Blackphone’s Bug Bounty Program

Today we moved another step towards building a strong relationship with the security researcher community by announcing our bug bounty program. The bug bounty program also serves to provide transparency with industry so that everyone knows precisely how many...

Blackphone rooted at Defcon — Part 2

As I mentioned in my earlier post — we took on the challenge of building a secure and private smartphone system. @TeamAndIRC threw a proverbial jab to the jaw, and well, our jaw is not made of glass. Kudos to @TeamAndIRC for explaining the exploit. No hard...

Blackphone rooted at Defcon — Part 1

Greetings from Def Con! Thus far Team Blackphone has been having a very positive Con. We have been receiving a lot of positive feedback and praise for taking on the flag of building and maintaining a secure and private smartphone system. This was a challenge that we...

News From The World Of Government Spyware

We have gotten a report that the commercial/government spyware system FinFisher has themselves been hacked and that documents, code, etc. have been posted online. Our friends who have looked at some of these leaked documents have told us that they have a module using...

Finishing Up From Heartbleed

In our previous blog post on Heartbleed we said that we would tell you more when we had finished our own cleanup. We completed our work this weekend. We replaced all our SSL certificates, and that required us to update the Silent Text apps themselves. We would also...

Heartbleed Bug

We are sure that you have heard about the Heartbleed bug. Heartbleed attacks the heartbeat extension (RFC 6520) implemented in OpenSSL. The official reference to the Heartbleed bug is CVE-2014-0160. We want to give an update about how it does and does not affect...