......let the mouth-frothing begin.
UK government departments have a green light to use iPhones and other iOS 6 devices for handling sensitive emails. The move may encourage civil servants and ministers to toss their BlackBerries to the wind, provided they don't have to read anything that's more than mildly important. For years RIM's BlackBerry handsets were the …
......let the mouth-frothing begin.
I can/can't believe that someone would write something positive/negative about an OS/phone/tablet that I hate/use/have no interest in. Why do/don't these idiots/geniuses/fanbois/fandroids just agree with me and do what I do, which is obviously the best idea? I can see totally/no reason whatssoever why someone might/might not have different requirements to myself.
Please comment using the above form, deleting as applicable.
As sponsored by the NSA.. http://selinuxproject.org/page/Main_Page
That is all.
As sponsored by the NSA
As is Google? Who to trust, oh, who to trust. A vendor who is in trouble left, right and centre for breaches of Data Protection and privacy, or a vendor who is so bad at handling data they screwed up their only offering?
".....and enhancements to a number of our mobile security guidance documents."
In other words:
Someone at Apple paid us a lot of money to change our requirements so that we their phones would meet the requirements.
Yes - that would work (rolls eyes).
Mind you, strange how updated documentation can result in an OS gaining a higher security rating.
Nope, the drive to do this comes from Government, not Apple.
... they've been genetically altered to be incapable of saying 'Yes' to anything.
The best you'll ever get is "well, I won't set the dogs on you just yet if you choose to store or transmit your sensitive electronic information in that way."
To get this grudging statement on iOS6 means that they've repeatedly put it through the penetration test wringer and were mightily disappointed that it didn't fail for the level of impact (i.e. degree of difficulty of penetration) they've specified.
LoL. Yup I've had the pleasure of their company and the disgust on their faces is evident when you make them talk about Apple kit.
If they can't air-gap it it's not secure.
strange how updated documentation can result in an OS gaining a higher security rating.
As that is part of the normal risk assessment process I se no issues with that..
Yeah, my mother accidentally left her hand luggage at Melbourne airport a few days ago. It contained a passcode-protected iPad running iOS 6. The Australian Federal Police rang her to tell her they had it.
So how did they get her number? They told her they opened a "back door" on the iPad using some special software they've got and then went through her contacts app.
Now if law enforcement can do that then you can bet there's a whole heap of other people out there who can pull off the same trick. Let's hope MPs don't accidentally leave their devices in the cloakroom at some Embassy function, eh?
Footnote: The Feds apparently told her "Apple are very obliging". I'll bet they are!
As long as this stuff is genuinely only available to law enforcement. RIM do this as well if I remember - i.e. giving governments access or they get their devices banned.
Android. Thought not. Would not even trust it with my shopping list as when you also have such fragmentation and then Google trying to mine all your information to sell ads what do you expect?
CESG is working so hard on this because MPs keep fapping over new Apple kit and kick up a stink when they're not allow to get their grasping little paws on it.
And you can bet that an iOS6 device that is cleared to IL3 is a long long way away from being fresh out the box.
So you can bet your CEO will still be less than happy to find that his shiny iOS toy doesn't let him download Hentai dress up from the app store.
< Nuclear, which is what the CEO will go when he finds his shiny goodness is still hobbled.
"And you can bet that an iOS6 device that is cleared to IL3 is a long long way away from being fresh out the box."
That'll certainly be the case. What Apple, Google and Microsoft haven't worked out is that security = lockdown (by and large), and lockdown means content blocking. The shiniest of mobiles is as dull as ditch water without content. No matter how big an app store is, it might as well not exist at all if users aren't allowed to install anything.
The problem for the security guys is that lockdown will encourage some users to jailbreak their device to get some fun back, and that's the security measures well and truly screwed.
BB10 looks different. BB Balance separates the user's stuff from the company's stuff - ideal! Shininess and security in a single box.
ONE HUNDRED PER CENT SECURE from penetration by NSA, GCHQ, Humpty Dumpty and all.
And cheap at the price.
Bye, bye, Cameron.
.. boy oh boy, did you fall for it..
I'll ask you just ONE question: prove it.
Now for some facts:
Silent Circle is a US company. It is spectacularly irrelevant where they have their data - one finger in the US and they're subject to the Patriot Act and other creative coercion as we have become used to from the US.
Their MX record points to somewhere in the US (184.108.40.206, Geolocates to Atlanta).
Their prices versus:
- the amount of people allegedly involved
- the amount of effort involved in developing, maintaining a truly secure service and *prove* it safe
- the amount of lawyering involved for any US company to keep the Feds/NSA and any other 3 letter club out of their business. It simply does not add up *at all*.
- Naive effort
- Honeytrap banking on Phil Zimmermann's name.
I really *hope* I am wrong, but there is just no way I can get the currently available facts to add up to anything I would even remotely invest trust in. I'm literally not buying it..
Given that Apple retain the ability to delete anything from an iPhone it doesn't fill me with much joy.
Silent Circle talks a good game, but there is absolutely no in-depth, independent information about what they're doing, who they're doing it for, or how they're doing it.
"Blind trust" is a thing of the past. If you don't have total control over it, or if the encryption method isn't Open Source, it is not secure. Period.
You're right, but it's not just about the technology used. Wrong place, wrong approach, and, most interestingly, wrong price.
I *know* how expensive it is to do it right, and not because I give it away to lawyers and consultants. Their numbers do not add up in any way that I can work them..
Biting the hand that feeds IT © 1998–2017