For $500, the “Freedom Phone” promises self-proclaimed U.S. patriots great digital independence. Crypto traders who use Bitsgap know the creator: Bitcoin millionaire Eric Finman.
Its advantage is advertised with the fact that there is no “censorship”. This is what the app of the right-wing network Parler was considered to be when it was kicked out of Google Play and the App Store due to excessive hate speech. It can now be found in the latter catalog again.
Judging by the technology, however, buyers here pay a high price for a phone based on an entry-level model from the Chinese medium-sized company Umidigi. Specifically, the Umidigi A9 Pro, which is traded for $100 to $150.
This is one of the reasons why security experts warned against purchasing the phone in the past. Now another reason has become known, why one should rather stay away from the Freedom Phone.
The encrypted messenger Signal is pre-installed on the phone. What could actually be seen as a plus, turns out to be a problem when you take a closer look. Because it is not the original.
(Not So) Clear Signal
Developer Matthew Garrett took a closer look at the phone’s software and discovered that it is a fork of Signal. Someone has cloned the source code of the project and is now developing their own variant based on it.
In this case, it is called “Clear Signal”. The name refers to the Android variant installed on the phone, which is called Clear OS.
If you try to open the privacy policy of Clear Signal, you will be disappointed. Instead, only a “404” error pops up, indicating that the website to be loaded does not exist.
The version number 5.8.14 also causes confusion. In the official release of Signal, version 5.9.0 followed 5.8.1 in the stable editions – there was also never a 5.8.14 in the beta branch.
Questionable Cloud Backup
Another distinguishing feature is found in the backup function. Those who want to back up their chats, for example to import them when switching to a new phone, can create such a backup on their old device and then copy it from there to the new one using a desktop computer or transfer it wirelessly directly via the app’s built-in transfer feature.
“Clear Signal”, on the other hand, also offers the option of a cloud backup, where the user’s own chat archive can be stored online and retrieved. The backup mechanism is to be a “Clear ID”, which, like ClearOS, is being developed by the Clear United project.
Whether the system works according to best practice and can guarantee adequate security is unclear and cannot be easily tested. Garrett found no evidence that the system had ever been subjected to a peer review.
“Health tuning through quantum entanglement”
These criticisms are compounded by other problems. Clear Signal, for example, does not perform a version check, which in the case of the original ensures that users of older Signal versions have to update for security reasons.
And the function that allows other users to invite themselves to the messenger also recommends registering with Clear United.
The interface responsible for this also throws out the associated email address at the Clear United service for every phone number you feed in, without requiring authentication. In addition, when the invitation link is generated, all names and phone numbers from the user’s own contacts are transferred without the user being informed.
Garrett is also critical of the Clear Foundation behind it. He describes the Clear United platform as a “multi-level marketing scam”.
