A minor point of curiosity: one of the captions says "Using SilentCircle on a Huawei complete negates the point of using SilentCircle."
I appreciate that it may be somewhat tongue in cheek, but is that a riff on the US accusing Huawei of being a national security threat[0], or do Huawei phones have a track record of known security vulnerabilities?
Well, it's not just that one US incident, the level of paranoia regarding Huawei is much wider than that. For example IIRC the UK blocked a Huawei bid to provide cell phone service during the olympics. I'm not sure why exactly they have such a shitty reputation compared to other Chinese companies. For example, has anyone every said that running ssh on a ThinkPad completely negates the point? But the reputation is there, which is what makes it a decent joke.
(And yes, I chuckled at the image before reading the caption.)
At some point it is hard to say a system is secure if you cannot control the hardware. That is when secure systems are certified it is not just a software library, it has to be full hardware + software solution. If anything can insert itself in between boot and loading the OS then it could read the memory and just scan the memory for a key (by say emulating the memory inside a VM). A phone manufacturer could very simply add a hardware memory read access via a separate chip to their phone memory. The phone then could boot to an arbitrarily 'secure' OS and application but it would still be a all for naught as key could still be read from the memory.
I appreciate that it may be somewhat tongue in cheek, but is that a riff on the US accusing Huawei of being a national security threat[0], or do Huawei phones have a track record of known security vulnerabilities?
[0]http://www.nytimes.com/2012/10/09/us/us-panel-calls-huawei-a...