This is another post in the Saturday Business Idea series.
Who cares about privacy? It’s either nerdy losers or criminals that worry about it. Well-adjusted social jocks like you and I… We don’t care. We have nothing to hide.
So if we want to make millions selling a “privacy phone”, let’s market it differently. Let’s make it all about simplicity and productivity, something you and I care about. It should support email, selected messengers, to-do lists, and even new productivity apps like Notion. Let’s call it “Numinous Phone” as a placeholder, but please don’t hesitate to use a different name.
A close friend told me criminals love to get fooled by fake privacy technology, often operated in the background by law enforcement. Just take the drug dealers who openly communicated about their transactions via EncroChat, ANOM, and SkyECC.
We don’t want our phone limited to such a small, and frankly distasteful market. We should make the Numinous Phone cheap. Let’s keep it under 200 dollars, where 50 dollars is the bounty you ideally get to keep (more on this below). There is no need for the highest definition screen or the best-in-class camera: It should have basic, quality hardware with secure enclaves and run on a privacy-focused instance of Android with only access to a select, but growing number of apps “stamped for productivity” (meaning an app-specific bounty phrase has been integrated).
We don’t care about privacy in tech, but then again, a star like Jennifer Lawrence was the victim of the Fappening during the height of her coolness, and it likely took a King to hack Jeff Bezos’ device. Maybe we pure-minded, definitely-never-weirdstuff-searching all-rounders should still develop a slight appreciation for privacy. You know, just in case on the way to the top, we have a few slip-ups here and there that can befall even spotless mavens like ourselves in this wild world.
Privacy intellectual mumbo-jumbo
Whatsapp, Telegram, and Signal all pride themselves on some version of end-to-end privacy. But do we understand how they accomplish this privacy? Sure: A polymath like you might. But what about the average user?
And let’s get real pompous for a moment: Intelligence agencies are believed to be stockpiling zero-day exploits. So they might know a backdoor into your iPhone camera roll and not use it for years, but keep it nicely stowed away until the day they want to check your post-shower mirror selfies for national security reasons. Since the vulnerability hasn’t been actively abused, not even Apple or Samsung might know about it, so it doesn’t get fixed.
So on a messenger level privacy might be a given, but most users have to rely on brand, word of mouth, and expert opinions to trust their messages are secure. And on a device level, it becomes much more tricky: There are so many attack angles that even tech genius Jeff Bezos can’t keep track.
Mom and pop privacy with bounty phrases
Is there a way to have device-level privacy that we can be confident about without listening to techno babble? You know, “mom and pop privacy” or as Hillary Clinton might call it “everyday-American privacy”?
Yes. You put 50 dollars on your phone for anyone to steal. If someone sees your emails, there is one, top of inbox, with a secret phrase to steal your 50 dollars. If someone sees your WhatsApp messages there is another message with a secret phrase, also to steal your 50 dollars. If someone gets into your home screen, there is a secret phrase embedded in your background image to steal your 50 dollars. Each secret phrase is in a place where you can see it. With a few steps you can even change each phrase if you wish.
The beauty? Thanks to multiple keys being able to access your 50 dollars and each secret phrase being different, if one day you wake up and your 50 dollars are gone, you know which key was used and you know that (at least) that particular app is compromised.
Mom and pop can see their 50 dollars are there. Thanks to their bounty phrases, they don’t need to learn cryptography to check whether their messages are systematically private.
Why it works
Switzerland used to be a tax haven for wealthy people around the world, thanks to their strict bank secrecy laws: According to Article 47 of the Swiss Banking Law, individuals breaching bank-client privacy would face fines and imprisonment. It was serious.
That didn’t stop multiple bank employees over the years to steal banking data, mainly of German evaders, flee to Germany and sell those CDs for amounts like 3.5 million euros a pop (before taxes) to the German government. And while the German government would afford the leakers protections, they could forget getting their old job back and should avoid passing through Switzerland on their next drive to Italy.
Now, who is more technologically capable, and earns less than a Swiss bank employee? The answer is: Agents at intelligence agencies.
If there is an exploit of the Numinous Phone, those 50 dollar bounties in Bitcoin on each device are there for the taking for any one agent that knows the vulnerability.
Say there were only a measly 100,000 devices sold even though we made our Numinous Phone cheap and attractive: That’s 5 million dollars up for the taking. More than one could get for a Swiss bank CD these days.
The best part for our smart agent is that she knows how to make the transaction anonymous. She can just stash the winnings away for the time being and continue her job and life as usual. No need to escape to “Germany”: She just needs to be quick enough before her annoying colleague pulls the trigger, sacking the 5 Mill for himself.
Open issues
The Numinous Phone bounty phrases are possible with today’s technology, as private keys can be created for bitcoin wallets that are a hash of the bounty phrase with another code that is likely a public identifier of the specific phone. All the phrases on one phone can access the same 50 dollars by using a multisig wallet structure. The key thing is: Bounty phrases work.
Let’s entertain some initial issues to be dealt with nonetheless:
Bitcoin transactions are too expensive and phones being drained would be one transaction each: Too slow, too expensive.
There are multiple ways to tackle this. For example: Each phone can be a node in a large lightning network and draining it from a node in the network would cost a fraction of a cent and be lightning fast.
We could also use another crypto rather than BTC, but I believe this would add unnecessary risks and complexity.
If there is a hack, and the money is gone, the security is also gone.
This is true: A hack where your 50 dollars disappear is a much bigger headache than just your 50 dollars disappearing. It means the phone’s security failed. At least you know about it now. I believe the Numinous Phone Company should reimburse everyone’s new wallets after the vulnerabilities are fixed so that users can rely on the bounty phrase system again.
The Bezos situation: If I want to see
’s writing drafts, I might check his phone’s access code when he types it in in the subway, and I might refuse to steal the 50 dollars so that I can keep consuming his notes.Let’s call this the Bezos situation: Hackers work for special access to one, high-value target’s phone.
A potential solution: If I was
I’d put at least $10k in my bounty wallet. (And if I was , maybe a few dollars more, given that grisly search history). Maybe for such high-profile cases, a multi-layer approach makes sense: You have to get to the bounty layer first before you have a chance to access the layer where sensitive data is stored.
But we’re losing the hardworking folks who make an honest living, so let’s get back to business.
Did anyone say Apple?
Did you know there are 1.3 billion iPhone users in the world?
Apple prides itself on its walled garden of user experience and protection: A 1 dollar bounty wallet on each phone would be more than enough to make us feel safe in this garden in a way we understand, as a hacker collecting the bounty would stand to make up to a billion dollars. Apple has 67 billion dollars in cash and cash equivalents. It can finance the first bounty in its next software update.
Now, Apple might (shockingly) not go for this idea. It is there for the taking, so enjoy making millions.
i evaluated the options
iPhone - into the sea
Pixel whatever - into the sea
a tinny useless A01 or 10 - into the sea
the massad is renting crack software to the nsa
..what was the name...unicorn?, no...bah, you can look it up, anyway
if you have a phone
and they want in
they get in
it's indecent
i throw stuff in their way because its indecent
you can't make it easy