Silent Circle Launches Enterprise Platform and New Devices Including Blackphone 2 and Blackphone+ Tablet

Silent Circle today unveiled two new devices as part of its Blackphone product line, along with a with new enterprise platform that combines devices, software and services into a privacy and security focused mobile architecture.

New hardware unveiled by the company includes the Blackphone 2 and the privacy focused tablet, Blackphone+.

Scheduled to be available in the second half of 2015, Blackphone 2 and offers hardware improvements over its predecessor, including a faster 8-core processor, three times more RAM, a longer lasting battery, the company said. The smartphone also integrates with existing Mobile Device Management systems and comes with a larger Full HD display.

Arriving later in 2015, the Blackphone+ tablet will offer privacy for mobile workers, the company said.

News of the enterprise platform and new hardware offerings comes just days after the company announced that it had agreed to buy out a joint venture with Geeksphone, giving Silent Circle a 100 percent ownership stake in SGP Technologies and full ownership of the privacy and security focused Blackphone product line. 

Offerings and enhancements coming as part of the new platform include:

PrivatOS 1.1 – The first major upgrade to the Android-based operating system created by Silent Circle introduces Spaces, an OS-level virtualization and management solution that enable devices to separate work from play. Geared specifically for the enterprise, PrivatOS allows users to keep enterprise and personal apps separate, while enabling IT administrators to lock and wipe enterprise managed ‘Spaces’ when necessary.

PrivatOS can also now integrate with several Mobile Device Management (MDM) platforms as a result of partnerships with Citrix, Soti and Good Technology.

Silent Suite, a set of core applications with peer-to-peer key negotiation and management, now includes Silent Meeting, a new, secure conference calling system that supports multiple participants. 

Aditional services offered as part of the enterprise platform include:

Silent Store – Installed on all Blackphone devices, the world’s first privacy-focused app store features apps from the developer community vetted by Silent Circle.

Silent World – An encrypted calling plan that lets users communicate privately with those who don’t have Silent Phone. Silent Worlds allows users to call anyone within the Silent Circle coverage areas privately, with no roaming charges or extra fees.

Silent Manager – Silent Manager gives enterprises a simple web based solution for managing plans, users and devices.

“Traditional security solutions have failed global enterprise in a mobile world and make data and privacy breaches feel inevitable to most enterprises,” said Mike Janke, Co-Founder and Chairman of the Silent Circle Board at a press conference held at Mobile World Congress 2015 this morning. “What’s more, these breaches have evolved and have much broader impact. They now put every customer, employee and partner at risk. They are eroding the trust people have in enterprises. They have moved privacy firmly to the top of the boardroom agenda.”

“Enterprises have been underserved when it comes to privacy,” said Bill Conner, President and CEO of Silent Circle. “Traditional approaches to security have failed them. We’re here to fix that. We have to understand that to achieve real privacy now requires security plus policy. That new equation is driving everything we do in building the world’s first enterprise privacy platform.”

In May 2014, Silent Circle announced that it had decided to move its global headquarters from the Caribbean island of Nevis to Switzerland, in order to take advantage of the country’s privacy laws. 

Last week, the company also announced that it had raised approximately $ 50 million in a private, common equity round to support accelerated growth.

Tags:

• Mobile Security
• NEWS & INDUSTRY
• Audits

Researchers at Rapid7 have uncovered information disclosure issues in SNMP [Simple Network Management Protocol] on embedded devices that could cause them to leak authentication data.

The issues were reported last week as part of a talk at CarolinaCon. According to Rapid7‘s Deral Heiland, the problems were discovered in consumer-grade modems and a load balancer. The situation allows authentication data to be swiped by attackers via the read-only public SNMP community string. The problem was uncovered in the following devices: the Brocade ServerIron ADX 1016-2 PREM TrafficWork Version 12.500T40203 application load balancer; the Ambit U10C019 and Ubee DDW3611 series of cable modems; and the Netopia 3347 series of DSL modems.

“While it can certainly be argued that information disclosure vulnerabilities are simple to resolve and largely the result of poor system configuration and deployment practices, the fact remains that these issues can be exploited to gain access to sensitive information,” blogged Heiland, senior security consultant at Rapid7. “In practice, the low-hanging fruit are often picked first. And with that, we have three new disclosures to discuss.”

“The first involves a Brocade load balancer (you might have one of these in your rack),” he noted. “The second and third involve some consumer-grade modems from Ambit (now Ubee) and Netopia (now Motorola). For the modem/routers, you might have one of these at a remote office, warehouse, guest wi-fi network, water treatment plant, etc. They are quite common in office and industrial environments where IT doesn’t have a strong presence. Shodan identifies 229,409 Ambit devices exposed to the internet, and 224,544 of the Netopia devices.”

Heiland uncovered the vulnerabilities with independent security researcher Matthew Kienow.

According to Heiland, the Brocade device stores username and passwords hashes within the SNMP MIB [Management Information Base] tables at the following OID Indexes:

• Username:            1.3.6.1.4.1.1991.1.1.2.9.2.1.1         
• Password hash:    1.3.6.1.4.1.1991.1.1.2.9.2.1.2

“The Brocade ServerIron load balancer has SNMP enabled by default,” he explained. “The community string “public” is configured by default. Unless SNMP is disabled, or the public community string is changed, an attacker can easily extract the passwords hashes for an offline brute force attack.”

The Ambit U10C019 and Ubee DDW3611 series of cable modems store the following information within the SNMP MIB tables at these OID [Object Identifier] Indexes:

 U10c019

• Username:             1.3.6.1.4.1.4684.2.17.1.2.1.1.97.100.109.105.110
• Password:              1.3.6.1.4.1.4684.2.17.1.1.1.2.97.100.109.105.110
• WEP Keys Index:   1.3.6.1.4.1.4684.2.14.2.5.1.2
• WPA PSK:             1.3.6.1.4.1.4491.2.4.1.1.6.2.2.1.5.6
• SSID:                     1.3.6.1.4.1.4684.2.14.1.2.0

DDW3611

• Username:            1.3.6.1.4.1.4491.2.4.1.1.6.1.1.0
• Password:            1.3.6.1.4.1.4491.2.4.1.1.6.1.2.0
• WEP Key Index:   1.3.6.1.4.1.4684.38.2.2.2.1.5.4.2.3.1.2.12
• WPA PSK:           1.3.6.1.4.1.4491.2.4.1.1.6.2.2.1.5.12
• SSID:                  1.3.6.1.4.1.4684.38.2.2.2.1.5.4.1.14.1.3.12

SNMP is not enabled by default on these devices, blogged Heiland. However, a number of cable providers that utilize Ubee devices enable SNMP with the community string of “public” on the uplink side of the cable modem for remote management purposes, which makes it possible in those cases to enumerate this data over the Internet, he explained. 

In the case of the Netopia 3347 series of DSL modems, SNMP is enabled by default with the community string of ‘public’ on the internal interface. These devices store the following information with the SNMP MIB tables at the following OID indexes:

• WEP Keys Index:  1.3.6.1.4.1.304.1.3.1.26.1.15.1.3
• WPA PSK:             1.3.6.1.4.1.304.1.3.1.26.1.9.1.5.1
• SSID:                     1.3.6.1.4.1.304.1.3.1.26.1.9.1.2.1

“The DSL side is not enabled by default, but currently a number of DSL providers that still utilize the Netopia 3347 series devices enable SNMP with community string of public on the uplink side of the DSL for remote management purposes,” he blogged. 

This makes it possible to enumerate this data over the Internet, he explained. The modems that were tested are end-of-life, so it is unlikely that firmware updates will be released to address the defaults, he added.

“Of course, just because something is end-of-life doesn’t mean it disappears from the Internet — causal Shodan browsing attests to that,” he blogged. “Further, we cannot know if these configurations persist in current, supported offerings from the vendors, but you might want to check yours when you get a chance to download Metasploit.”

Tags:

• NEWS & INDUSTRY
• Vulnerabilities