QSAplha offers a secure ecosystem that promises to keep your data all yours
Protecting your precious personal data has never been more important. Our smartphones can contain not just our address book, but our banking information, credit card accounts and personal information moves in and out of our phones all the time, and it's important to secure it all as best we can.
A company named QSAlpha thinks they can help. They are developing the Quasar IV — and Android-based smartphone that will protect all of your data with what they are calling "unprecedented" encryption. Phone calls, SMS messages, application data, email and everything else moving in and out of your device with public and private keys for each user from 16x16x4 (16 to the power of 16 to the power of 4) three-dimensional matrices. This verifies and protects the user's identity, and makes sure the data going in and out is what it's supposed to be, and going where it's supposed to go.
This is done through a high-security ecosystem known as QuaWorks. QuaWorks consists of three parts — the Qua Store, a secure marketplace for applications; Qua Cloud storage which offers encrypted file storage; and Quatrix, which is the proprietary system used for all the encryption.
All this will be free of charge for users with the Quasar IV, and they expect to launch in June 2014 (April 2014 for backers). We'll definitely have a good look at the platform when and if it launches, but a lot of that will depend on the success of the Indiegogo campaign. You can follow the source links to learn more, and the full press release is after the break.
QSAlpha Launches Quasar IV Cipherphone, Offering Unprecedented Security, Via Indiegogo Campaign
Calls, Messages, Email, Even Cloud Storage are Protected Behind QSAlpha’s Patent-Pending Quatrix™ Trusted-Authentication Technology
SAN FRANCISCO, CA — (September 17, 2013) — QSAlpha (QSα), developer of advanced digital security solutions for mobile device users, today announced the launch of an Indiegogo crowdfunding campaign for its new ultra-secure Quasar IV cipherphone. As the gateway to a new security ecosystem powered by Quatrix™ technology, the Quasar IV cipherphone lets mobile device users access and protect their entire digital world—phone calls, email, mobile apps, SMS, cloud storage and more—using Quatrix™, the world’s most advanced trusted-authentication technology.
Quasar IV, an Android device, opens huge new possibilities in mobile security that far surpasses conventional forms of protection. Digital identity theft, particularly through mobile devices, is shockingly prevalent. In 2012 alone, Americans suffered over $20 billion in financial losses to identity thieves. Quasar IV helps to eliminate these losses by giving users exclusive access to QSα’s high-security ecosystem known as QuaWorks. Elements of the ecosystem include:
- QuaStore, the world’s most advanced trusted-authentication based application platform, featuring apps that are digitally signed by the original developers to ensure they are free from the widespread malware and viruses that disrupt mobile phone use.
- QuaCloud storage, available to Quasar IV users, safeguarded by QSα’s revolutionary self-authenticated matrix technology.
- Quatrix™, the proprietary encryption technology of the QuaWorks ecosystem. Quatrix™ generates a pair of public and private keys for each user from 16^16^4 three-dimensional matrices, certifying the user’s unique identity and protecting the transmission of information. With 1077 public and private key pairs available, Quatrix can provide digital identities for the entire global cyberspace population.
“Anytime people exchange data through their smartphones, they take a risk. Unsecured mobile data and applications are the biggest dangers facing the digital world today,” said Steve Chao, founder and CEO of QSα. “Quasar IV and the Quatrix™ technology are capable of solving this massive problem, protecting users from identity thieves, intruders, even uninvited surveillance. We’re confident that the Quasar IV cipherphone addresses the needs of the mass market for ultra-strong security, which is why we’ve initiated this crowdfunding campaign.”
Authenticate Your Digital World
Through the apps in the QuaWorks ecosystem, Quasar IV users are able to make VoIP calls, as well as send/receive emails and text messages, using the revolutionary Quatrix™ trusted-authentication technology. Conventional smartphones authenticate data via public key infrastructure, which are stored online. No matter how many times a user changes passwords, thieves and other unauthorized entities can impersonate a user’s identity if they gain control over the third party authentication server.
Quasar IV, by contrast, uses a seed public matrix stored on the user’s phone to compute and authenticate both ends of any communication event. The seed public matrix functions as a mediator, verifying the two identities and ensuring privacy for texts, emails, file transmissions and voice calls.
“If at all possible, cracking just one private and public key combination would be extremely difficult,” noted Chao. “This is how Quasar IV, Quatrix™ and QuaWorks differ from any mobile security solution in the market.”
Access to QSAlpha’s QuaWorks ecosystem of base security solutions will be free of charge to Quasar IV cipherphone users. The Quasar IV cipherphone and QuaWorks ecosystem are expected to debut in April, 2014.
For further details on Quasar IV and QSα’s full range of advanced digital security solutions for mobile device users, visit www.qsalpha.com. For further details on the Indiegogo campaign, visit Indigogo.
So I read through this campaign and it's pretty fascinating from a technology standpoint, but I don't have any interest in buying a new phone this early in its development phase without more details on the OS (will it support the Play Store?), and too often the prototype hardware changes dramatically as final hardware. Bottom line is no hurry for me on this, I'm content to wait and see if they get funded, then read the reviews in June ... of 2015 :)
The Name Quasare is a very popular name for a software. We have dev Quasare Quantum core Encryption key by our company.! Best regards Encryptit.se
Not to be a "downer" but this still does not protect us from the most prevalent or common way data is made Unsecured: "OURSELVES"
Yeah, human error accounts for over 80%, of why things go wrong. Posted via Android Central App
Silly human it's actually 83.6785756844574446557455478868644357321111345435654578655785674323899043388447932787447795773%
It is a matter of time until someone find a way to decrypt data. With the unlimited supply of resources within each government around the world, I am not buying into these expensive "super secure" hype.
There is no such thing as an "unlimited supply of resources".
If it is done right (not saying this one is right or wrong at this stage) creating a very secure encryption stack is not a huge deal. You simply need to create an environment without any 'back doors' (intended or not) such that the amount of computing power needed to decrypt the data absent the keys would be so large that it would make it impractical during the time period that you needed the data to be private. For example, if you are encrypting a credit card number and exp. date you might make the call that it needs to remain private for 3 years - after which if someone could brute force crack your cipher it would be of little value to them as the number would have already expired. If you calculate that given today's most powerful computers it would take 6,000 years to break the cipher and you expect computer power to increase by 10x each year then in three years it would take something like 6 years to break the cipher leaving you well within the margin of safety. Of course the longer you need to keep a secret and the more likely that the people who have access to very powerful computers want to know that secret the more extreme your cipher needs to be. Finally, all of this is predicated on the ability to protect the keys for the duration of the time you want to keep your secret!
The system still relies on a trust-based infrastructure which we've seen lately is useless when the government can strong-arm corporations into providing keys and backdoors. This problem is made worse by closed-source software. Open-source security software, though not perfect, is our only hedge against theft of our private data from all parties.
I have to agree 100%. Without the ability to inspect every aspect the software and hardware it is not possible to know if a system/application is secure or how secure it is. Closed source, by definition, must be assumed to be insecure as it can never be proven to be secure.
It took a lot of digging around to find that this company’s head office is based in San Francisco, USA. So right away, we can assume they will fall under the NSA's thumb. They could be forced to put code in the system that allows government spying. Plus the fact that they use a special chip set to do the encryption means that this chip is subject to having a backdoor. It will no doubt be manufactured in China or, maybe South Korea, but in either case there are governments that will lean on the manufacturer to backdoor any encryption capabilities. The best you can hope for is a phone that could send email and text messages, and maybe encrypted voice to similar devices, for business sensitive use cases. You would have to assume someone is listening. Even if they hand you the source code, you can't be sure they don't upload your private key somewhere. Oh, and Am I the only one that thinks this phone looks like it was designed by Volvo?
That's why asymmetrical keys are the way to go.
+1 on designed by Volvo
What good is all this encryption unless the other endpoint of your communication is using the same thing? Okay, so you can store your data securely, using this phone + their Cloud. But, your SMS, email, etc. is not much good to you unless it goes to or comes from somewhere. Is the other end going to be using this same phone?? Besides, what good is any of it if some nefarious entity, engaging in criminal activity (e.g. the NSA) can compromise the hardware the phone is built with to put in back doors which they (and anyone else) can exploit to gather your data before it's encrypted or after it's decrypted? Unless QSa designs AND builds ALL the hardware (and software) that goes into this device, how do they even KNOW that the device isn't already compromised? And even if they do, how do we consumers KNOW that we can believe them?
Just to address your first question. Their internal suite of applications is to be used on both ends for secure communication. So yes, both parties would need to be running at minimum the same software and at worst the same hardware too.
I know. The point was, though a lot of us geeks may want this kind of thing, how many of the people we communicate with would be likely to buy one? I'm thinking not many. The people who need this level of privacy and would, thus, buy these devices for all in their "party" to use are likely to be many of the exact same people the NSA (or others) would want to monitor. Which brings me back to my second point from earlier. Who would actually buy one of these believing that the NSA (or somebody else) hasn't forced the manufacturer of the phone or one of the suppliers of key components to build in a back door? All it would take is to compromise the touch screen capture hardware to provide a back door for somebody to capture everything the user typed on the screen. And, of course, there are MANY more ways to compromise the device than just the touch screen input hardware.
Header just below the image reads "QSAplha offers a secure ecosystem..."
Should read "QSAlpha offers a secure ecosystem..." Interesting concept.
But will it have a microsd card and removable battery? Posted from my brand new, super slim, gorgeous red Droid Ultra
I believe it stated in the indigogo page that it did have a microsd card slot. Posted via Android Central App
Get the best of Android Central in in your inbox, every day!
Thank you for signing up to Android Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.