DIY Secure Phone for Private Line
An inexpensive and secure alternative to expensive "black" phones
You have some important things you are working on with your team. Maybe it’s a patent application for a new technology, or something you need to be absolutely sure is kept private even though you are communicating over a distance.
The main thing is you need something that has never touched the internet or public phone networks. Even so called “black phones” use the regular phone systemThe best solution we found to date is a DIY “Bat Phone”. You can buy the phone reconditioned from online resellers like Amazon and the software you’ll use is free (but there may be a network access charge in the future). The advantage of this kind of device is it’ll be able to be upgraded via eSIM to Private Line’s forthcoming private cell network (powered by ATT).
This phone will be used only for the most important calls, so you will never connect it directly to the internet (it will be firewalled and only run privateLINE apps).
If you would like to upgrade your security, please visit privateline.io and sign up for the free ALPHA.
This is how you do it in a nutshell:
Get an UNLOCKED reconditioned Google Pixel phone. We like the 6a because is the best value and supported for a number of years going forward. There are newer and better phones, but this one does the job at the lowest cost, currently about $200 +/- on Amazon. We’re also testing pixel 7 and other models.
You will be installing the secure Graphene OS, which wipes out Android and the existing firmware. I used a current Macbook pro, but Windows machines also work. You will go to a web page at this site:
https://grapheneos.org/install/web
This is a great explainer video. Be sure you have a very good condition cable, as a bad cable will waste a lot of your time. Be sure to carefully follow the directions in the video
Once Graphene is installed, you will need to configure your new phone. Be sure to never charge from a device like a laptop, only use a dedicated wall charger and never connect to the internet directly via any USB cable.
Make a USB stick with all the apps you will need on your Bat Phone. I recommend putting the privateLINE app on the USB: PL Comms, PL Auth, and PL Meet. Brave browser is also a good choice, though Graphene comes with Vanadium browser, which is also pretty good. Get those apps from the privateline.io web site (so you won’t leave any footprints on the Play store) and from the Brave web site. Use a different machine that is connected to the internet to download. Once on the USB stick, move that to the Graphene phone, insert the stick and grant permssions (Settings—> Security—> USB. USB peripheral should be set to Allow New USB Peripherals. USB-C port should be set to ON. Go to FILES, then choose the hamburger in the upper left. You should see the memory stick connect in the Files app on the phone (note: low end USB sticks may not connect and always use a new one that hasn’t been used with many devices).
BE SURE TO CHANGE THE SETTINGS BACK TO BLOCK USB DEVICES ONCE YOU FINISH COPYING SOFTWARE TO THE PHONE, to maintain security for your device.
NEVER use biometric security. People are losing fingers to crooks who want access and courts have ruled the police can forcibly use your finger to open your phone. Biometrics are a terrible idea for security.
Be sure to always keep your phone TURNED OFF when not in use, as Pixel phones are known for poor battery life. You want to keep hackers away from the device, so be sure to keep it in a Faraday bag like this inexpensive one from Amazon:
https://www.amazon.com/gp/product/B0B4DPXC5S/ref=ppx_yo_dt_b_search_asin_title?ie=UTF8
Good luck with your new Bat Phone!
Here are some instructions on best practices on how to use your new “Bat Phone” and keep it off the internet.
**************
Keep the device powered off when not in use. It’s harder to attack a powered down device. Bluetooth can still function for several hours as a “find my phone” feature on Android/Graphene devices. This is also true for iphones in case you were wondering.
Keep the device inside the sealed faraday bag. Most signals won’t be able to reach the device, maintaining security. NOTE: most common faraday bags will stop signals down to 800 Mhz. There are other tracking systems that use lower, more penetrative frequencies.
Use the “Bat Phone” for important calls only. Every time you connect to something, you run the risk of an attack.
Use a different wifi location each time you call. This might not be convenient, but cafes out of your area or open wifi not at your home base are best. Many wifi are monitored, so the fewer connections, the better. Leave your regular phone at home, it will be tracked with you and used to ID the “Bat Phone” when you connect that device.
Create a dedicated account for your “Bat Phone”. Only connect with the most important people who care about their personal safety and security and keep the account private.
Erase text messages after they have been received and viewed by the recipient.
Minimize groups. Keep calls to one to one if possible.
Only connect with others who are using a “Bat Phone”. In the future we will have tools to help you know the security status of the device you are connecting to. (i.e. Blue for private phone and private cell network, Green for regular phone)
Move away from other devices that are not secure, anything with a camera, microphone or wifi/Bluetooth capability. Microphones are very sensitive and can pickup conversations up to 10 offices away. Use an ultrasonic microphone jammer like this one from aliexpress near the other devices to overwhelm their mics.