DarkMatter Phone: A Secure Communications ROM Is Coming To Android

At HITB 2014 in Malaysia, security researcher @thegrugq revealed a new Android ROM that provides a secure messaging and communication system that anyone can use.
At HITB 2014 in Malaysia, security researcher @thegrugq revealed a new Android ROM that provides a secure messaging and communication system that anyone can use. @thegrugq

Looking for true security in mobile messaging and communications? Then minding the three C’s of OpSec is key, says security research @thegrugq. In a presentation at Hat in the Box 2014 in Malaysia the researcher expounded upon elements needed for truly secure communication while introducing a custom Android ROM – the Dark Matter Phone - designed to provide those elements of security. The DarkMatter software is compatible with the Galaxy S4, the Nexus 5 and the Nexus 7, and though still in the beta stages of development, upon release the DarkMatter phone could become the secure messaging device of choice for any user.

So what is required for truly secure communication in an era when metadata tracking and analysis has is becoming increasingly more invasive? According to The Grugq, the rules of OpSec haven’t really changed. They come down to three key ideas: Cover, Conceal and Compartmentalize.

But following these rules in the real world can be difficult, and if improperly implemented, tools meant to protect you privacy and security can actually red flag you as suspect number one. For those who wish for secure communications -- whether they be a political activists, hot zone journalists or just privacy concerned individuals, the DarkMatter phone can offer a solution for anyone who needs secure communication.

The tool fulfills the three C’s of OpSec by providing a practical and affordable way for users to cover, conceal and compartmentalize their communications.

“[DarkMatter] is just a regular phone, with a custom ROM that supports the Galaxy S4, Nexus 5 and Nexus 7,” said @thegrugq. Because the software supports devices that are widely available, it is less likely to attract attention or scrutiny. The DarkMatter phone stands in contrast to devices such as the recently revealed Blackphone, which is unique enough in its appearance to draw suspicion on its own.

“Other secure phones don’t work as well because they look like secure phones,” The Grugq told iDigitalTimes. “This [Dark Matter phone] was originally designed for a media company that was deploying reporters to Syria. The problem they have is that there are all these check points everywhere … and security would go through their luggage and if there was anything weird … they automatically thought it was some kind of CIA spy device.”

In addition to averting attention, the DarkMatter phone also offers a way to secure the information stored on it, while deploying numerous strategies for making that information inaccessible if it falls into the wrong hands.

So how does the DarkMatter phone work? The primary way that the device works is two faced. You have a regular Android phone, but it contains a secure enclave for compartmentalizing sensitive data. The secure enclave is mounted and all the metadata is stored separately in that so it moves all the sandboxes for apps into the secure enclave.

When the DarkMatter phone detects a negative operational environment - a situation in which the security of the information may be compromised - the secure enclave immediately shuts down, dismounts the volume, closes down all the applications and all the intruder has access to is a blob of encrypted data and a normal phone.

While Apple users may be familiar with the idea of a secure enclave, the DarkMatter phone is able to secure data and communication even beyond that of what the iPhone can do.

“Unfortunately with an iPhone”, said The Grugq, “the level of security is good, but it stops at a gun in your face.” In other words, while iPhones enjoy a significant level of security, if the user is forced to unlock the device or disable the passcode, data is made readily available to the intruder. With the DarkMatter phone, however, security goes beyond the passcode.

If the device detects some kind of threat to the information such as a drop in temperature, a debugger being attached, the device being placed in a faraway bag, the SIM being removed or the pin being entered incorrectly, the device immediately responds, shutting down the secure enclave and encrypting the information stored there.

“Now we have a secure device that anyone can use and they will be protected against almost any level of threat, from casual ‘let me see your phone,’ to seizing your phone to ‘ok, now we are going to take an image of it’. It protects you at every stage of that.”

The messaging client on the DarkMatter phone is built off Adam Langley's Pond messaging system. Pond has been designed to be a secure messaging protocol so it's secure by default and has no non-secure version to fall back to if someone makes a mistake.

Dark Matter phone uses a mobile version of the POND system for secure messaging.
Dark Matter phone uses a mobile version of the POND system for secure messaging. @thegrugq

The messaging system also has a number of features that help it to evade scrutiny through both cover and concealment. Message transport is provided over the Tor network, which masks sender and receivers’ identities and locations. All messages are of a fixed length and are sent at random intervals throughout the day with dummy messages sent between the gaps. This system prevents detection of traffic patterns because all metadata essentially looks the same.

In addition to these cover and concealment strategies, Pond also ensures communication can only occur between a pair of individuals who have agreed to communicate. The two-way communication is started when two partied agree on a passphrase which can be communicated through IM, voice chat or in person – or by other means if the users so choose. Once the passphrase is decided on, the two intending to communicate, post a message resulting from the passphrase to a server and use this to share keys with each other. Once keys are shared the passphrase ceases being used. This way even if an attacker were to happen upon it, it is no longer useful. The secure messaging app will be called Djoom and is projected to release the end of October for free on the Google Play store.

While there are still some details of the DarkMatter Android phone ROM to be ironed out, The Grugq is hopeful for a late release date of January 2015.

Join the Discussion
Top Stories