ANOM EXPOSED VS CIPHR
I did a comparison between both CIPHR and ANOM after receiving a message stating ANOM was this and this while CIPHR was able to be infiltrated (which is not TRUE) so I decided to do some of my own testing.
To deliberate let’s start with some answers to some of the statements made by ANOM:
– Yes Ciphr does use UEM but they are incorrect about an EXPLOIT being made by Blackberry as every update via UEM that is remotely pushed to the mobile device would need to be individually signed by the encrypted keys that Ciphr setup for their own infrastructure. Only Ciphr has access to these keys
– A Device is signed individually with it’s own set of keys derived from Ciphr and delivered via Blackberry UEM working in unison with the Samsung Knox Security System. Not even Blackberry can push updates without this signed key by Ciphr for applications running on Ciphr phones. Ciphr phones are also locked down with custom policies to prevent them from doing something without prior authorisation by Ciphr. This is an ENTERPRISE MILITARY GRADE Encrypted setup.
– Correct Ciphr does use the Stock Android Operating system with special Enterprise level Encryption and customisations on their network as well as their handsets which also include hardening making it one of the most secure handsets in the World. Custom group policies implemented by Ciphr also prevent access to anything other than the BLACKBERRY UEM Server which is a tunnel which then connects to the Ciphr Offshore Proxy Server via a secure and Encrypted Military Grade Encryption. Updates can only be authorised by Ciphr making it one of the most secure and locked hardened locked down handsets in the World. All applications must have authorisation from both Ciphr & their Enterprise grade policy level settings modified with the Ciphr Access Keys to access anything beyond the Blackberry UEM Firewall & the Ciphr Encrypted Offshore Servers. Even if Blackberry UEM was somehow compromised, due to Blackberry’s inability to sign with the Ciphr Encrypted Key then it would still not be possible to force compromised updates to any Ciphr devices whatsoever.
-ANOM this statement about Rooting is incorrect, Rooting is required to install a custom android operating system on any pixel device or android device any device unless it has been signed specifically by the handset manufacturer. Anom has initially rooted their device by simply unlocking the android boot loader which secures file integrity and then installed their own custom android operating system followed by locking the boot-loader again with their own keys, much like we have our own signed keys for using Blackberry UEM, ANOM has their own keys for the Operating System. According to my testing ANOM’s custom android OS unfortunately has many more evident flaws within it’s design and updates a lot less than the regular stock Android OS making it physically vulnerable if it were to get into the wrong hands not to mention it has no custom group policies or built in firewall to stop the android os operating system from accessing google remotely. In fact upon a visual DISPLAY of all telecommunication connections I was quite concerned to see the amount of IP addresses relating to many corporations within the 5 eyes Governments (Australia, USA, Canada, UK, NZ who share information with one another) and to make matters worse they were direct connections to the actual proxy servers etc giving me the ability to locate their remote offshore Romanian Server with an IP of 220.127.116.11:
org: “AS9009 M247 Ltd”
– ANOM is wrong to state that their Android Operating Systems purpose is built for Privacy and Security. Some google services are not removed or blocked by even a VPN or Firewall.
-This setup used by ANOM gives Google the ability to fingerprint their device and monitor it remotely in a DIRECT way with no safeguards in place at all via the internet. The ANOM device I tested professionally was actually in constant contact with Google servers which was quite concerning. The following IP’s 18.104.22.168 & 22.214.171.124 both lead back to Google servers in both NSW, Australia and California, USA.
– ANOM has a setup more vulnerable to attack as they don’t even use a secure VPN or FIREWALL to even safeguard the use of their APPLICATION remotely, that means imagine you were meeting up with someone like an EX-LOVER your partner may not approve of (much like a VPN protects you from outside entities seeing which websites or messaging systems you use) you would do this behind closed doors within the confides of a HOTEL room.
– With ANOM’s setup imagine meeting up with that particular EX-LOVER your partner didn’t approve in full public sight with no safeguards in place. Eavesdroppers who may be seeking to find ANOM users over the mobile telecommunications network. ANOM easily gives this information away when their phones are constantly BROADCASTING without the ANOM application even being opened on their devices to the following IP addresses 126.96.36.199, which leads to anom.io and then while using their service the following IP’s are leaked constantly as packets while using the application:
188.8.131.52 – amazon web server USA – Proxy
184.108.40.206 – Amazon Web Servers – Proxy
220.127.116.11 – Amazon Web Servers – Proxy
18.104.22.168 – Amazon Web Servers – Proxy
22.214.171.124 – Amazon Web Server USA – Proxy
126.96.36.199 – logs5.papertrailapp.com – Remote Logging App
188.8.131.52 – Google Servers
184.108.40.206 – Google Servers
220.127.116.11 – anom.io – This is shown without even opening up the application within Calculator
18.104.22.168 – Voiceping router (Used most likely for their Walkie Talkie Talk Function) – voicepingapp.com
– If for some particular reason an update server was somehow breached and malicious code was uploaded, it still would not make it to a CIPHR device as the update/application needs to be signed with the CIPHR keys before it can even be sent by Blackberry UEM Encrypted Server.
– Sky ECC can only be infiltrated from the INSIDE by a rogue employee who gave authorities access to the Sky Signed Certification Keys which gave authorities the ability to access the Sky System and locate their servers and push rogue updates without the Sky Developers knowing until the as it was officially signed with their certificates without their knowledge due to a rogue employee working on the inside.
– According to ANOM their statement “If our update server was hijacked as was the case with ENRO and SKY the attacker would not be able to install malicious code on the device. The same cannot be said for providers that use consumer grade operating systems managed by Blackberry UEM” is vastly incorrect.
— CIPHR runs both the Blackberry UEM VPN and their own Secure Encrypted Offshore Servers alongside Customised Enterprise Grade Work Policies which limits the devices functionality for both Enterprise Safety and Security. In fact much like what occurred with unfortunately ENROCHAT when their servers were infiltrated bypassing the Blackberry UEM altogether the same can easily be said for ANOM who don’t even use a VPN to safeguard anybody actually using ANOM. If you knew a person used ANOM you would easily be able to identify all users over the normal telecommunications network without decrypting any of their communications at all, something you cannot simply do with CIPHR let alone know that particular individual is actually using a CIPHR phone, true anonymity,
-ANOM have incorporated many features from already available apps such as the VOICEPING APP meaning you also have to rely on VOICE PING APP for securing your encrypted communications which works with their Walkie Talkie Functionality, there are a lot of similarities between that application and ANOM, something which appears to worry anyone if PRIVACY and ANONYMITY are your number 1 goal. With ANOM I was able to locate all of their PROXY servers including their MAIN servers with minimal ease, all operating within the 5 eyes alliance. About the only thing ANOM is good at is spreading misinformation without presenting the facts.
ANOM uses the following for their application:
– JIRA for tracking tasks as well as Q & A
– Wire Messenger (Free application like wickr) for Communication (Their head office is in the USA)
– Agile Development
– Jenkins for their builds when they push updates (Your relying on ANOM to secure your communications when they can’t even secure their own servers from eavesdropping).
– SQL Lite Database for storing USERS Information
– Now if ANOM is so serious about safety and security I would fix their entire setup which seems just as bad as a normal android handset running WICKR. If the authorities were to access ANOM’s server of 22.214.171.124 in ROMANIA which is a third world country that may state they take privacy seriously but as the old saying goes “shit walks, money talks” they could easily infiltrate their Offshore Romanian Server and install special hardware devices on those servers without ANOM’s knowledge.
Authorities could completely infiltrate every users devices as well as their operations and worse of all authorities would have the ability to decrypt and intercept their messages much like what occurred with ENROCHAT. . ANOM states they own the infrastructure but this couldn’t be further from the truth, they lease their servers off other entities meaning they do not have full control over their servers. Another way they could infiltrate ANOM is by getting access to FIELDX.io who most likely built their customised Android OS as the company is owned by an individual in FRANCE, obtaining a warrant would not be difficult.
– To finish off my testing I did in fact perform the same tests on CIPHR and the only server I was able to see was the Blackberry UEM Encrypted VPN, nothing more or less. This is perfectly legal and to any outside entities monitoring they would not even be able to tell whether your communication device was for CIPHR or other Enterprise related purposes.
– ANOM also states their company is in PANAMA, that may be the case but their servers are not located in PANAMA let alone owned by them which means any reasonable authority would be able to access their servers with relative ease.
More information regarding ANOM:
www.fieldx.io (used to control the ANOM DEVICES)
STAY AWAY FROM ANOM IF YOU VALUE YOUR PRIVACY & SAFEY, THEY ARE COMPROMISED, LIARS AND YOUR DATA IS RUNNING VIA USA – Passed onto LAW ENFORCEMENT and other Entities