allows you to instruct the phone to power off, delete all data or "brace for impact" remotely. That third option is a force-quit command that'll kill any apps from a preset list that are currently running in the background.

The Blackphone Security Center is probably the most important app on the whole device, as it lets you manage the permissions for every other app. By default, it won't give any apps you install the permission to read personal data like your contact list. Beyond that, though, you can control exactly what an app has access to, even the bundled software. You can even deny the default music player the ability to change device volume, for example. It isn't all that important when you're dealing with what's preinstalled on the device, but you can be sure you'll have complete dominion over anything you install thereafter.

PrivatOS and its bundled apps/free subscriptions are really what you're paying for when you buy a Blackphone. As I've mentioned, you can get more or less the same phone for $240 under a different name. That extra 390-odd dollars goes toward not only the cost of OS development and Blackphone-only apps, but also the "$399 in extra value" you get from one year of Silent Circle, one additional account and the Disconnect Secure Wireless/SpiderOak subscriptions.

Potential buyers should be aware that during the course of the review process, the subscriptions included with the device have been scaled back drastically -- that "$399 in extra value" was actually $829 a few days ago (at the time of publication). Previously, the personal subscriptions to Silent Circle, Disconnect Secure Wireless and SpiderOak were for two years, not one. Also, you used to receive three one-year gift subscriptions to Silent Circle, and now you only get the one.

I asked Blackphone about this change, and was told the original bundle was an introductory offer for anyone purchasing the device within the first three months of launch. Furthermore, both customers and prospective distribution channels have apparently been "overwhelmingly in favor" of simplifying it. "We believe what we offer today (and what we know is coming) will continue to support the overall value proposition the phone represents."

Camera

The Blackphone isn't targeted at your regular smartphone consumer, which is why I'm not too hung up on certain foibles like its generic design, even if it is a pricey device. In the same vein, I wasn't expecting much from the imaging experience, which is why I'm pleasantly surprised at just how capable the cameras are. Now, it might seem strange that the Blackphone even has cameras in the first place, what with it being so concerned with privacy. But remember that beneath its custom software, the Blackphone is an OEM device, not a handset designed from scratch with top-notch security in mind.

For starters, there's a 5-megapixel, fixed-focus shooter up front for selfies and video calling. Not bad, considering the Blackphone could've gotten away with a simple VGA or 1.3MP sensor. The main camera isn't a huge upgrade at eight megapixels (with autofocus), but it takes good pictures in a fairly wide range of scenarios. And I much prefer versatility to resolution on the camera you take everywhere with you.

In bright conditions, images are crisp and color reproduction is impeccable. The camera is particularly impressive in the macro range, with the autofocus quickly homing in on the subject of that particular close-up. The automatic camera settings are also very well-tuned -- particularly white balance, which copes with artificial lighting better than any smartphone camera I've used in some time. Auto-exposure compensation doesn't leave much to be desired, but images sometimes come out on the dark side when natural light starts working against you and you're shooting a landscape (this is the case with most handsets, though). HDR mode spits out some nice, high-contrast pictures when the scene is amenable to this kind of magic, but it really comes in handy in low-light situations.

Now, the main camera isn't amazing when light is lacking, but it's at least approaching the kind of mettle Nokia and Motorola have managed to achieve despite low megapixel counts. I'm still encouraged by the number of photons the sensor is able to suck up in such conditions, but the white balance setting tends to apply an unnecessary red filter to darker scenes. This is where the HDR mode comes in handy, as long as you're willing to wait a couple seconds for the image to process. I've had no issues with white balance when taking HDR shots in low light, and it makes for a brighter and slightly less noisy image compared with a regular photo. There's always the companion flash as a last resort, and it kicks out a decent cone of light. The standard problems with using a flash still apply here, like washed-out pictures with pitch-black backgrounds.

Apart from HDR, there are no other special modes like burst capture or even panorama. You're dealing with a seriously limited stock camera app that does stills, video and nothing else. That being said, it's very responsive. The app boots up immediately, and the shutter-response time is almost as quick, which somewhat makes up for the lack of burst-capture support. Image-processing time obviously increases in HDR mode, but only up to around a second in good conditions. When light starts fading, the autofocus and shutter speeds starts to decline in parallel, but this is all pretty normal.

The app itself is a simple affair, with only a few settings to adjust: white balance, exposure compensation, scene selection and, of course, image resolution. Should you want to tweak any of these manually, they're all quickly accessible from the viewfinder window. There is one noticeable issue with the camera app: It hangs for about a second when you're turning the phone from landscape to portrait orientation. The majority of the time, it resumes the way it should, but it does occasionally crash.

Video recording quality is just, well... OK. There's a drop in clarity compared to stills when filming in 1080p, and alongside the extra noise, it sometimes drops a few frames when you're moving or panning rapidly. Auto-exposure compensation can be a little skittish as well, but again, this is a fairly common problem with smartphone cameras. Audio quality is notably poor. Not only is the volume extremely low, but also everything sounds muffled and distant. Recordings also don't hold up in low light nearly as well as stills, but you can still opt for a grainy, ill-defined clip if the situation absolutely calls for it.

Performance and battery life

The Blackphone is one of only a few handsets packing NVIDIA's quad-core, 2GHz Tegra 4i SoC, and here it's paired with 1GB of RAM and 16 gigs of internal storage, though only around 12 and a half of that is user-accessible. There's always the microSD slot that supports up to 128GB cards if you need more, of course. NVIDIA has a reference device it uses to demonstrate the graphics capabilities of its mobile chip, but naturally I had to test that myself. With the Google Play store unavailable, I searched for the most intensive-looking 3D games I could find in Amazon's app store, and settled on GT Racing 2, Angry Birds Go! and Trials Frontier. (As a side note, devices with an NVIDIA chip usually come with the TegraZone Android game store preinstalled, but I wasn't shocked to see it omitted from the Blackphone, given no other app stores are accessible out of the box.)

NVIDIA knows a thing or three about gaming, so it's no surprise it handled all of my choices with ease -- most of the time, anyway. I was particularly conscious of fast loading times, both when booting up the titles and hopping into different tracks within them. However, there were a few hiccups here and there, with occasional dropped frames and some minor periods of straight-up "hanging."

I'm hesitant to pin this on NVIDIA's chip, though, as I had similar experiences when using non-intensive apps, and infrequently when just cycling through menus or the app drawer. Otherwise, it's relatively fast in general use, but you can provoke it into stuttering by attempting to do too much too quickly -- kind of like an old PC that's on its way out. When I started to feel it getting too slow, a reboot brought it back up to speed. I've already mentioned the camera app can stall when rotating the phone, which leads me to believe there's some software optimization or bug fixes to be done. The Security Center permissions manager runs in the background while the majority of apps are open, too, which could be to blame for some of the stuttering. It never gets to the point of truly frustrating, but let's just say it's nowhere near as slick as it could be, especially when the Blackphone runs a stripped-down, albeit custom Android build.

NVIDIA's chip also includes an LTE radio, which is capable of up to 100 Mbps download speeds. This is as fast as the Cat 3 standard goes, but NVIDIA has achieved Cat 4 speeds with newer Tegra 4i software. Blackphone is currently testing this Cat 4 update internally, and if all goes well, I'm told it'll be rolled out before the end of the year. For reference, the North American version supports bands 4, 7 and 17, and the international model 3, 7 and 20. I had no issues with internet performance using the stock browser. Websites load quickly (as fast as you expect them to on a mobile device, anyway) and tiling is only just noticeable when quickly zooming in and out of desktop sites. Navigating around websites is smooth, too, and it's important to note that running traffic through the Disconnect Secure Wireless VPN service didn't appear to have any impact on performance.

OLYMPUS DIGITAL CAMERA

The music-listening experience on the Blackphone is basically the same as it is on every other smartphone. It's clear and crisp enough, but missing clarity on the low end, so keep those bass-boosting headphones at the ready. It's also noticeably lacking in volume, but this should only be an issue if you're wearing leaky headphones in a noisy environment. Any over- or in-ears will render this problem moot. The loudspeaker is, amazingly, one of the worst I've come across, with distortion making music almost unrecognizable. It's just fine for taking hands-free calls, though. Connectivity-wise, the Blackphone has dual-band WiFi 802.11b/g/n, Bluetooth 4.0 LE, Miracast support and GPS. While this covers most bases, it's lacking 802.11ac, NFC, GLONASS, et cetera -- things you'd usually expect in a $629 handset.

It's hard to really judge GPS performance, as the Blackphone doesn't have any mapping or navigation apps out of the box. A sideloaded version of Google Maps (and the mobile website) refuses to communicate with the GPS module, as does Yelp (downloaded from the Amazon app store). MapQuest (also from the Amazon store) is the only app that will successfully home in on my location, but mapping data loads painfully slowly over a cellular connection for some reason. The GPS module is supposed to be fully functional, as you have complete control over what apps can access it through the Blackphone Security Center. App compatibility issues strike again, it seems.

I had no trouble with WiFi connections themselves, but it's worrying that at around six feet from my router, it still only registers two out of three bars of reception. The cellular connection is more of the same. In my South London home, I'm usually at full bars regardless of the phone I'm using, but I managed only two out of four with the Blackphone. If you're in a low-reception area or have WiFi dull spots around your house, these seemingly underpowered components might give you some trouble. On the other hand, the Bluetooth worked just fine, with quick device discovery and connections.

The Blackphone's 2,000mAh battery is neither extraordinary nor terrible. With intensive use -- including browsing, downloading and installing APKs, listening to music, checking email, taking pictures and a few brief gaming spurts -- it got through nearly a whole day without dying, although I did cut back on screen time when I saw the battery dropping to alarming percentage levels. With slightly more conservative use, it lasted a day and a half without requiring charging.

The competition

The Blackphone retails for a whopping $629 if bought direct from SGP, and the only reseller I know of is GSM Nation, which will sell you one for only $549 (disclaimer: GSM Nation provided our review handset). For that kind of money you can have your pick of any smartphone on the market, flagship or otherwise. You're not just buying any other smartphone, though; you're buying a substrate for PrivatOS and its included apps to live on. In this respect, the Blackphone is a niche device that's all but incomparable to anything else out there.

There are several encrypted-communication apps and similar privacy services for both Android and iOS platforms, but in the realm of super-secure handsets, you don't have much choice. Boeing has developed its own "Black" phone specifically for the military and certain corporations, which even has a modular design to incorporate extras like solar charging, satellite communications and biometric sensors. The only other security-focused device for the consumer market is the FreedomPop Privacy Phone, a Galaxy S II with added software for encrypted comms and safer internet access via VPNs. At $189, it's a bargain compared to the Blackphone, but then again, it doesn't take privacy to quite the same extreme.

Wrap-up

OLYMPUS DIGITAL CAMERA

If you look at the Blackphone purely from a hardware perspective, it's nothing special. It has LTE, a good set of cameras and acceptable specs, but it's hardly a poster child for inspired design, and the display could do with being about twice as powerful. As you've heard more than a few times already, it's all about the software. That's not perfect either, though, with spotty app support and a few performance kinks that need to be ironed out. Then there's the everyday user experience. I understand you can't exactly install all of Google's services as standard and still call the thing secure, but people will inevitably want to use the phone for things other than its basic functions. Ultimately, this has to be at the discretion of the individual user, but anyone that's not au fait with alternative apps stores and side-loading APKs will struggle.

The Blackphone could do a better job of supporting customers in this regard, without them needing to dig through forums for solutions. Maybe in future iterations of PrivatOS, or other security-centric phones that come to the market, we'll see a better balance between convenience and privacy. For now, though, the Blackphone is not for the faint of heart. All this being said, you can't really fault how locked-down it is, and despite the high price tag, you're essentially getting subsidized subscriptions to some of the best mobile security services, as well as useful bespoke apps like the Security Center permissions manager.

If privacy is important to you, the Blackphone is almost certainly what you're after in a mobile device. Besides, you don't have much choice currently. One thing I'm still coming to terms with, however, is the concept of selling peace of mind. As Edward Snowden continues to leak information about how the NSA and other national government agencies were/are hoovering up every bit of personal data available to them, digital privacy has never been a hotter topic. With people wanting more control over how their data is handled, it was inevitable that products like the Blackphone would appear.

There's a fine line between leveraging a mild global hysteria to sell a niche and expensive smartphone, and creating the best possible product to serve a growing market need -- and in that sense, PrivatOS and the Blackphone's bundled apps are likely to satisfy even the most demanding privacy-conscious consumer. I guess it doesn't really matter either way: Nobody's forcing anyone to buy a super-secure handset. And, even if the Blackphone is one of a new, shrewd generation of opportunistic ventures in this area, it can't be blamed for creating the demand.

Filed under: ,

Comments