Boeing plans super-secure Android smartphone for top echelons Boeing is planning to launch an own-brand super secure Android smartphone for military, government, and high-level commercial users by the end of the year. Roger Krone, president of Boeing Network and Space Systems, told National Defense Magazine that this is probably the first time the company had got into the cellular phone …
Well, that nicely encapsulates the bind that RIM find themselves in.
A corporate BlackBerry is normally configured by the corporation's IT bods to prevent loading of applications for this very reason. This makes BlackBerries 'boring'.
Androids and iPhones generally let you add apps, which makes them 'exciting'. However allowing arbitrary third party software on to a corporate device means taking a risk of some sort.
Boeing are right, there are organisations whose risk appetite is low meaning that they understandably don't like mainstream Android. But to fix that means placing RIM style restrictions on what the device can do, or having a multi-level security system of some sort.
A hyper-visor approach may deliver (with some effort) a multi-level security system, but that's not likely to result in improvements to battery life. The only justification for it would be to allow people who require security to also use mainstream apps.
The inevitable questions arising from that is "are spooks allowed some fun?", and "are spooks really incapable of carrying two phones?"
Google stealth or actual stealth?
Google stealth being a B2 bomber who constantly phones home on a public connection, sends live GPS co-ordinates, available from a "beta" google page and dozens of tweets "Over Fallujah LOLZ" to top it off, also targeted ads.
"I see you're flying a B2 over Fallujah, have you thought about Blackwater?"
Reason:
<pilot> "Siri, please shoot down that enemy aircraft".
<Siri> "When would like me to book an appointment for that? Oh, and you've missed your wife's birthday"
But it could be a cunning ploy! Sell it cheap all around the world and the only people who could use the kit in anger would be those with a Californian accent slightly slurred by years of experiencing LSD. There's a slim chance they might be American.
Senator, and Candidate, Obama used Blackberries.
President Obama does not. He uses a General Dynamics Sectéra® Edge™.
As to those who wonder why Boeing would select Android, the answer is simple: they can get Android and sweep the code line-by-line, add restrictions on what can be installed (like the app signing stuff that Windows 7 does), etc.
The idea that anyone would use an iThing for secure applications is laughable: Apple deliberately keeps stuff close to their vest, and won't release the keys to iTunes, so there's no way to deliver trusted apps to a hypothetical "secure" iPhone.
Oh, and the notion that Android is (inherently) full of malware and vulnerabilities is baseless. Sure, a lot of phones that run Android may well be, but the same is true of every other operating environment. The crux of the matter is that Google makes it possible to scrutinize Android, while Microsoft, RIM, and Apple do not...
Scrutinise your code for malware then
http://www.androidauthority.com/beware-of-new-android-malware-claiming-to-be-system-upgrade-74969/
http://www.ubergizmo.com/2012/04/updtbot-android-malware-discovered-spreads-through-sms/
http://www.technolog.msnbc.msn.com/technology/technolog/study-android-malware-400-percent-123268
I got bored of pasting after that.
But all those extra eyeballs will help keep the code clean. It's teh openz!
@Malcolm Weir,
"The crux of the matter is that Google makes it possible to scrutinize Android, "
Er, not quite. According to the fount of all knowledge Wikipedia the current version of Android is 4.0.4, but Google have released the source only up to 4.0.1.
Even if you could stay current with Google's releases (which you can't with Android because you need the manufacturers to keep up) you can't examine the source code you'd be running because Google don't release it at the same time the binaries hit the streets.
Even then what you're running isn't what Google released, you're running something that was put together by the mobile manufacturers *based* on what Google released. You don't ever get to see their modifications (so far as I know).
I don't see what Boeing hope to achieve. They're not going for a stronger Android that the mass market would adopt. They're aiming at a niche market. That niche will always accept lock down, restrictions; that's the price you pay to get security.
That would appear to be a niche that RIM (as you point out, MS increasingly so) already fill well. RIM's Playbook (and I guess their future mobiles) even supports repackaged Android applications!
I think Boeing is being carelessly vague. Whatever it is they think they'll be doing will at best be a major fork of Android. It will not *be* Android itself. But if it's not full fat fresh from the chocolate factory Android then it's not going to offer any advantage over the offering from RIM or MS. Both let you write/deploy your own niche-specific applications in mainstream-friendly ways (= cheap coders). 'Cheap coders' is all that the label 'Android' implies in this case anyway.
Boeing may be able to offer a more secure product, but taking Android as a starting point will make their life very hard. Something like Greenhills' Integrity OS would be a better basis; layering Dalvik on top of that could produce something really quite interesting from a security point of view.
Maybe Boing are going for an O/S that they know the code for because they wrote/analysed large chunks of it rather than assuming RIM have written it well.
Besides, who things RIM will be around in 10 years time?
And the fact is that if i was sufficiently motivated and knowledgable (im not) I build the original Android souce and install it.
Well, IIRC most of the proprietary stuff in any given Android system falls to the hardware support--CPU, GPU, DSP, and chipset drivers and all the assorted custom stuff each manufacturer wants to put on their phone. This is stuff Boeing would have to do anyway for the hardware they intend to put on their proposed device (which I don't think will use a lot of common off-the-shelf tech).
While the proposal appears to smack of internal cryptoprocessors and so on (IOW, all communications to and from the device will be encrypted), a good chunk of the security will have to come from the software--it's highly unlikely Google Play or any Google software will make it into these device. Indeed, I suspect part of Boeing's effort will be to create an application server that allows the head honchos to personally vet applications and only allow those it deems safe onto its network. The devices will then be configured to go to those servers rather than other vanilla servers.
The main issue which I see is that its fully build on top of an Open Source OS. While this has its obvious advantages (and I don't mean "free as in beer") it also comes with disadvantages. For example; 20 people working on a project could use 20 different coding styles thus making it harder to grok the exact inner working of the software component.
But the most risk is the liability aspect itself I think. The well known "What if". What if something does go wrong and the government and military deem Boeing responsible? It doesn't matter here if we're talking Android, iOS, Symbian or even WP7... Obviously RIM has somehow managed to protect themselves from such claims (or evade them?). But can a new player on the market do the same?
"But the most risk is the liability aspect itself I think"
Believe me, even the most trustworthy of software platforms comes with an EULA that absolves the authors of all responsibility in all circumstances for any faults whatsoever, despite what the glossy brochure says. Boeing will be no different.
Anyway in this arena it's not the author's word you trust in the first place. You test the product yourself against whatever information security standard (e.g. FIPS) suits your needs, or accept the word of some other trusted authority (e.g. the government) that has already done that testing. The more stringent your security requirements the harder that is to come by.
I remember a few years ago when the NSA were developing a super secure version of Linux - it suddenly got canceled in favour of the American government being free to buy any of the wide range of commercial OSes available on PCs from a small patriotic company in Redmond.
The result of that effort was SE-Linux, such as you find bolted into Fedora, Redhat, etc. It's an extension to Linux that allows you to set and enforce security policies on a system.
Most people's practical exposure to it is the annoying dialogue boxes that still pop up in Fedora saying that some badly thought out policy has been breached, usually by some other standard part of the OS / desktop / services. In my limited experience it has a propensity to call wolf a lot...
Here's Sally's review on Amazon after purchasing the phone:
"i bought the phone bcuz i heard you cant get viruses but now i cant install angry bards (its like angry birds but better!!!!!!!!) the phone keeps saying stuff like this software is not approved and that its malware. this phone sucks!!!!!!!1"
There is an upside here, Boeing will be able to pay the best in field security experts to harden android beyond all belief. Now while a lot of their work won't be of use to the mass market, such as military grade encryption, it's the hardening of the kernel and dalvik VM that will benefit everyone due to the open source nature of the OS. If Boeing's work is backported into the mainline repo, Android will suddenly become one of the most secure platforms out there.
Any improvement to Android would definitely be most welcome. It is the most fragile (from a security point of view) of the platforms out there.
As for putting improvements back in the mainline, well that's fine so long as no one else (i.e. Google) then goes and modifies it to add some hey-new-whizzy feature that undoes all of Boeing's hard work. And just because it's in the mainline doesn't mean to say that millions of users are going to benefit. No, I suspect Boeing are going to have to maintain their own fork of Android if they want to have a long lasting product line.
It's quite clear that Google didn't do enough analysis of Android security in the first place, nor think about how it could be improved. Maybe they didn't have to - they're earning good money out of it as it is. We all know that Android, uniquely, cannot be auto-updated in the field by Google. Until they fix that Android is always going to be behind the security curve, or stuck in some slow moving fork created by outfits like Boeing.
Most of the time, it's the operators who demanded control over the handsets (like they did in the feature phone days) and pretty much told Google "no control, no deal". So Google either had to play ball or cede control of the phone market to Apple, whose iPhone was in such incredible demand that Apple COULD dictate terms (IOW, Apple didn't come to the operators, they came to Apple).
Once you strip away the fluff of this press release it will more than likely turn out that boeing has contracted to build some android handsets to the NSA's Project fishbowl standards
http://www.nsa.gov/ia/programs/mobility_program/index.shtml
Presumably based on the SE android kernel
http://selinuxproject.org/page/SEAndroid
So more than likely somewhere like foxconn is going to make handsets for boeing for peanuts, boeing will then load their secure android firmware on them and sell them to the government at a $10k markup.
So business as usual all round!
What else would they use? Apple wouldn't let them look at the source code. Microsoft certainly wouldn't, RIM aren't American so that's them out of the pork barrel that Boeing sups from. Maego, Maemo, Symbian, No future.
So it's either Android or roll your own. So not so much chose as picked the only option.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
