XStealth Hardware Security

There is a kill switch to self-destruct on command even if the phone is turned off. As no other secure phones, XStealth USB port is protected by our well known volatile security filters: any attempt to connect the device to any other external device (no matter if PC, service box or forensic grade equipment), other than its own paired charger, will trigger a self-nuke mechanism that literally fry the whole motherboard in the same way as USB Kill work. Anti-tamper JTAG protection is also implemented: serial communications interface for low-overhead access without requiring direct external access to the system address and data buses are disabled by default at serial interface level.

XStealth Phones use a Tamper-Resistant Platform: any unauthorized attempts to connect the phone to any external device will delete the keys that encrypt all sensitive data. A remote wipe function is also available. Authentication to login to the phone uses multi-factor (MFA) technology, like voice biometrics and facial recognition. Due to security risks involved by fingerprint recognition login, this option has been removed. Trusted Execution Environment (TEE) uses encrypted memory and includes a hardware random number generator. Communication between the Secure Environment and the application processor is isolated to an interrupt-driven mailbox and shared memory data buffers. There is also installed a Data Execution Prevention (DEP) technology to mitigate memory-based attacks. This defensive technology dramatically narrows the attack surface area for memory related exploits by preventing code from being executable in sections of memory that have specifically allocated for read only data. DEP support is a critically important defense when used in conjunction with Address Space Layout Randomization (ASLR). These core improvements make it more difficult for spyware to perform buffer overflow, heap spraying, and other low-level attacks. Therefore, even if an attacker succeeds in loading the spyware code into memory, the spyware code will not execute.

XStealth Phones are not susceptible to side channel attacks, including various forms of power analysis attacks to ensure the protection of cryptographic keys. XStealth Phones have the ability to execute a secure boot based on using a hardware root of trust for checking and storing hashes or signatures of firmware and other software loaded starting with the initial BIOS. XStealth Phones have separates CPU from Cellular Baseband, preventing this way external manipulation by baseband attacks.

XStealth Security

XStealth Software Security

Today too many apps are engineered to collect and disseminate enormous amounts of user data—such as location, Web browsing histories, device-unique IDs, search terms, and contact lists – data they often simply don’t need. Some app providers also try to obfuscate their data collection functions to get around restrictions by marketplaces such as Apple’s that are intended to prevent abuse of APIs and ensure better privacy for users. For example, researchers have recently discovered hundreds of apps in the App Store that extract personally identifiable user information via private APIs that Apple has forbidden them from calling. The abuser that was singled out – a Chinese mobile advertising developer called Youmi – used simple obfuscation techniques and dynamic linking to get around the application vetting checks performed by Apple. Same for Android platform, on weaker Google Play Store.
XStealth Phones runs a special version of the Android operating system—XROM—that blocks many of the ways phones leak data about your activities. XROM is an Android fork developed by XCell Technologies; it uses Google’s code for the underlying platform but skips Google Services in the same way Amazon’s FireOS does. The connection between XROM and software applications is filtered by Secure X-OS bridge, keeping both firmware and software applications away from exploits. Obfuscated code is adding an extra protection layer.
XStealth Phones does have Android trackers disabled by default, leaving no traces on Internet. XStealth Phones comes with preinstalled generic applications which we have modified certain features (like removing back doors used by law enforcement and some security flaws), adding a plus of security and privacy (especially for Yahoo and Hotmail clients). This is why we have blocked any OTA software update which can restore security issues. Software updates usually refer to compatibility with new Android versions, which is not our case and will not impact application workflow.

Antivirus apps and software updates

The XROM firmware is safe by default: no other software applications can be installed by the phone user (who is holding the phone) or remotely, by obscure third parties or abusive law enforcement agencies. Therefore, no anti-virus software is required. In addition, XStealth Phone does not perform OTA firmware / software updates that could lead to remote exploits. You need to understand our point of view and hopefully reconsider your approach when it comes to mobile security: XStealth Phones are not aimed at the average user. All of our stealth phones are designed for professional use: intelligence agencies, law enforcement, and homeland security. All of the above do not rely on encryption when it comes to secure communications, for one simple reason: All of the above have legal access and get the information they need using backdoors provided directly by the software developers . If there is no collaboration with the developers, then they will use other effective methods of gaining access to relevant information than those used by hackers. There are many companies that offer a variety of methods to break into any system such as computers and cell phones. FinFisher is one of them: “Our deployment methods and exploitation solutions cover the latest PCs, smartphones, tablets and most common operating systems.” “FinFisher can be secretly installed on the target person’s phones by exploiting security loopholes in the update procedures of unsuspicious software.” “The software suite, which the company calls” Remote Monitoring and Deployment Solutions “, is able to take control of the target phones and even capture encrypted data and communications. With” advanced remote deployment methods “can they install software on the target phones. ” FinFisher malware is installed in a number of ways, including fake software updates and security holes in popular software. Sometimes the surveillance suite is installed after the target accepts to install a fake update for frequently used software. The software, designed to evade detection by anti-virus software, has versions that work on all major brands of cell phones.

FinSpy is a field-proven remote monitoring solution that enables governments to master the current challenges in monitoring mobile and security-relevant target persons who regularly change their location, use encrypted and anonymous communication channels and are abroad. FinSpy bypasses 40 regularly tested antivirus systems. So there is no point in installing an antivirus program. XCell Technologies has chosen another effective solution to bypass the installation of malware and malicious software.

Please also watch this short film about mobile remote monitoring by “updating” a BlackBerry mobile phone application: https://www.youtube.com/watch?v=n5ZJUXweayo

Worse still, even a less skilled hacker can easily remotely install a spy application on a cell phone that no antivirus program can detect using the same “software update” process: https://www.youtube.com/ watch? v = LicdrZwmHQo 

There is a FinSpy detection algorithm installed deep in the XROM firmware that not only detects any attempted break-in, but also blocks any code execution.

Encrypted boot loaders are available as a standard option.

XStealth Phones also use SIM Toolkit Inhibitor, a blocker for remote code execution via SIM Toolkit (typically used by both network operators and law enforcement agencies).

XStealth Phones use adaptive security defenses because they are ultra-secure and adaptive [personal] smartphones: we install any software application requested by the buyer before delivery, but only after a comprehensive security audit has been carried out. We refuse to pre-install any applications that could compromise user privacy and security, as well as phone functionality. No File Explorer will be installed, nor will forensic clients or modified applications.

There are also things that we will not make publicly available, such as: B. the encryption algorithms used and the source code of the firmware, simply because it will be easier for any script analyst to crack the encryption if the encryption algorithms used are known.

Also, user controlled source code is not an option for XStealth phones: that could be a great opportunity for hackers and government controlled entities to find exploits, remote installation / RAT or spyware which ultimately does not result in security.