Do you want a phone that secures all of your data and communications, and can’t be hacked by even the savviest of criminals and governments? Of course you do. But if you’re a realist, you’d probably say that while strong security can be achieved with discipline, perfect security doesn’t exist.
Yet, perfect security was the promise of a company called QSAlpha when it recently sent me an e-mail titled “Un-hackable Superphone to be Unveiled via Kickstarter.” QSAlpha is seeking $2.1 million to build a phone it dubs the Quasar IV. Pledges starting at $395 would reserve backers a phone estimated for an April 2014 delivery.
A draft of the Kickstarter page and an accompanying video shared with Ars calls it the “world’s most secure smartphone,” featuring “unprecedented security with a military-grade encryption.” Those kinds of claims—coupled with a lack of technical detail—make security experts who reviewed the Kickstarter page suspicious.
The phone a ninja would use
QSAlpha says it started by asking the question, “If a ninja had a phone, what would it look like?”
“The essence of digital security is the ability to operate in stealth mode, moving about undetected, leaving no trace in the digital world, the same way that a ninja leaves no trace in the real world,” CEO and founder Steve Chao said in the video.
QSAlpha describes Chao as “an internationally recognized pioneer in digital security, communications and augmented reality.” He said he previously built a now-defunct mobile search engine, Cgogo, which was used by China Mobile.
His encryption technology is called “Quatrix.” Besides encrypting phones, QSAlpha says it plans its own app store where developers can distribute applications signed by Quatrix.
A preview of the Kickstarter link was temporarily live but is offline as of this writing. QSAlpha was planning to start the crowdfunding campaign this week, but said because of a backlog at Kickstarter it’s been delayed until September 12.
Based on Android 4.3 and with various modifications to improve security, the Quasar IV uses a hardware-level encryption module. The contents of the phone are encrypted, and your communication with other users of Quasar IV phones are encrypted as well using public and private keys. Android phones can already be encrypted using a standard setting, but Chao says Quasar does it better.
“Instead of having a third-party hosting or giving out the public key, we have managed to create what we call a seed public key matrix that produces all possible keys up to 10^77 of keys for all the users out there,” Chao told Ars in a phone interview. The chip contains both the public key matrix and the user’s private key. When initiating communications with another user, the Quasar IV uses the recipient’s identity to calculate their public key and encrypt the data. Once received, the user decrypts it with their private key.
All e-mails, text messages, and VoIP calls can be encrypted, he said. Quasar IV can still communicate with users of other phones and devices, but not in an encrypted manner.
If you don’t use a Quasar phone, you’re basically doomed, QSAlpha CTO Ben Vaughan said in one of the company’s videos. “Every time you visit a website, every time you send an e-mail, and every time you make a phone call, you are exposing yourself to criminal activity,” he said.
Full Story: “World’s most secure smartphone” looks like snake oil, experts say | Ars Technica.