But it's US military grade
So all it does is delete the email of any Brits or Canadians that happen to be nearby
Microsoft is bullet-proofing email on Windows Phone in an effort to follow Apple and Google into the workplace. Redmond has announced a deal with Good Technology to make Good for Enterprise available for use on Windows Phone 7.5 devices. The US mobile specialist will deliver FIPS-certified, 192-bit AES encrypted messaging for …
Nope.
Windows Phone 7 does NOT offer device encryption. That's why Microsoft is scrambling to get something to convince savvy business users to even consider their OS.
But this is the wrong way to do it. Good is an app, not a device management tool. It encrypts its data, and can remotely wipe its data, but not data outside its domain.
Frankly, I'm surprised MS is doing this, because it takes people away from the Windows Phone apps. They must be getting really desperate.
...If US companies were allowed to export decent encryption methods. But as far as I know they're not, as seems to be indicated in this article as well. 192-bit AES ? GPG can do better than that!
Heck, I'll see your GPG and "raise" with the more ontopic Outlook 2010 which by default provides an SHA256 hash algorithm and 256bit AES encryption algorithm.
How does lowering the encryption algorithm (in comparison with default Outlook 2010) weigh up against "enterprise security" on the Windows Phone ?
I have full confidence that Microsoft will eventually patch this whole security model up and provide a very decent solution. The main problem is that they should have thought about this up front IMO.
There is no way for any business of the military to check the integrity of such a WP7 device because it's all not only closed sourced, but also encrypted code you cannot modify.
There is no way to harden such systems, for example by strapping them down to just an e-mail client, and it doesn't matter how well the encryption is, if there is an exploitable bug/backdoor somewhere in the millions of lines you don't need but cannot throw out. Bugs to happen, that's why people who want to have secure systems harden them by throwing out everything they don't need. As long as boot-loaders are encrypted, this cannot happen on such devices.
course one could argue that by having access to the millions of lines of code it would potentially enable naughty bobby down the road to find a weakness and exploit it until its found out and patched, rinse and repeat.
I dont think either of the two systems are perfect, and franky its all a bit of a waste of time when people dont lock their bloody phones in the first place then live them in a strip bar!
if this is the same "military grade" software US Defense Sect'y Bob Gates was running when his mailbox was hacked by the PLA -- oh wait, that's right, wasn't it the back end servers that were compromised? As others have said above, US security standards, military or commercial, are a joke because security always takes a back seat to user convenience and the government is actually afraid that a really serious effort to improve security would threaten their ability to eavesdrop. That second reason is somewhat understandable, but the first should get every CIO and the CEOs who employ them booted for dereliction of duty.