Michael Bartsch could barely contain his excitement over his company's newest mobile phone. "We can't say which countries we've been contacted by," said the head of mobile security for German telecommunications firm Deutsche Telekom. "But security people from embassies have called us asking for devices to test out. In fact, we've been getting calls from everyone, even from outside the EU." On the mahogany conference table in front of Bartsch lay a panoply of the smartphones he uses, modifies, and ultimately tries to market: an iPhone 5s, a Blackberry Z10, and what looked, to the casual observer, like last year's Samsung Galaxy S3. But, in fact, the unassuming Galaxy was actually a Samsung device running the Korean company's secure Knox version of Android, which Telekom has modified with its own security software, called SimKo. An earlier variant is the phone that Chancellor Angela Merkel uses. And Telekom wants to sell it to you, or your government, or your company, or to anyone looking to migrate away from American and British technology solutions in the wake of the NSA spying scandal. But critics of the initiative say that equally secure products can be had for a fraction of the cost, and that Deutsche Telekom's ties to the German government make SimKo problematic for potential foreign government buyers. Telekom's SimKo project was born in 2004 at the behest of the German government, which owns a 32 per cent stake in Telekom. It wanted a solution that would encrypt data and eventually voice traffic on 10,000 civil servants' government-issue phones, both when they communicated with one another on the phones and when their phones were connected to the government's secure e-mail network. After five years of research, the first SimKo phone, a modified HTC Touch Pro 2 running Windows Mobile 6.5, was released in late 2009. It could encrypt text messages and e-mail, but voice traffic was left unencrypted because, at the time, telecom providers thought the encryption built into their 3G networks was robust enough to thwart hacking. This was wrong, as the Berlin-based Chaos Computer Club group proved in late 2009, when it easily hacked into 3G networks. This incident sent Deutsche Telekom looking for another solution, and it came in the form of Samsung's Knox-enabled phones, which were unveiled this year at the mobile phone industry's annual trade show in Barcelona. Presently Knox is only available commercially for the Galaxy Note 3 "phablet"; the Galaxy S3 and S4 require an update that has not been provided yet. Software like Knox solves the critical flaw in the "bring your own device"(BYOD) movement, where employees using their (insecure) personal phones to open business presentations or upload company documents to services like Dropbox. Samsung puts two distinct operating systems on the same device: a "secure" version of the Linux operating system (SE Linux), where an employee's encrypted e-mail and files are isolated and linked to a company's secure cloud; and a normal version of the Android OS, where the user can run personal apps such as Facebook. Employees like Knox because they can use it for both work and play; employers like it because they always have control over the secure side of the phone, which they can remotely monitor or wipe if an employee leaves a company. Samsung's platform is aimed primarily at the US Department of Defence, which said this past spring that it plans to buy 600,000 "secure classified and protected unclassified mobile solutions that are based on commercial off-the-shelf products". Government-wide purchases of secure smartphones could eventually reach eight million devices in the US, and Samsung, as the largest maker of Android phones, hopes to grab a big chunk of that business. At present the US Department of Defence lists only BB10, Apple's iOS 6 and Samsung's Knox as having met its requirements for mobile security. So keen is Samsung to garner US government contracts that it developed the Knox platform almost entirely to US government specifications, with particular emphasis on modifying the open-source SE Linux programming language to meet Department of Defence requirements. The company says in its white paper: "Samsung R&D teams have worked very closely with the NSA to port and integrate this technology into Android. This port of SE Linux to Android is commonly referred to as Security Enhancements for Android, or 'SE for Android'." Knox phones destined for the US Department of Defence are given an extra layer of security by General Dynamics and defence software contractor Fixmo. Both companies are adding voice encryption and special authentication protocols that allow the devices to sign on to secure government networks like the Department of Defence's SIPRNet, which was where the WikiLeaks diplomatic cables were stored. But can an American chief executive or the president of Brazil get one of these ultra-secure Knox phones from General Dynamics? Unlikely. An employee at General Dynamics G4, who asked not to be quoted by name, said the devices that it modifies for the government "are based on software technology that goes to the root of the phone. Our technology is not used by other countries." This is where Deutsche Telekom hopes to fill a niche. It is adding a similar, extra security layer to its phones as well. And it says it will sell the same device that it makes for Angela Merkel, the "Merkelphone", to anyone willing to pay the €1,700 (HK$17,900) asking price. Telekom's version of the Samsung Knox encrypts all voice and data traffic into and out of the phone with a cryptocard made by cergate and software by NCP, both based in Nuremberg. The phone's L4 microkernel is made by Berlin-based Trust2Core, a start-up that Telekom owns in a partnership with the Technical University of Dresden and Dresden-based Kernkonzept. A microkernel is essentially a bespoke package of code that "provides basic memory management, task and context switching, and little else". This core is very difficult to infect with malicious code, so it is well suited towards keeping the two operating systems separate, while at the same time allowing both operating systems to share storage memory and components, like the screen, camera, or microphone. Telekom's Bartsch said the company assumed that attempts would be made to hack into its systems. "We assume that there are organisations that want to obtain information, like the NSA. The NSA has every piece of technology that exists to decode security keys in a relatively quick time span," he said. For this reason, he said the company created a new secure key to all its SimKo devices every day. Telekom's assumption was that code breakers would need longer than a day to crack their keys. "We change the security keys every 24 hours," Bartsch explained. "Every morning at 4am, the system cuts off all VPN connections, creates a new key, and then reconnects with the gateway." But privacy experts in the US and Europe are critical of the initiative. They say the system is at best an expensive executive toy, and at worst problematic for foreign governments due to Telekom's ties to the German government.