As many people now know, I sold my BlackPhone 2 recently. That happened for many reasons, and in this post, I will attempt to outline some of them.
First and foremost, the Black Phone 2 did exactly what it claimed on the label. This is, in it’s self, unusual. In this regard, I strongly recommend the BP2 to anybody who needs the facilities it advertises.
In the end, I didn’t need those facilities. But let me back up. Picking a security technology needs to be done in context of what you are trying to protect, and how.
I have a very specific threat model that I’m working with.
- I use my phone to contain 2 factor authentication tokens ( TOTP to be specific.)
- Wiping my phone will destroy those tokens, by design.
- To integrate with my employer’s email/calendar system, they demand the ability to wipe my phone remotely.
- But I use many two factor tokens on my phone, only a minority of which are my employer’s. I don’t wish to lose these because my phone gets wiped, for any reason.
Thus, the BlackPhone 2’s ‘spaces’ feature looked perfect. Attach my employers account to a ‘non-owner’ space, and thus, when a remote wipe command comes for my phone, the space is wiped, and not my whole phone. Place the two factor tokens that I wish to survive in a different space, and I get the best of both worlds.
This actually works.
I tested it 3 times while I owned the BP2. It’s really quite impressive.
But with that feature space, comes some serious challenges.
I also own a Pebble Time. I really like this smart watch. It works great. But that’s a different review. The Pebble Time talks to your phone over Bluetooth, using an android app.
Android apps are constrained to the space in which they are installed. Bluetooth associations are also constrained to the space in which they are made. Thus, every time I switched away from the ‘work’ space, the connection to my pebble would drop and all notifications would stop.
Working as designed, but not as desired.
But I can install that app in all the spaces I’m using. Doing so then requires the pebble to associate to each one of those spaces, independently. The data shared to the pebble then varies by space. Not wrong, but darn inconvenient.
Of course, to make this work, for notifications, every app that I wanted to work ‘across spaces’ had to be installed in each one of those spaces separately. Which then required each one to maintain it’s state database separately. Which then implied independent communication to the cloud providers.
So, in exchange for spaces, I ended up burning 2-3x more data, and with it, 2-3x times more battery.
But I wasn’t planning on needing to move much data. The BlackPhone 2 comes with a microSD slot. I’ll put a big microSD card in it and cache what I want to use.
- As documented, the microSD card isn’t secure and isn’t encrypted.
- An awful lot of applications will use the microSD card in the ‘owner’ space, but not in a non-owner space. The one that got me was Google Play Music. This seems to be an android thing, not a BlackPhone 2 thing.
So, use of the microSD for bulk data was largely a bust.
Which brings me to the part that pushed me over the edge. The size.
3 months with the BP2 showed me that I’m a 5.2 inch max cell phone person. I fly my phone single handed. Get much over that and I can’t hit the buttons with my thumb. The BP2 is only a half inch larger, but that’s a half inch too much for me.
So, I got a Nexus 5x, Google Fi, and a Yubikey-neo. This set of hardware solves my current threat model, but that’s a different post.
Silent Circle builds a solid product that does what it claims on the label. That’s rare these days, and I wish them the best of luck. I’ll continue watching their products, and I will continue to use Silent Phone.
I’ve sold my BP2 to a friend. I hope to hear how it goes for him.