NSA-Proof Blackphone Gets Rooted in Under 5 Minutes at BlackHat

BlackPhone

The ultra secure NSA-Proof Blackphone just got schooled at Blackhat this weekend. The device was rooted in under 5 minutes without needing to unlock the bootloader. @TeamAndIRC pulled off getting root access and turning on ADB on the device. The vulnerability that allowed this to happen is now semi-fixed and needs the user to take action to be able to exploit the weakness. Still its ironic that yet again even the most secure of Android phones are susceptible to the inherent trust model of the Android OS which was never built with security in mind.

Hopefully now that Blackphone got a taste of some humble pie they can go back out and try harder without a chip on their shoulder…

Thanks to everyone who sent this in! via PhoneArena

17 total comments on this postSubmit your comment!
  1. One word: BURN

  2. I love this so much.

    • You and me both! If it’s so secure, how could someone hack it in just 5 minutes. It would seem to me that they missed an obvious vulnerability, so there may be many more to be discovered.

      It will be interesting to see how they spin this. I don’t even see this as “semi-fixed”. What does that mean? A semi-closed door is still open!

  3. Not even copying half the name from BlackBerry helped them.

  4. I wonder if BlackBerry plans on rubbing salt in their wounds or if that is un-canadian

    • This is the case where BlackBerry should rub it in, especially after their recent comments.

    • I think BlackBerry should leave this alone. If you acknowledge Blackphone, you’re just giving them more press time. BlackBerry should only take on worthy challengers and competitors. There is no threat here. They are only a threat if we acknowledge them. Is Apple scared of them or Tizen or the Ubuntu phone?

  5. “Android OS which was never built with security in mind” – what an unprofessional remark… This is simply a stupid statement.
    First read: https://source.android.com/devices/tech/security/

    • Unprofessional? How about unfalse? That makes more sense.

    • Even Google admits that Android was rushed to market. This is why there has been attempts to secure Android (Samsung Knox) but you can’t just add on security if the core OS isn’t designed to be secure. Google then decided Chrome OS was the answer, so Samsung developed Tizen to protect themselves. Android just took off too fast and couldn’t be stopped. Folks must risk-manage their use of Android.

  6. Android Secure? LOL

  7. idownloadblog.com/2013/10/08/android-more-secure-than-iphone/

    “In a recap of the session, Willis says that Schmidt’s comments on Android being more secure drew laughter from the crowd—which according to the symposium website was made up of a bunch of IT professionals and chief information guys.”

  8. I’m sorry but anyone who believes that Android is secure, or is even in the top 3 concerns of Google, is naive at best. They care when they get called out, that’s about it.

  9. Ronen, why did you suggest the Blackphone was “NSA-proof” and “ultra secure”? Were you sticking your tongue at them? ;)

3 total pingbacks on this post

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail. You can also subscribe without commenting.

BlackBerry© is a registered Trademark of BlackBerry Limited. BerryReview is in no way affiliated with BlackBerry Limited though sometimes their lawyers send us love letters...

Copyright © 2007-‘2014’ BerryReview LLC