Hacker Read top | best | new | newcomments | leaders | about | bookmarklet login
Unplugged Phone Mysteries (pxlnv.com) similar stories update story
5 points by hampelm | karma 1866 | avg karma 12.44 2022-07-28 08:58:41 | hide | past | favorite | 47 comments



view as:

The hyped "Unplugged messenger" is just element/matrix with the branding stripped off it. https://web.unplugged.com/#/login

What a weird set of stuff, it smells really, really bad.


No kidding, opening the dev console shows this as part of a funnily mangled (by sed, I imagine) warning message

> If you know what you're doing, Element is open-source, be sure to check out our GitHub (https://github.com/vector-im/Unplugged Messenger-web/) and contribute!


LOL

The phone itself appears to be a rebrand of the "Liberty Phone" from the last time around:

https://www.ghost.libertyblockchain.com

If you start the pre-order process, you'll start seeing links to unplugged-systems.com.

Interestingly, the "Liberty" branded site prominently claims "not made in China". I don't see a similar claim for the "Unplugged" branded version.


With JS disabled, I get a "Sorry, Element requires JavaScript to be enabled."

How many of these "private" phones turned out to be a sting operation by the likes of the FBI? Can I look at the code and schematic? No? Take it away. Come back when you have a product based entirely on auditable open source hardware and software, whose operation satisfies the Kerckhoff-Shannon principle that the only secret is my private key.

What are you using instead?

Fisher-Price Chatter Telephone ?

Vulnerable to a MITM attack, just like my string-can telephone

Can-in-the-middle assumes that your attacker has a sufficiently high-fidelity soup can :-)


The Erik Prince? Mercenary and alleged-murderer Erik Prince? https://www.thenation.com/article/archive/blackwater-founder...

Now selling a low-end "secure" smartphone?

Weird change of business, right?


Since when does an $850 price tag on an android phone count as low end?

"Low-end" presumably refers to the fact that it's resold graylabel hardware. I wouldn't be surprised if the unit manufacturing cost was below $50.

Yeah, that.

For $850 I'll sell you a couple of candybar Nokias with prepaid SIMs, and an afternoon's tuition on how to do one-time pads properly.

Hell, I'll do it for $425. If you bring your own phones, I'll do it for a chilli burger.


Whoa, you read the article too?

Worth a listen - https://www.youtube.com/watch?v=nwK_XLFOm_I

I was captivated - went through it in one setting. The more recent stuff is nearer the end of the podcast. (2:20 or so)


Is it just me, or has the commercial world gone weirder? Claim a product that does magic shit ("patriot communication!"), claim support from some famous person, although they can quickly deny it, and you'll probably get some suckers to pay you for the product. Or even better, investors to buy into your company.

Somehow the words "self-driving cars" popped into my head. Ah, the wonders of faith-based investing. On the keyword of "faith", maybe I should start selling investments to help build a palace for Jesus that he will return to, to rule the Earth ("Endorsed by 2 Popes, promise!", or I can just pay some evangelical preachers to get their mouths to actually endorse it), and if you invest, you can have an audience with Jesus!


I think a lot of it stems from the realisation that you don't ever need to actually make a product, you just need to sell the feeling of it and that's sufficient. What's being sold here is almost certainly just shovelware on a cheap chinese phone, but the presentation of it is designed to make you feel like it is a whole lot more than that.

When you suggest that it's just lipstick on a pig, I think you're getting at the heart of much contemporary marketing.

or just all marketing, across all time.

Well, and it's probably all being coded or rebadged by an overseas sweatshop so there's bound to be more spyware in the app store than drops of water in a rainstorm.

While "weird" it's certainly not surprising. Consumer protections have not kept up with the overall global economy. Snake oil products have always existed, but it's getting easier to spin up a new company that targets an uneducated consumer.

There was a time (some 50 years ago) that such products would be restricted to advertising in the back of comic books. X-ray glasses, "sea monkeys", and the like. A lot of it was bullshit, but when it's just a week's allowance out of a kid's pocket, who cares? When you grew up, you could graduate to the special magnet you attached to an automotive fuel to increase fuel mileage up to 20mpg! Oil companies have killed people to keep it a secret! Refer to the full-page ad in this month's Popular Mechanics.

Point is, to this old guy it's the same ol' shit, just a different advertising venue and different products.


I'm not sure if a guy who also owns largest terrorist-for-hire company in US is representative for the entire commercial world.

" Oh, and Erik Prince is just the worst. " -

Well he did go into Iraq because the government of the USA decided it.


I think that describes the actions of someone who was in the military and went into Iraq following orders.

It does not describe the actions of someone who started a private mercenary company in order to make money. Which is a generous interpretation, since Prince has also been accused of holding a religious belief in killing Muslims.

Whatever you say about Bush and Cheney’s motives—and there’s much to say—they are not Prince’s motives. His motives, and responsibility, are his own.


No objection to that, but someone still had to hire the mercenary company.

Agreed! Plenty of blame to go around.

When I was younger, I held a lot of anger at Bush, Cheney, and other ideologues whose belief in the righteousness of their cause allowed them to ignore the evidence (no WMDs, no terrorist links), logic (the strategic costs of invasion), or ethics (torture, civilian deaths).

Now, though, I find myself a little bit more sympathetic to them: in recent years, American politics have been warped by non-believers—non-believers in democracy, in law, in any cause other than their own power and enrichment. Bush, Cheney, even Rumsfeld, seem to me to be smugly mistaken believers in the justness of their cause, but that’s still a cause other than their own personal power.

Erik Prince, in my view—discounting the lurid (but potentially true!) allegations that he believed he was fighting a Christian crusade against non-believers—is a foreshadowing of the Trump era, a privileged and wealthy man wrapping himself in the flag to hide his cynical interest in nothing more than making even more money, in absolutely any way possible.

Hard to say what’s worse, of course, but there’s certainly variety.


That is a hilarious security report.

1. They are selling a "secure" phone, but it only reviews their mobile apps.

2. They are testing their mobile apps according to the Open Web Application Security Project (OWASP) TOP 10. They are mobile apps, not web apps.

3. OWASP TOP 10 is advertised by OWASP as the "first step towards changing the software development culture within your organization into one that produces more secure code". Conformance does not mean security, it means the first step toward security.

It is like applying to a professorship in physics and your entire resume is that you once got a gold star on a elementary school arithmetic exam.


I have met CSO's who are similarly confused about what OWASP Top 10 actually means.

To be fair, OWASP does publish some excellent frameworks focused on enhancing broad-based organizational security posture, like their SAMM (Software Assurance Maturity Model) project:

https://owaspsamm.org/


How to prove your product is secure:

1. Pay for a minimal test.

2. Minimal test does not find anything.

3. Tada! Your product is secure. Put the report on your website!


> One thing this phone has going for it is that it is, at its core, an Android phone. There is a chance the device itself may not be unusable after just a few years even if the company disappears. That is not the case for a comparable product like the Purism Librem 5.

PostmarketOS supports the Librem 5: https://wiki.postmarketos.org/wiki/Devices and other Linux Distros have support for the Librem 5. Given how often random Android devices show up and never get supported after they are first released, I would argue the exact opposite. This phone will likely be unsupported after a few years even if the company stays around, whereas the Librem 5 will be supported even if the company goes under.


Thanks! I will correct this.

I always assume whoever is selling the super secure phone is listening in on the super secure communications.

I saw Greenwald getting hammered all over Twitter yesterday for getting associated with this phone and was also surprised after looking into them. Amazing that he had no actual connection to it after all...

“A lie can travel around the world and back again while the truth is lacing up its boots.” - Mark Twain


The irony of that quote is that there’s no evidence Mark Twain ever said it. ;)

https://www.nytimes.com/2017/04/26/books/famous-misquotation...


I always thought it was a Pratchett quote

> “government-grade” security, whatever that means

It means a back door so the USA can crack your phone as conveniently as possible


Completely off topic, but the title reminded me of something that happened when my son was about 9yo. One day he comes in and asks me what the holes in the walls were for? Holes? What holes? So he brings me over and points at an empty phone jack. I said, "Oh! That's to plug in a phone, we don't use them." He nodded in understanding and went back to his room. A little while later he comes back with an iPhone, charge cable attached, and says, "I can't get it to work..." It was adorable. I explained that I was talking about old phones, like the ones at his abuela's house. He said, "Oh." and of course immediately lost interest.

You can see why I was reminded of it. It was, literally, an "unplugged phone mystery." I was half expecting to read a similar story. :-)


Nice find on the Unplugged <--> Liberty Phone connection. As I suspected, this is yet another example of a company looking to make a quick buck from people who want to "stick it to big tech" while hilariously trying to hide the fact they're white labeling an obscure phone made by a Chinese ODM and shipping a totally-not-AOSP fork (while claiming they're independent from Google, lol).

PR people claiming endorsements/appearances by public figures before the contract is agreed happens pretty often.

A friend recently found they were listed as a speaker at some event they had rejected a speaking gig at twice. The event people keep offering them increasingly large sums of money to show - they don't want to lose face. My guy is still saying nope.


Darknet Diaries podcast episode 105 tells a cautionary story about these dedicated secure phones.

Legal | privacy