back to article iPhones now 'safe' for Restricted UK.gov info, but not Secret

UK government departments have a green light to use iPhones and other iOS 6 devices for handling sensitive emails. The move may encourage civil servants and ministers to toss their BlackBerries to the wind, provided they don't have to read anything that's more than mildly important. For years RIM's BlackBerry handsets were the …

COMMENTS

This topic is closed for new posts.
  1. Steve I
    Go

    Aaaaannnnnnnnnddddd............

    ......let the mouth-frothing begin.

  2. Steve I
    Go

    Oh this makes me so glad/mad!

    I can/can't believe that someone would write something positive/negative about an OS/phone/tablet that I hate/use/have no interest in. Why do/don't these idiots/geniuses/fanbois/fandroids just agree with me and do what I do, which is obviously the best idea? I can see totally/no reason whatssoever why someone might/might not have different requirements to myself.

    Please comment using the above form, deleting as applicable.

  3. BenM 29 Silver badge
    Thumb Up

    SEAndroid

    As sponsored by the NSA.. http://selinuxproject.org/page/Main_Page

    That is all.

    1. Anonymous Coward
      Anonymous Coward

      Re: SEAndroid

      As sponsored by the NSA

      As is Google? Who to trust, oh, who to trust. A vendor who is in trouble left, right and centre for breaches of Data Protection and privacy, or a vendor who is so bad at handling data they screwed up their only offering?

  4. Anonymous Coward
    Anonymous Coward

    "CESG is currently working on updates ..."

    ".....and enhancements to a number of our mobile security guidance documents."

    In other words:

    Someone at Apple paid us a lot of money to change our requirements so that we their phones would meet the requirements.

    1. Steve I

      Re: "CESG is currently working on updates ..."

      Yes - that would work (rolls eyes).

      Mind you, strange how updated documentation can result in an OS gaining a higher security rating.

      1. Anonymous Coward
        Anonymous Coward

        Re: "CESG is currently working on updates ..."

        strange how updated documentation can result in an OS gaining a higher security rating.

        As that is part of the normal risk assessment process I se no issues with that..

    2. Anonymous Coward
      Anonymous Coward

      Re: "CESG is currently working on updates ..."

      Nope, the drive to do this comes from Government, not Apple.

    3. IHateWearingATie
      Stop

      You've not met anyone from CESG have you...

      ... they've been genetically altered to be incapable of saying 'Yes' to anything.

      The best you'll ever get is "well, I won't set the dogs on you just yet if you choose to store or transmit your sensitive electronic information in that way."

      To get this grudging statement on iOS6 means that they've repeatedly put it through the penetration test wringer and were mightily disappointed that it didn't fail for the level of impact (i.e. degree of difficulty of penetration) they've specified.

      1. 0laf
        Big Brother

        Re: You've not met anyone from CESG have you...

        LoL. Yup I've had the pleasure of their company and the disgust on their faces is evident when you make them talk about Apple kit.

        If they can't air-gap it it's not secure.

  5. Slumberingjournalist

    Secure ... up to a point

    Yeah, my mother accidentally left her hand luggage at Melbourne airport a few days ago. It contained a passcode-protected iPad running iOS 6. The Australian Federal Police rang her to tell her they had it.

    So how did they get her number? They told her they opened a "back door" on the iPad using some special software they've got and then went through her contacts app.

    Now if law enforcement can do that then you can bet there's a whole heap of other people out there who can pull off the same trick. Let's hope MPs don't accidentally leave their devices in the cloakroom at some Embassy function, eh?

    Footnote: The Feds apparently told her "Apple are very obliging". I'll bet they are!

    1. This post has been deleted by its author

    2. Anonymous Coward
      Anonymous Coward

      Re: Secure ... up to a point

      As long as this stuff is genuinely only available to law enforcement. RIM do this as well if I remember - i.e. giving governments access or they get their devices banned.

  6. Anonymous Coward
    Anonymous Coward

    Android. Thought not. Would not even trust it with my shopping list as when you also have such fragmentation and then Google trying to mine all your information to sell ads what do you expect?

  7. 0laf
    Mushroom

    CESG is working so hard on this because MPs keep fapping over new Apple kit and kick up a stink when they're not allow to get their grasping little paws on it.

    And you can bet that an iOS6 device that is cleared to IL3 is a long long way away from being fresh out the box.

    So you can bet your CEO will still be less than happy to find that his shiny iOS toy doesn't let him download Hentai dress up from the app store.

    < Nuclear, which is what the CEO will go when he finds his shiny goodness is still hobbled.

    1. bazza Silver badge

      @0Laf

      "And you can bet that an iOS6 device that is cleared to IL3 is a long long way away from being fresh out the box."

      That'll certainly be the case. What Apple, Google and Microsoft haven't worked out is that security = lockdown (by and large), and lockdown means content blocking. The shiniest of mobiles is as dull as ditch water without content. No matter how big an app store is, it might as well not exist at all if users aren't allowed to install anything.

      The problem for the security guys is that lockdown will encourage some users to jailbreak their device to get some fun back, and that's the security measures well and truly screwed.

      BB10 looks different. BB Balance separates the user's stuff from the company's stuff - ideal! Shininess and security in a single box.

  8. JaitcH
    Happy

    Silent Circle by Zimmerman is ...

    ONE HUNDRED PER CENT SECURE from penetration by NSA, GCHQ, Humpty Dumpty and all.

    And cheap at the price.

    Bye, bye, Cameron.

    1. Anonymous Coward
      Anonymous Coward

      Hahahahaha...

      .. boy oh boy, did you fall for it..

      I'll ask you just ONE question: prove it.

      Now for some facts:

      Silent Circle is a US company. It is spectacularly irrelevant where they have their data - one finger in the US and they're subject to the Patriot Act and other creative coercion as we have become used to from the US.

      Their MX record points to somewhere in the US (74.207.233.131, Geolocates to Atlanta).

      Their prices versus:

      - the amount of people allegedly involved

      - the amount of effort involved in developing, maintaining a truly secure service and *prove* it safe

      - the amount of lawyering involved for any US company to keep the Feds/NSA and any other 3 letter club out of their business. It simply does not add up *at all*.

      Possible conclusions:

      - Naive effort

      - Honeytrap banking on Phil Zimmermann's name.

      I really *hope* I am wrong, but there is just no way I can get the currently available facts to add up to anything I would even remotely invest trust in. I'm literally not buying it..

  9. banjomike
    Unhappy

    Hm

    Given that Apple retain the ability to delete anything from an iPhone it doesn't fill me with much joy.

  10. Anon NHS IT flunkey
    Alert

    Re: Silent Circle

    Silent Circle talks a good game, but there is absolutely no in-depth, independent information about what they're doing, who they're doing it for, or how they're doing it.

    "Blind trust" is a thing of the past. If you don't have total control over it, or if the encryption method isn't Open Source, it is not secure. Period.

    1. Anonymous Coward
      Anonymous Coward

      Re: Silent Circle

      You're right, but it's not just about the technology used. Wrong place, wrong approach, and, most interestingly, wrong price.

      I *know* how expensive it is to do it right, and not because I give it away to lawyers and consultants. Their numbers do not add up in any way that I can work them..

This topic is closed for new posts.

Other stories you might like