Feeds

back to article GCHQ imposes Whitehall iPhone ban

The image of ministers and their advisors hunched over their BlackBerries is set to become an enduring legacy of the New Labour era, as it's emerged that RIM will maintain its stranglehold on the government smartphone market under the coalition. A Whitehall iPhone embargo is in place because encryption and electronics experts at …

COMMENTS

This topic is closed for new posts.

Page:

Joke

There seems to be a lot...

... of these Honeytrap operations going around at the moment - Russia, China, Japan...

Hmmm, What do i need to do to become a target?

2
0

A Blackberry ...

The other devices they can hack :-)

ttfn

0
0

@"Hmmm, What do i need to do to become a target"

Get some money and power ;)

... If you have something they want, thats enough for people with money and power to pay to "trap" you.

Of course power comes in different disguises, i.e. you can have political power or you can have industrial power, but ultimately its really just yet more money and power, just the scale of the power changes (but even that isn't so clear with the huge scale and power of corporations these days).

Which just goes to show, no matter how much they have, the people with money and power always want more and the whole world is swept along by their endless greed. :(

Then again, you could just bypass the whole need for a trap by hiring yourself your own Honeytrappers ;) ... after all its what so many of the people with money and power spend their money on! (o_O) ... (where is the dismay emoticon when you need one ;)

3
1
Grenade

Well....

You can hack a blackberry - you just have to know the route to do it.

and this "RIM is meanwhile free to brag about its end-to-end encrypted product and its CESG certification, won in 2006" is funny as if its end to end then how do RIM do spamfiltering. Would appear that there internal mailbox's be they wamdamdoo or IMAP clusters are holding very unencrypted emails. Indeed Spamfilters have problems on encrypted content - do they not! I'd also question the handerling of certain document types which appear to all effect to be processed/mutated at RIM central intoa format the device handels - what process's those external attachment types as appears to be some kind of attachment processor/engine that again probably dont handle encrypted content all that well.

Bottom line its not end to end as I know and trust it - but I never applied to work at GCHQ though given certain handerlings of thinsg I suspect I should. Oh wait did GCHQ not even truely test these devices/network/service-network or did they just go `Obama uses it then it must be ok` type approach as very little research will show you all Obama's backend email routing/spam filtering/attachment processing is handeled by govermental private located/secured backend and not using the main RIM backends like the ones in canada or the UK or.... But hey thats just a glimpse at the big picture.

As for apple - well I hope they added some proper encryption chips and I mean secure chips that dont cough up keys to a electron microscope or low-voltage tricks or tainted input differentials. But I doubt it. Apple are after the consumer market and in that they do well. Lets face it if a yuppie (retro here) wanted a secure sports car they wouldn't get a soft-top. This in itself puts the whole thing into perspective.

Now dont get me wrong but mobile phones are primary for phone calls and in that respect if you use the 3g added encryption instead of the GSM ones then your faily fine, beyond that you get into the whole Mn already broken etc etc and model of handset is moot. That cavet aside if its fancy data like email and content of the phone like call records etc etc, that becomes another area. Then there is 3rd party app's and lets not even mention iAD's - cant wait if goverment types gets advert "You appear to be taking over the world - you need wonkco's black box on offer now" or the like. (always like people who complain about online adverts being porn biased - usualy cant get that level of intel ;).

I wonder what networks are GCHQ approved - pls dont tell me its only somebody like vodaphone. Would of expeted the GOV to of least had some virtual private network given the level of usage they control and extra control/security that would afford as well as cost savings. But hey they will pay there IT staff insulting wages for there skills compared to the glorified spreeshit^H^Heet type accountants, but thats true of alot of area's alas.

ANON because I helped bury some bones.

0
2
FAIL

In need of some research....

RIM does not do spam filtering. That is what a hardware email spam/antivirus firewall is for between your email server/cluster and the rest of the world. They also don't mutate or effect attachments in any way. The Blackberry itself is capable of reading certain file types such as .doc and .xls. RIM simply passes on the encrypted packet from the BES to the handheld were it is decrypted.

Next time 10 minutes of research before spouting a bunch of garbage please.

1
0
Happy

answer do not carry an iphone with you

ha!ha1

0
0

I can see why you don't work for GCHQ

its end to end for emails.

This solely so that the sender knows it has reached the intended reader without intercept and vice verser. If the intended reader puts the email onto face book then thats because they are an idiot.

Lets be honest restricted is of the level of normal communication in government and is second from bottom in risk ratings so it perfectly fine.

With Obama he would be dealing with the highest levels of information and his secret service actually attempted to stop him using it, but instead tailored a bespoke encryption package for his device.

The french government was also using it, but found it unsuitable for the highest levels of data so they developed a government handset through Thales (french complany).

GCHQ knows what they are doing and thats why they havent hired you.

0
0

Blackberry in Government

Key points regarding Blackberry and other devices used in Government...

There are two types of Certification that CESG provides for Security Products, the first is Common Criteria and the second is CAPS (CESG Assisted Products Scheme). Common Criteria evaluation can be undertaken by labs in several countries including Germany, the UK and the USA. In general all countries which subscribe to Common Criteria accept each other's certifications as they examine the products in very similar ways. Typically Common Criteria is applied to commercial grade products and commercial grade encryption systems.

CAPS on the other hand is CESG specific and is what CESG uses to assure products which use UK Gov Encryption Algorithms, or secure products that are designed for use in high security environments in government, or which have a large potential for use on secure government networks, in order to pass CAPS most devices have to have some sort of tamper proofing within their enclosure and code and hardware (incl. silicon) needs to follow secure design methodologies. You can find a list of CAPS Approved products on CESG's website ( http://www.cesg.gov.uk/find_a/caps/index.cfm ). Blackberry is not on that list.

Whether a product is evaluated on CAPS or Common Criteria (or both in some cases), the product will not always be examined in it's entirety, sometimes specific features are not evaluated because they enable functionality that would compromise the security of the device, in this case, the target states what features may be utilised and what features should be disabled for a secure configuration. A common example of this is that on firewalls, clustered failover is specifically not evaluated as it breaks the integrity of every type of firewall (that I've come across anyway), you will however find that most organisations that require high availability will implement regardless, despite the feature being documented as insecure, the reason being that denial of service due to firewall failure might be more likely and pose a higher impact than an attacker gaining access to a firewall.

Blackberry's are approved under common criteria and their use in government is based on current rules which allow RESTRICTED Information to be encrypted with some commercial grade products both in transit and at rest, as such they are capable of processing RESTRICTED data assets for email ONLY, this includes the method of receiving email from a BES that is located on a government network and the storage of the email in it's encrypted form on the device, they are not approved for access to RESTRICTED government intranets or for RESTRICTED voice communications. These features are not within the target of evaluation and do not use commercial grade algorithms strong enough to provide adequate protection for the data either at rest (browser history, etc) or in transit (voice by GSM / 3G).

Some agencies have built their own applications on the devices utilising their own methods of encrypting data on the handset and either utilising the inbuilt VPN technology to create tunnels to RESTRICTED government networks, or using the email facility as the method of transferring messages, but these are done by the agencies at their own risk and are not encouraged by CESG, generally these types of applications are thought to be insecure, but where there is an operational need this is sometimes managed by the particular organisation as a necessary risk.

CESG doesn't specifically approve the use of Blackberry's within government, rather they give advice... the advice is generally "We would rather you didn't, but it's your data and you are responsible for it, so if you must do it, we advise that you make sure to do X and under no circumstances do Y, try to use the following handset models if possible as they have the least number of exploitable features, set the devices to auto wipe on tamper, set up remote wipe services, etc".

In terms of Networks, no mobile network is approved by UK Government and no IP VPN based cloud is approved either, some older MPLS fixed wire networks were approved for carriage of data up to and including RESTRICTED as they could be guaranteed to only route within the UK, however these days communications companies are utilising almost exclusively IP-VPN based networks as they are more cost effective, as these networks route by lowest cost, the traffic can go internationally, because of this all UK government data must be protected by appropriate Encryption and the key material has to be regularly updated.

2
0
Silver badge

It's amazing how leaky smart phones are

After installing a few apps like Twitter, Facebook, or even some game and your devices could be leaking data all over the place. They might even be polling for open wifi spots which in itself might aid in tracking someone.

Not saying Blackberries are necessarily any better, but if its possible to lock down what they do and with who they do it then it is quite understandable why government / security types would favour them over some random smart phone.

0
0
Happy

iPhones support VPN's

IPhones and iPod touch's at least support VPN's, which should allow secure communication :

http://support.apple.com/kb/ht1424

My experience of Government security people is they are slow to review and update this type of thing, it could well be they just haven't got around to it yet.

1
4
FAIL

Such a "mom's basement" comment.

"IPhones and iPod touch's at least support VPN's, which should allow secure communication"

HAHA

Dick.

Sure a foolphone can support these features but the difference is that a BB can have these features forced. Security is very much about ensuring your users don't forget to connect the blahblah to the fidgettybob in order to transfer their widgets securely.

In a BES environment all traffic in and out of the blackberry can be forced to go over the secure encrypted tunnel to the BES itself which is normally on a secure network. You can control and limit what applications can be installed and you can control and force encryption on the handset itself. It's kinda like how companies use Windows because AD allows them far easier and more granular control of what the user can and can't do with their work PC/Laptop.

"Have a go geeks" just don't seem to be able to understand this.

8
3

So the iPhone supports VPN

hate to break the news to you but that's not enough.

Lets have a secure file system and no ability to access that file system without whatever challenge system the phone/organiser uses.

The apple products fall incredibly short in that respect.

The Blackberry takes things further than just a VPN connection (even then that's not enough for some governments (US & French))

0
0
FAIL

iPhones and iPads

It's not just about data in transit, but how it is stored on the device. Not much good if a device is left on a train and all that has to be done is open up the case, attach a few probes and dump the contents of memory. I'm guessing Apple don't want to show anyone how internal storage is handled on their most magical and wonderful devices...

0
0
Thumb Up

Blackberries are better

because they self destruct if you get the password wrong. Get it wrong 3 times and it's wiped clean. Oh and they can be locked down (remotely) to stop users downloading apps.

3
0
Joke

@Arnold Lieberman

But didn't you read? The way the ipo/ad is designed makes it an absolute pain to transfer data off it. Security through esotericity!

0
0
WTF?

And you are perfect in every way then.

At least he's a human being. A simple explanation that educates without the attempt to pump up your own sad ego would have done.

3
0
Anonymous Coward

It's not all approved....

One of the main things with the CESG approval is that it contains a very complete list of what you can (and more importantly can't) turn on whilst keeping it OK for Restricted. This includes detailed config instructions for the BES and devices, most of which absolutely have to be enforced on the users with the technical controls the BES can offer. As others have said, having the ability to lock the deice config down tightly is where RIM scores over others.

Restricted is the lowest protective marking, there's no way BB will be approved for anything higher (Confidential, Secret etc).

Getting CESG approval is a time consuming and expensive business that the supplier has to apply and pay for (this is changing slightly but not much). It gives access to a pretty limited market (HMGOV) which means a lot of the big commercials don't bother as it isn't worth it. That then means those that do and pass often get a monopoly in HMG - Barron McCann etc.

1
0
Grenade

Dick yourself

Such a cultured and intelligent reply, so basically you're a Blackberry nerd and you seriously suggest AD to secure your network?

From the level of the immature comments you make I'd suggest your the one in you're Momma's basement

0
0
FAIL

Reviews etc

The review processes are not only slow, but costly...

It costs a lot to certify a product, which effectively rules out open source or small companies...

If you update (ie patch) then you need to be recertified, so quite often the only approved versions will have known vulnerabilities...

Also only particular configurations are certified, and quite often these configurations are impractical...

Most of this is done by people who don't really understand security, managers, policy people etc... Many government security policies are impractical or even detrimental and virtually every actual deployment has a list a mile long (often covered up) of areas where they are not complying with given policies or best practices.

All the accreditation process really does is ensure that only a select few large companies are able to sell into this space (ie it creates a cartel)... The vast majority of customers will buy accredited products, but end up running them in non accredited configurations or with non accredited updates applied.

0
0
Coffee/keyboard

Not a business phone

There is one reason alone why my company tried iPhones and returned back to Blackberries: typing. It's one thing to receive e-mails but typing a message of any meaningful length does not work well on a touch-screen (and I include my beloved Android in that too).

It's the one thing I miss about my old HTC Windows Mobiles with the slide out keyboard. The GUI was a dog and the haptic feedback on the 'droid is good but you can't make up for a real keyboard with real keys.

Hence the icon: "You owe me a new keyboard..."

0
0
Silver badge

I noticed that.

Ditched my ipod touch for similar reasons. I was using it more as an internet reader than a music player anyway so a second-hand n810 was far more up my alley.

0
0

This

iPhone = pretty and large screen

BB = better typing and smaller screen

Even the most fervent of my iPhone buddies suffer keyboard envy of the amazing Bold 9700

Yeah iPhones are more fun to play with but if you are firing out mails BB wins hands down

0
0

Typing

A physical keyboard is often better for extended typing than on onscreen one, but only an hour after getting an app called Swype I've found my "typing"* speed on my N1's touch screen is much faster than a phone-sized physical keyboard could ever be, it's approaching the speed of typing on a full-sized desktop keyboard.

* I put typing in quotes because with Swype you don't exactly type as such.

0
0

Your experience is not everyone's experience

I have a Bberry and an iPod touch, my wife has a bberry and an iPhone -- both of us type way faster on the iDevices than on the bberries. The only exception is typing in the dark in a moving taxi, when the physical keys help ensure a bit more accuracy. I know a fair number of others with both devices who type much faster on their iPhones too.

0
0
Anonymous Coward

How much do you trust RIM?

iPhone, Nokia et al. - VPNs you have to setup and administer yourself.

RIM - they do it for you. (They can read your stuff)

The best bit of RIM's corporate offerings is where they insist that the Blackberry Enterprise Server lives INSIDE your corporate network with an encrypted tunnel out to RIM.

3
0
Anonymous Coward

E71 ++

My company supplied E71 has VPN, encryption on the storage, forces me to use a PIN to unlock it after an hour or not using it, and the company can wipe it remotely if I loose it.

If it can be done on the E71 I'm guessing that any other Nokia E series can, and probably any modern Symbian based phone from other manufacturers as well. Its not the phone its having the hardware in the hardware in you company.

0
1

Err...

I think you may have mis-understood how BBs work... RIM can run the service for you, but if you want to you can run the service yourself you just need a BES. If I recall correctly the BES (Blackberry Enterprise Server) is actually free for a one or two BBs. Basically you do the reception processing (spam/AV/etc) and then stick this into the BES, which encrypts it and punts it on to your mobile service provider. RIM don't see your data at all, your mobile provider only sees it encrypted.

I'm not sure, but I don' t think that Apple provide an equivalent to the BES, also if they do it would most likely only run on Apple hardware, which in itself would exclude it from use in most corporates what with hardware and software standards almost never including Apple in major corporates.

1
0
Stop

Value for money

I hope they remember who pays for all their toys (ie us taxpayers).

Looking at iPhone deals available, they all seem to be ridiculous prices compared to other smart phones.

I therefore motion that anyone who suggest ministers/politicians should have an iPhone should be encouraged to pay for it all out of their own pockets.

Personally, I'd much prefer to see a politician using a 3 year old phone on a £15/month, 1-month contract than using the latest fad on a £45/month 24 month contract - it would encourage me to think that they're not wasting ALL of my money!

3
1
Silver badge

Not quite

Personally I'd prefer to see them using a blackberry so that settings can be enforced and the damn thing wiped and bricked when they inevitably leave it in the pub/on the train/in a taxi etc.

0
0
Anonymous Coward

The company I work for (Not UK gov)

Has had this ban in place for years - for security reasons....

0
0

It's so much more than a VPN requirement

So AC suggests (at 11:51) that iPhones support VPNs. That may be the case. But won't an IPSEC VPN just go for the lowest common denominator? If the endpoints determine they can only communicate with low-grade DES (or even no encryption), they'll do just that.

Anyway, maybe it's more to do with the way that the iPod/Phone will only use Exchange ActiveSync as their mail transport. Maybe that's what they don't like and that the implementation they've seen to the BES is much better. Maybe it's the fact that Blackberrys are serious messaging phones, rather than consumer-oriented devices.

I, personally, would feel much happier with our "elected representatives" being in touch with their ministries to do just that, keep on top of messages, rather than stroking their toy in public and gazing at their latest app. Whether I want RESTRICTED emails being sent to these devices at all is another matter...

(No BB or iPhone here, just an ActiveSync capable smartphone. But then, no secure government policy-type stuff on my device, either)

0
0

"Consumer device" issue

The big problem with the iPhone is (as with other apple products) is that it is designed for consumers and lacks business functions, Apple is highly successful in the consumer market but they miss out on some things that corporates need. Mostly.

The app store as the only route to buy/install apps. So if you want to write (or comisssion) your own app for your own company, it is available to everyone?. If you want to roll out an app to 200 users, how do you do that, Individual ITunes accounts!. If you need to lock down phones to prevent people installing rubbish that may have malware, etc how do you do that?. If you sack an employee and need to wipe thier (your business) phone, how do you do that (I think remote wipe on mobile me is user owned not corporate control)

Even assuming that the iPhone local encryption on the device is "ok" there are too many of the above questions that Apple seem to have no answer for. In that case they will only ever succeed in the consumer space and micro/SME market where people dont know about these issues, or take the risk.

I dont think Google/Andriod have an answer / Nokia maybe but I gave up on them years ago (fasion phones)

PS I like apple Kit, im typing this on a macbook pro and have an iphone, its just that I cant see how it would work for the corporates/govt depts I work for.

PPS Apples market share of consumers is rather nice, so for now they may not be bothered!

1
0
Boffin

Ever heard of the iPhone Enterprise Kit?

"The app store as the only route to buy/install apps. So if you want to write (or comisssion) your own app for your own company, it is available to everyone?. If you want to roll out an app to 200 users, how do you do that, Individual ITunes accounts!. If you need to lock down phones to prevent people installing rubbish that may have malware, etc how do you do that?. If you sack an employee and need to wipe thier (your business) phone, how do you do that (I think remote wipe on mobile me is user owned not corporate control)"

Wrong. You can do all of those things: http://www.apple.com/support/iphone/enterprise/

... if remote wipe wasn't corporate controlled, how did Apple wipe the stolen iPhone 4?

For secure use, the iPhone has the same problem as Android or WebOS... they can be opened up by jailbreaking, rooting, etc.. try that with a Blackberry and you're just going to end up bricking it.

One thing RIM has is existing certification from the governments of the US, UK, etc... Apple, Google, Palm all might be just as secure (doubt it...) but they have to prove it first and that process has layers of bureaucracy and red tape.

Besides, when I hear 'secure" I think devices and networks that never touch the Internet, let alone being tunneled thru RIM. As far as I know, devices approved for such sensitive use are all based on WinMo with hardware crypto for storage and communication.

0
0

Oops

There you go then, I really should read more!

1
0
Boffin

remote wipe

Just to be clear the remote wipe on an iphone only works when it is on a network and has a valid signal. If you have already had your telco disable the SIM and block the IMEI you can not wipe it. Equally if it is out of network range (perhaps in a Faraday bag?) the remote wipe wont work either.

The BB on the other had can be configured to wipe after a number of unsuccessful login attempts.

Check out Jonathan Zdziarski for more info on flaws with iphone's security.

You are right about the certification steps, one other thing to note is that the CESG guidance also includes configuration guidelines for the server to force certain parameters on to the devices.

1
0
WTF?

Wipe...

The iphone also has an option to wipe after a given number of unsuccessful login attempts...

Through the phone itself you can only set a 4 digit pin code, but using the iphone management tool you can configure it for a password aswell.

0
0
Gold badge

Is that right?

"...Apple simply hasn't sought approval."

Surely that should be the other way around? Wouldn't HMG have to go on bended knee to Apple to seek approval to use their wonderful device the way *they* want to?

Maybe this little misunderstanding is the real cause of the lack of iphoneyness (hah!) going on in Whitehall.

0
1
g e
Silver badge

Dear GCHQ

But you know we're **APPLE**, right? I mean, WE'RE APPLE... COME *ON* you guys!

Some time later...

Dear Apple,

We are GCHQ.

2
2
Bronze badge
Joke

Similar to the age-old old...

Lighthouse vs US navy ship joke?

OK. Here's a kinda playmobil re-enaction. (well, the actors are all plastic).

http://uk.youtube.com/watch?v=brNX4xqlXJE

0
0
Big Brother

GCHQ imposes Whitehall iPhone ban

> A Whitehall iPhone embargo is in place because encryption and electronics experts at the Cheltenham-based eavesdropping agency GCHQ have not so far approved the device for secure official business. Apple-fanciers will have to make do with a BlackBerry ..

translation: We haven't yet managed to bug the iPhone ..

0
0

Predictable bue

There's an app for that

0
0
Paris Hilton

Real Translation

We bugged it in seconds and then spent the afternoon laughing at how easy it was to get in.

2
0
Silver badge
FAIL

Apple are a consumer company.

How many MPs and ministers are there in the UK?

Not enough to warrant spending a couple of million quid on what will essentially prove to be little more than an expensive "Hey! We've been approved by a bunch of knuckle-dragging ignorant imbeciles with a long track record of sending databases on the general public from place to place using insecure, unencrypted CDs!" ad campaign.

Corporate sales are a nice-to-have, but not a necessity for Apple. They're clearly more than happy to let their "competitors"—and I use that term in its loosest possible sense—piss money away on that kind of thing.

0
1
Flame

Double huh?

Yeah becuase GCHQ are really well known for their security gaffs. Running one of the worlds largest and best communications interception and security programmes would not put them in any position to advice on whether a device is secure or not! Moron.

1
0
Alert

huh?

@Sean Timarco Baggaley

"Corporate sales are a nice-to-have, but not a necessity for Apple. They're clearly more than happy to let their "competitors"—and I use that term in its loosest possible sense—piss money away on that kind of thing"

Yeah because RIM are really suffering due to their Corporate customers.

Apple would love to have the corporate business enjoyed by RIM but the iPhone is a consumer device designed to be cool. For corporate use, security and remote administration the Blackberry wipes the floor with the iPhone.

1
0
Anonymous Coward

Does this mean...

Does this mean that anyone spotted using a Blackberry can be assumed to be a member of our government services? Wouldn't that be a dead give away when it comes to any country spy spotting our guys?

I guess when Apple puts out a "Top Secret Spy" TM app on it's store these then things will change.

0
0
Black Helicopters

Three reasons the spooks don't trust the iPhone

1. It runs as root, and anyone with a software kit can get access to that,

2. Until Apple released the 3GS, they programmed the iPhone to lie to servers that encryption and VPNs were switched on when they weren't, owing to power consumption problems,

3. You can fit a metric shedload of documents into 32GB.

0
0
Happy

@curry munching hippie

Nope, it just means that anyone spotted using an iphone is a twat.

"Top Secret Spy" app or not...........

2
0
Silver badge

CDould it be because of Apple?

Couldn't it be that the "ban" is not only because of weaker/not mandatory security, but because everything has to be done through iTune, which in itself is a giant security hole?

0
0

human factors?

we got iPhones for email. Our vunderkinder in corporate IT then set a group-policy that the phone auto-locks after 1 minute, needing you to enter a complex (upper/lower/numeric) password to get past the 'slide to unlock' every time you put the bl00dy thing down.

result - jailbroken iPhones with the security disabled totally........

not sure if you can jailbrake a Blackberry - so maybe that's a consideration?

0
0

Page:

This topic is closed for new posts.