Secure Smartphone with special/dedicated hardware. Detects the presence of IMSI Catcher/Interceptor.
Price: € 2.550,00 (Mobile, Preparation, Testing, Shipping, Perpetual License)
The encrypted cell phone communicates securely with other devices from the same manufacturer such as cell phones, landlines, satellite phones. Allows only for making encrypted voice calls and sending encrypted SMS.
Security is managed granularly and in depth with countless countermeasures touching numerous parts of the communication system, the result of 20 years of work by a leading company with no known incidents of breach.
It may be suitable for government-level deliveries, with availability for independent source code analysis, customization, and knowledge transfer to the Customer.
There are no licenses for use: the right to use is perpetual once the purchase is made.
Making encrypted voice calls with VoIP technology. Point-to-point voice encryption of VoIP calls on any network – 2G, 3G, 4G, Wi-Fi. The most robust encryption algorithms currently available-AES and Twofish. Diffie-Hellman key generation and exchange with SHA256 hash function. Key authentication with hash reading. Future Security (Forward Security) – encryption keys are destroyed as soon as the call ends.
Sending encrypted SMS. Based on the same robust encryption algorithms used for voice encryption-initial key generation and exchange with Diffie-Hellmann 4096-bit, message encryption with AES256 and Twofish with 256-bit key length.
Hardened Operating System with Secure Boot and Continuous Integrity Checks
Secure Android operating system built from source code with granular security management. Security-optimized and simplified components and communication stack. Transparent and secure boot chain with secure boot, kernel, recovery, kernel objects and APKs all with digitally signed keys. Checks during operation of core applications and services ensure that only signed and trusted code is loaded into the device.
Configurable Operating System Security Profiles
Hardware controller module and permission management module control access to network, data, and sensors (camera, microphone, etc.) allowing control of indivdual security policies.
Unique protection against over-the-air attacks with constant monitoring of modem activity. Detection of modem attacks and initiation of countermeasures. Detection of attempts to track user location with SS7 or Silent SMS attacks.
Hardware Anti-Tampering with Attempt Highlighting
Dedicated safety modules with CPU supervisor, watchdog timer, on-chip temperature sensor, and anti-removal coating. Circuit for shield removal detection, Environmental Failure Protection (EFP) for temperature, voltage, internal clock frequency, and duty cycles managed by circuit for immediate reset. Supports higher security levels such as FIPS 140-2 and Common Criteria.
Trusted Platform Module (TPM) for Certification and Platform Control
TPM Trusted Computing Group (TCG) level 2 specifications, version 1.2, revision 116. Active shielding and room sensors. Memory Protection Unit (MPU). Hardware and software protection against code injection.
Configurable Operating System Security Profiles
Controller hardware module and reinforced module for controlling access to network, data and sensors (photo/video camera, microphone, etc.) for managing individual security policies.
Encrypted Storage System
For contacts, messages and notes with smart folders, protects data against unauthorized access when not in use.
Verifiable Source Code
The Secure Phone is among the very few secure phones on the market with the source code available for independent analysis. The source code can be checked for the absence of backdoors, encryption key capture systems, centralized generation (held by the manufacturer) of encryption keys, and do not require storage of the keys themselves.
Compatible with a range of desk phones and satellite phones as well as an IP PBX.
Hardware- Quad Core Krait (Qualcomm) 2.3 GHz CPU, graphics accelerator, QDSP processor, MicroSD adapter.
Radio – GSM/GPRS/EDGE (850/900/1800/1900 MHz), UMTS/HSDPA+ (B1, B2, B4, B5, B8), advanced LTE (3GPP, FDD (Frequency Division Duplex), IMS (IP Multimedia Subsystem Architecture), VoLTE, Channel Aggregation (B2, B3, B4, B5, B7, B13, B14, B17, B20).
Connectivity-USB 3.0 (fast charging), Wi-Fi 802.11 a/b/g/n/ac, accessory interface for connecting extension modules such as sensors, tactical or TETRA radio modules, docking station, car charger and satellite modules.
Audio – High-performance, multi-microphone ANC noise-canceling speakers.
Display – LCD 5″ Full HD (1080*1920), capacitive multi-touch usable with gloves, functional even in rainy conditions.
Camera – 8 Megapixels with Autofocus and LED Flash, 2 Megapixels for front camera, Full HD video recording and viewing. Both cameras can be disabled.
Mechanical – Dimensions 14 x 75.5 x 13.5 [mm], weight 180 [g], waterproof class IP67, shock resistance according to MIL- STD-810G shock standard. Temperature range of use -20÷55 [°C].
The cell phone is exempt from restrictions on sale in the territory of the European Union.
Extra Large has been committed to secure communications and secure phone distribution for nearly two decades. He has done independent research on mobile terminal communications security, which has attracted international interest. In 2008 it was among the first resellers in the world of VoIP applications for cell phones that make use of encryption protocols ZRTP by Philip Zimmermann, protocols that were then also used for a long time by Signal.
Extra Large has always prioritized the safety of its Customers. The same cannot be said for a number of software/hardware system manufacturers and resellers.
Over the years, Extra Large has advised against the use of complex and inherently insecure solutions such as EncroPhone e Sky Etc., for various reasons (and has not marketed them despite Customer requests). A basic analysis of their overall security in fact immediately highlighted some of their weaknesses, over all the mechanisms for remote updating through dedicated servers. Servers that later became the first targets (starting points) of complex successful attacks.
The attacks on Encrphone and Sky Ecc were carried out by government crime-fighting organizations. However, from a purely technical point of view, a private organization with the necessary technical and economic resources could have done the same against secure communication systems employed in full legitimacy by private or government agencies.
Extra Large continues to provide only systems that it believes are up to the task, relying on manufacturers who have proven their capabilities over time and who have always openly stated what has always and inescapably been the reality of security systems: there are no absolutely secure systems, while there are extremely secure systems (and insecure systems). Above all, Etxra Large continues to inform its Customers about the details of security and possible ways of attack.
The smartphone proposed here is part of a complex system invisible to users. For example, the SIP – Session Initiation Protocol – server is the system for initiating calls between secure phones adopted by many manufacturers and has a number of security flaws. In this case the code has been completely rewritten by the manufacturer to make it secure. Still, all secure smartphones use Modem (Base Band Processor) chips manufactured by only a few manufacturers in the world. Modems are managed by proprietary software that is not accessible for independent security analysis and that in practice is updated only when a new model of Modem chip is brought to market. Security flaws are typically present, are actually used to carry out attacks, and the manufacturer of the Secure Smartphone has therefore intervened with suitable countermeasures to prevent them.
For years, manufacturers of “secure” cell phones have promoted their solutions by emphasizing the security of dedicated encryption algorithms. In reality, ways to attack a smartphone’s communications are numerous, and virtually none target encryption algorithms, as experience shows. Instead, Extra Large and the manufacturers it works with have focused on applying countermeasures for all types and modes of attacks that can be employed to breach security.