Feeds

back to article Boeing plans super-secure Android smartphone for top echelons

Boeing is planning to launch an own-brand super secure Android smartphone for military, government, and high-level commercial users by the end of the year. Roger Krone, president of Boeing Network and Space Systems, told National Defense Magazine that this is probably the first time the company had got into the cellular phone …

COMMENTS

This topic is closed for new posts.
Black Helicopters

But will it contain all the Google spyware?

I would be willing to pony up some $ if it was a private non-tracking, non-snooping, secure phone... sorta like my old Blackberry is/was.

8
3

What about the users?

They will make the phone secure but in the end, it will be the apps that the users use on the phone that will be the downfall.

1
2
Bronze badge

Re: What about the users?

Well, that nicely encapsulates the bind that RIM find themselves in.

A corporate BlackBerry is normally configured by the corporation's IT bods to prevent loading of applications for this very reason. This makes BlackBerries 'boring'.

Androids and iPhones generally let you add apps, which makes them 'exciting'. However allowing arbitrary third party software on to a corporate device means taking a risk of some sort.

Boeing are right, there are organisations whose risk appetite is low meaning that they understandably don't like mainstream Android. But to fix that means placing RIM style restrictions on what the device can do, or having a multi-level security system of some sort.

A hyper-visor approach may deliver (with some effort) a multi-level security system, but that's not likely to result in improvements to battery life. The only justification for it would be to allow people who require security to also use mainstream apps.

The inevitable questions arising from that is "are spooks allowed some fun?", and "are spooks really incapable of carrying two phones?"

1
0

Google stealth or actual stealth?

Google stealth being a B2 bomber who constantly phones home on a public connection, sends live GPS co-ordinates, available from a "beta" google page and dozens of tweets "Over Fallujah LOLZ" to top it off, also targeted ads.

"I see you're flying a B2 over Fallujah, have you thought about Blackwater?"

11
2
Anonymous Coward

Given the amount of malware on Android and it's vulnerabilities , it's an easy guess that those who wish to do so can fly a plain into a building without much risk just hacking by Boeings Software.you're flying in. They don't have to to get in the plane any more.

0
11
Anonymous Coward

What no iMilitary

Seems a bit wierd that they are not using an iPhone, I'm sure there would be more buy-in for a nice pretty phone.

0
9
Anonymous Coward

Re: What no iMilitary

Reason:

<pilot> "Siri, please shoot down that enemy aircraft".

<Siri> "When would like me to book an appointment for that? Oh, and you've missed your wife's birthday"

But it could be a cunning ploy! Sell it cheap all around the world and the only people who could use the kit in anger would be those with a Californian accent slightly slurred by years of experiencing LSD. There's a slim chance they might be American.

1
0
FAIL

Re: What no iMilitary

One reason to pick Android is for transparency of the OS. That fact alone makes Android the only widely used phone OS suitable for creating a truly a secure phone. If you can't examine the OS at all levels, you can't hope to try to insure it's security.

2
0
Angel

No, President Obama doesn't use a Blackberry...

Senator, and Candidate, Obama used Blackberries.

President Obama does not. He uses a General Dynamics Sectéra® Edge™.

As to those who wonder why Boeing would select Android, the answer is simple: they can get Android and sweep the code line-by-line, add restrictions on what can be installed (like the app signing stuff that Windows 7 does), etc.

The idea that anyone would use an iThing for secure applications is laughable: Apple deliberately keeps stuff close to their vest, and won't release the keys to iTunes, so there's no way to deliver trusted apps to a hypothetical "secure" iPhone.

Oh, and the notion that Android is (inherently) full of malware and vulnerabilities is baseless. Sure, a lot of phones that run Android may well be, but the same is true of every other operating environment. The crux of the matter is that Google makes it possible to scrutinize Android, while Microsoft, RIM, and Apple do not...

10
1
Anonymous Coward

Re: No, President Obama doesn't use a Blackberry...

Scrutinise your code for malware then

http://www.androidauthority.com/beware-of-new-android-malware-claiming-to-be-system-upgrade-74969/

http://www.ubergizmo.com/2012/04/updtbot-android-malware-discovered-spreads-through-sms/

http://www.technolog.msnbc.msn.com/technology/technolog/study-android-malware-400-percent-123268

I got bored of pasting after that.

But all those extra eyeballs will help keep the code clean. It's teh openz!

0
3
Bronze badge

Re: No, President Obama doesn't use a Blackberry...

@Malcolm Weir,

"The crux of the matter is that Google makes it possible to scrutinize Android, "

Er, not quite. According to the fount of all knowledge Wikipedia the current version of Android is 4.0.4, but Google have released the source only up to 4.0.1.

Even if you could stay current with Google's releases (which you can't with Android because you need the manufacturers to keep up) you can't examine the source code you'd be running because Google don't release it at the same time the binaries hit the streets.

Even then what you're running isn't what Google released, you're running something that was put together by the mobile manufacturers *based* on what Google released. You don't ever get to see their modifications (so far as I know).

I don't see what Boeing hope to achieve. They're not going for a stronger Android that the mass market would adopt. They're aiming at a niche market. That niche will always accept lock down, restrictions; that's the price you pay to get security.

That would appear to be a niche that RIM (as you point out, MS increasingly so) already fill well. RIM's Playbook (and I guess their future mobiles) even supports repackaged Android applications!

I think Boeing is being carelessly vague. Whatever it is they think they'll be doing will at best be a major fork of Android. It will not *be* Android itself. But if it's not full fat fresh from the chocolate factory Android then it's not going to offer any advantage over the offering from RIM or MS. Both let you write/deploy your own niche-specific applications in mainstream-friendly ways (= cheap coders). 'Cheap coders' is all that the label 'Android' implies in this case anyway.

Boeing may be able to offer a more secure product, but taking Android as a starting point will make their life very hard. Something like Greenhills' Integrity OS would be a better basis; layering Dalvik on top of that could produce something really quite interesting from a security point of view.

3
3

Re: No, President Obama doesn't use a Blackberry...

Maybe Boing are going for an O/S that they know the code for because they wrote/analysed large chunks of it rather than assuming RIM have written it well.

Besides, who things RIM will be around in 10 years time?

And the fact is that if i was sufficiently motivated and knowledgable (im not) I build the original Android souce and install it.

0
0
Silver badge

Re: No, President Obama doesn't use a Blackberry...

Well, IIRC most of the proprietary stuff in any given Android system falls to the hardware support--CPU, GPU, DSP, and chipset drivers and all the assorted custom stuff each manufacturer wants to put on their phone. This is stuff Boeing would have to do anyway for the hardware they intend to put on their proposed device (which I don't think will use a lot of common off-the-shelf tech).

While the proposal appears to smack of internal cryptoprocessors and so on (IOW, all communications to and from the device will be encrypted), a good chunk of the security will have to come from the software--it's highly unlikely Google Play or any Google software will make it into these device. Indeed, I suspect part of Boeing's effort will be to create an application server that allows the head honchos to personally vet applications and only allow those it deems safe onto its network. The devices will then be configured to go to those servers rather than other vanilla servers.

0
0
Silver badge

Daring move...

The main issue which I see is that its fully build on top of an Open Source OS. While this has its obvious advantages (and I don't mean "free as in beer") it also comes with disadvantages. For example; 20 people working on a project could use 20 different coding styles thus making it harder to grok the exact inner working of the software component.

But the most risk is the liability aspect itself I think. The well known "What if". What if something does go wrong and the government and military deem Boeing responsible? It doesn't matter here if we're talking Android, iOS, Symbian or even WP7... Obviously RIM has somehow managed to protect themselves from such claims (or evade them?). But can a new player on the market do the same?

0
0
Bronze badge

Re: Daring move...

"But the most risk is the liability aspect itself I think"

Believe me, even the most trustworthy of software platforms comes with an EULA that absolves the authors of all responsibility in all circumstances for any faults whatsoever, despite what the glossy brochure says. Boeing will be no different.

Anyway in this arena it's not the author's word you trust in the first place. You test the product yourself against whatever information security standard (e.g. FIPS) suits your needs, or accept the word of some other trusted authority (e.g. the government) that has already done that testing. The more stringent your security requirements the harder that is to come by.

0
0
Silver badge

Microsoft can't even afford lobbyists?

I remember a few years ago when the NSA were developing a super secure version of Linux - it suddenly got canceled in favour of the American government being free to buy any of the wide range of commercial OSes available on PCs from a small patriotic company in Redmond.

1
2
Bronze badge

Re: Microsoft can't even afford lobbyists?

The result of that effort was SE-Linux, such as you find bolted into Fedora, Redhat, etc. It's an extension to Linux that allows you to set and enforce security policies on a system.

Most people's practical exposure to it is the annoying dialogue boxes that still pop up in Fedora saying that some badly thought out policy has been breached, usually by some other standard part of the OS / desktop / services. In my limited experience it has a propensity to call wolf a lot...

1
1
Silver badge
Big Brother

Questionable management

"this is probably the first time the company had got into the cellular phone business "

Probably?

He's the President of the company and he doesn't know for definite?

What else are they doing he's not told them about?

2
0
Bronze badge

Re: Questionable management

Does he know about the $10,000 toilet seats?!?!

0
0
Coat

Boeing Fanboi to .....

Apple Fanboi -'You only paid what? I wouldn't use that piece of cheap tat!'

5
0
g e
Silver badge
Holmes

"won’t be a mass-market device"

No shit, we wouldn't want Sally on the street being able to secure her private information from the State, now, would we.

1
1
Paris Hilton

Re: "won’t be a mass-market device"

Here's Sally's review on Amazon after purchasing the phone:

"i bought the phone bcuz i heard you cant get viruses but now i cant install angry bards (its like angry birds but better!!!!!!!!) the phone keeps saying stuff like this software is not approved and that its malware. this phone sucks!!!!!!!1"

0
1
Thumb Up

The upside

There is an upside here, Boeing will be able to pay the best in field security experts to harden android beyond all belief. Now while a lot of their work won't be of use to the mass market, such as military grade encryption, it's the hardening of the kernel and dalvik VM that will benefit everyone due to the open source nature of the OS. If Boeing's work is backported into the mainline repo, Android will suddenly become one of the most secure platforms out there.

0
0
Bronze badge

Re: The upside

Any improvement to Android would definitely be most welcome. It is the most fragile (from a security point of view) of the platforms out there.

As for putting improvements back in the mainline, well that's fine so long as no one else (i.e. Google) then goes and modifies it to add some hey-new-whizzy feature that undoes all of Boeing's hard work. And just because it's in the mainline doesn't mean to say that millions of users are going to benefit. No, I suspect Boeing are going to have to maintain their own fork of Android if they want to have a long lasting product line.

It's quite clear that Google didn't do enough analysis of Android security in the first place, nor think about how it could be improved. Maybe they didn't have to - they're earning good money out of it as it is. We all know that Android, uniquely, cannot be auto-updated in the field by Google. Until they fix that Android is always going to be behind the security curve, or stuck in some slow moving fork created by outfits like Boeing.

0
0
Silver badge

Blame the operators.

Most of the time, it's the operators who demanded control over the handsets (like they did in the feature phone days) and pretty much told Google "no control, no deal". So Google either had to play ball or cede control of the phone market to Apple, whose iPhone was in such incredible demand that Apple COULD dictate terms (IOW, Apple didn't come to the operators, they came to Apple).

0
0
Black Helicopters

Once you strip away the fluff

Once you strip away the fluff of this press release it will more than likely turn out that boeing has contracted to build some android handsets to the NSA's Project fishbowl standards

http://www.nsa.gov/ia/programs/mobility_program/index.shtml

Presumably based on the SE android kernel

http://selinuxproject.org/page/SEAndroid

So more than likely somewhere like foxconn is going to make handsets for boeing for peanuts, boeing will then load their secure android firmware on them and sell them to the government at a $10k markup.

So business as usual all round!

0
0
Silver badge

Oh well

At least they aren't trying to push iCrap to the military. Though the NSA seems to be smart enough to know that putting iThingys as "secure" smartphones is a bad idea.

Though if the feds REALLY want secure smartphones, why don't they simply get the Sectera Edge? Come on dudes!

0
0

The Swiss already have it: http://www.youtube.com/watch?v=sZzYDN1MRb8

0
0
Silver badge

Boeing chose Andriod?

What else would they use? Apple wouldn't let them look at the source code. Microsoft certainly wouldn't, RIM aren't American so that's them out of the pork barrel that Boeing sups from. Maego, Maemo, Symbian, No future.

So it's either Android or roll your own. So not so much chose as picked the only option.

0
0
This topic is closed for new posts.