Tuesday, December 01, 2020

The Armadillo Phone - A Security Review

Dear blog readers,

As many of you know I've joined forces with Team Armadillo Phone in the fight against cybercriminals including nation-state and rogue and malicious including possibly fraudulent cyber adversaries for the position of Security Blogger in 2019 and I wanted to say big thanks to COO Rob Chaboyer and CEO Kelaghn Noy for bringing me on board and for initiating a series of video conversations to better help them understand my motivation for joining the company and what exactly I can bring on board.

Among my first responsibilities were to possibly include an actual Security Audit and actual Security Advice and Recommendation including practical implementation advice on new Privacy and Security themed related features actual reaching out to current and future customers including active posting of new and innovative Security Research at the company's blog.

In this post I'll provide an in-depth Security Review of the Armadillo Phone in terms of Privacy and Security features including their relevance and importance in today's modern cyber threat adversaries dominated Internet-based communication ecosystem including an in-depth introduction into some of the key features that I might be definitely looking forward to implementing and offering practical advice on in terms of new Privacy and Security features that might greatly assist new and future customers on their way to achieve a decent degree of Privacy and Security in their Internet-based communications.

Key Features of the Device include:

- Tamper-Resistant Packing
- Device Inspection
- Secure Hardware
- Multiple Passwords
- Zero Day Protection
- Security Peripherals

Among my key proposals that I sincerely hope will eventually make their place on COO Rob Chaboyer and CEO Kelaghn Noy's desk are:
  • Security Researcher Working Space or a Security Module - the basic idea here would be to offer a built-in full-disclosure reader application including automatic subscription to major and popular Information Security and Hacking Mailing Lists.
  • Built-in RSS Reader - the main idea here would be offer Armadillo Phone users to ability to take advantage of a built-in RSS reader with pre-defined set of major and high-profile Security and Provicacy Content Providers
  • Security and Privacy Including National-Security Journalists' Opt-In Directory - have you ever wanted to directly reach out to a high-profile Security Privacy or National Security type of journalist for the purpose of sharing with them your opinion on a particular piece of to actually share a news tip? This is the main purpose behind this particular feature.
  • Covert Channels - the main purpose behind this features is to allow Armadillo Phone users in particular journalists or hacktivists the opportunity to secure and convertly transmit information that's basically impossible to track down intercept
  • Steganography - the main purpose behind this feature is to allow Armadillo Phone users with the opportunity to use an alternative secure communication channel that's basically impossible to intercept track down and censor
Key Security and Privacy Features of the Device include:
  • AES-256-XTS block-level FDE
  • Block-level FDE instead of Android's file-based encryption
  • Scrypt work factors increased
  • Minimum 8-character alphanumeric password
  • Completely software-based
  • Keymaster and gatekeeper disabled
  • Normal password for deniable encryption
  • Secret password stored at randomized offset
  • Secret volume is hidden inside unused portion of decoy data
  • Wipe password in footer to erase device
  • Separate lockscreen password
  • Password verification order randomized at runtime to prevent timing attacks 
  • Enhanced KASLR and userland ASLR
  • Increased ASLR entropy
  • Several PaX patches ported
  • Zygote uses exec() spawning instead of fork()
  • Improved SELinux rules
  • Hardened malloc implementation
  • Stack and heap canaries detect overflows
  • Enhanced FORTIFY_SOURCE implementation
  • Function pointer protection
  • Restrictive compile-time sanitization
  • Additional attack surface reduction
  • All connections made using pinned TLS 1.2 connections with high-entropy 4096-bit certificates
  • Metadata can be further protected by enabling optional VPN
  • Verify encryption keys using manual verification, QR code, SMP or NFC
  • Chat uses OMEMO encryption
  • Email uses PGP encryption
  • Email uses randomized subjects
  • Email uses encrypted connection to keyserver and mailserver
  • Email requires 4096-bit PGP keys
  • Radio Sentinel: Monitors WiFi networks for ARP poisoning. Monitors cellular networks for 2G networks, performs sanity checks and compares cellular towers to a database of known network
  • RAM Sentinel: Monitors temperature to prevent cold-boot attacks
  • Theft Sentinel: Connects to anti-theft beacon over BLE, alarms both beacon and phone if disconnected. If phone isn't unlocked or beacon isn't reconnected within 5 minutes the phone will shutdown. 
Based on my current experience with the device which I've recently started using for the purpose of keeping in touch with friends and colleagues I can easily say that this is one of the most advanced and technically sophisticated mobile security device that can be easily obtained from here and I sincerely hope that my research and security knowledge and technical knowledge expertise will prove highly valuable to what the Team at Armadillo Phone are currently doing.

Stay tuned!