Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

First Android Device Certified For DoD Personnel

Soulskill posted more than 2 years ago | from the handheld-fragmentation-grenade dept.

Android 79

aneroid writes "The Defense Information Systems Agency (DISA) has certified its first secure mobile device running Android 2.2 — the Dell Streak 5. It is certified for use in the Defense Department's secure but unclassified communications. 'Although the Streak 5 is no longer available commercially, Dell is supplying it to DOD because the military likes the form factor,' said John Marinho, director of Dell enterprise mobility solutions. It 'includes a set of Android application interfaces designed to enhance the security of the device. Besides being able to transmit secure unclassified messages, the device can have its data remotely wiped in the event of loss or theft.' The device also has the ability to lock down after multiple unsuccessful password entries and allows admins to remotely control the peripherals and security policy levels on the device. You may recall that President Obama got an NSA-certified phone-PDA to use instead of his BlackBerry. We also discussed a related article last year about the U.S. Army considering smartphones. So, how soon will we start seeing other smartphone vendors bid for secure-communications-devices contracts?"

cancel ×

79 comments

Sorry! There are no comments related to the filter you selected.

Herman Cain - molester (-1)

Anonymous Coward | more than 2 years ago | (#37899756)

All republicans are evil.

Re:Herman Cain - molester (1)

leoplan2 (2064520) | more than 2 years ago | (#37899786)

Go away troll

Unclassified (0)

Anonymous Coward | more than 2 years ago | (#37899872)

If it's unclassified info why are they worried about security?

Re:Unclassified (1)

Anonymous Coward | more than 2 years ago | (#37899926)

For the same reason you care about securely transmitting your credit card info even though it isn't classified?

Locations for one (1)

ace37 (2302468) | more than 2 years ago | (#37900462)

Not everything useful is classified--especially when you get large amounts of easily categorized data.

For one, you could monitor a soldier's location using a tracker. Infect some statistically significant number of phones, and you have extremely useful logistical data.

This won't fix it, but at least they can make it less trivial to compromise.

A transmitter that's secure. (0)

Anonymous Coward | more than 2 years ago | (#37899882)

HAHAHAHA!

Re:A transmitter that's secure. (1)

X0563511 (793323) | more than 2 years ago | (#37899988)

My friend, meet Mr. OTP [wikimedia.org] .

Obama's no longer using his Blackberry? (2)

jordanjay29 (1298951) | more than 2 years ago | (#37899900)

Since when? [engadget.com]

Re:Obama's no longer using his Blackberry? (0)

X0563511 (793323) | more than 2 years ago | (#37900012)

You forgot about the "It is certified for use in the Defense Department's secure but unclassified communications." part of the summary, didn't you?

Here, I'll highlight the important part, since you seem deficient in sentence parsing.

Re:Obama's no longer using his Blackberry? (3, Informative)

jordanjay29 (1298951) | more than 2 years ago | (#37900154)

You seem deficient in reading post titles. I specifically questioned the article's stated fact that Obama was given a Sectera Edge (the NSA-certified phone-PDA device), which was proven false in my link. Obama's not using a phone-PDA, he's using a juiced-up Blackberry that's been locked down and yeah, probably certified for secure but unclassified communications as well.

Re:Obama's no longer using his Blackberry? (1)

schnell (163007) | more than 2 years ago | (#37903168)

The Sectera Edge [gdc4s.com] is certified for classified communications... in fact, it's the only "smartphone" that is certified for Top Secret comms. That fact is half of what they're trying to get around here.

The good news is that the US government takes information assurance really, really seriously. The bad news is that they take it seriously enough that the only mobile device you can read your Top Secret e-mail on is a government-only, multi-thousand dollar Windows PDA that's many years behind the times because it took that long to jump through all the high-level government certification hoops.

Fortunately, the government has lately caught on to the idea that they will always be behind on mobile technology if they don't find a way to build their requirements on top of consumer platforms rather than trying to build the whole thing government-specific from the ground up. This effort is part of their attempt to stop falling way behind the innovation curve that off the shelf iOS, Android, etc. devices are delivering, and it seems to be working. Good on them.

Re:Obama's no longer using his Blackberry? (1)

wshs (602011) | more than 2 years ago | (#37904222)

I'd question the government taking information assurance seriously. Manning obtained hundreds of thousands of classified docs undetected, and was only caught when he bragged to an outsider who ratted him out. If anything, information assurance in the government is pretty much nonexistent.

Re:Obama's no longer using his Blackberry? (1)

ebs16 (1069862) | more than 2 years ago | (#37900622)

That article is over 2 year old. That's half a term, and long enough to for him to have received a new device.

Re:Obama's no longer using his Blackberry? (1)

slacker001 (951666) | more than 2 years ago | (#37908990)

Check the date on that picture... it's almost 3 years old.

Wait what (1)

masternerdguy (2468142) | more than 2 years ago | (#37899902)

What about all that android malware everyone keeps talking about?

Re:Wait what (1)

MobileTatsu-NJG (946591) | more than 2 years ago | (#37899942)

It's Android and it's a Dell product. That means it'll forever be stuck on 1.6 and all the new malware requires 2.3!

Re:Wait what (1)

Synerg1y (2169962) | more than 2 years ago | (#37900000)

In regards to OP, they probably lock down install rights, the government's giving you a phone to borrower while in service, it's not your phone to do w/e with is the different.

Mobile: that's security through obscurity as a real world example for you!

Re:Wait what (1)

X0563511 (793323) | more than 2 years ago | (#37900064)

Er, the summary itself said "running Android 2.2" - where did 1.6 come from?

Re:Wait what (1)

HarrySquatter (1698416) | more than 2 years ago | (#37900116)

It's this new thing called a joke.

Re:Wait what (1)

ackthpt (218170) | more than 2 years ago | (#37900332)

Er, the summary itself said "running Android 2.2" - where did 1.6 come from?

Probably the joke is: Dell was wrapping them up on the commercial market when the DoD procurement office called and said they'd like to buy 1.6 million of them. At which point the sales department head at Dell picked up his/her jaw and then called their plant in China and told them to keep making them.

Re:Wait what (1)

garyebickford (222422) | more than 2 years ago | (#37900538)

Just a point of interest - one of the problems DoD has had for a long time (since early 1980s, from my own indirect experience) is that the time it takes to get through certification is generally longer than the modern device release cycles. Five to ten years is not uncommon. So for example, most of the chips used in most of the electronics in most of the DoD's planes, vehicles and tools have the capabilities and features of stuff that you gave to Goodwill five years ago. IIRC DoD funded some special fabs to continue making licensed copies of old chips, partly for security reasons but also because the original makers were not making those chips any more. And the same is true of entire units - radios based on 10 or 20 year old technology, for instance. I think it was in the early 1980s (as mentioned) that DoD started relaxing the requirements for the certification process, and allowing some makers to self-certify some of the stuff, just so DoD could use it before it was obsolete.

Re:Wait what (1)

Sparrow1492 (1962256) | more than 2 years ago | (#37936110)

A 5 year cycle for safety of flight issues and major weapons system is not uncommon. Handheld stuff like this is off the shelf tech (albeit old for this example). You'll find DoD folks using brand new Blackberries today as an example fo the other way.

Re:Wait what (1)

Niomosy (1503) | more than 2 years ago | (#37901454)

My Streak was shipped from Dell with 2.2 (2.2.2, I believe). They upgraded some time back.

Re:Wait what (1)

h4rr4r (612664) | more than 2 years ago | (#37900136)

I am going to bet they won't be installing pirated apps from Chinese third party markets. Stick to amazon and google and you will do just fine.

Locked down, no installing apps (1)

perpenso (1613749) | more than 2 years ago | (#37900164)

What about all that android malware everyone keeps talking about?

The device is probably locked down and the user can not install apps. These are highly specialized **work related** devices.

All kinds of smart phones (3, Insightful)

Anonymous Cowar (1608865) | more than 2 years ago | (#37899904)

for a semi-complete list of smart phones that DISA is looking at, check here: http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html [disa.mil] (A simple google search takes you right there).

That being said, IT infrastructure needs to expand and accommodate smart phones, both in the commercial and military world. You can only say NO for so long before everyone starts hearing "640K should be enough for anybody".

Re:All kinds of smart phones (2)

jeffmeden (135043) | more than 2 years ago | (#37900078)

for a semi-complete list of smart phones that DISA is looking at, check here: http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html [disa.mil] (A simple google search takes you right there).

Interesting that their iPhone and iPad risk assessment document comes up as "access denied"... Maybe I need one of those Dell Streak thingys to see it?

Re:All kinds of smart phones (1)

MobileTatsu-NJG (946591) | more than 2 years ago | (#37900444)

That looks more like a webmaster oops than a "DENIED" message . Even so, I doubt the iPhone assessment would be very interesting. I mean, seriously, I cannot picture the prospect of involving iTunes making anybody's eyes light up.

Re:All kinds of smart phones (1)

ColdWetDog (752185) | more than 2 years ago | (#37900796)

That looks more like a webmaster oops than a "DENIED" message . Even so, I doubt the iPhone assessment would be very interesting. I mean, seriously, I cannot picture the prospect of involving iTunes making anybody's eyes light up.

Apples, certainly. Have a few DOD iTunes account would be just swell.....

Re:All kinds of smart phones (1)

NatasRevol (731260) | more than 2 years ago | (#37900450)

Actually, it's just bad security setup on that server. See the pki for Blackberry - same thing.

Re:All kinds of smart phones (0)

Anonymous Coward | more than 2 years ago | (#37900528)

You just need a DoD PKI which is usually acquired via a CAC login on a .mil system.

It's actually a pretty interesting read about the vulnerabilites of the iOS devices. Nothing that most people on this site wouldn't already know or have guessed though.

Re:All kinds of smart phones (0)

Anonymous Coward | more than 2 years ago | (#37902324)

You have to have a DoD CAC with the proper PKI key to access the file. Hence the "*PKI" next to the document title and the "*PKI = DoD PKI Certificate Required" at the top...

Smart Phone - Military (1)

ackthpt (218170) | more than 2 years ago | (#37899998)

Ob: Oxymoron comment

Non-secure, meaning: Do not leave sitting in your car with the records of 500,000 service personnel on it.

Re:Smart Phone - Military (2)

jeffmeden (135043) | more than 2 years ago | (#37900106)

Ob: Oxymoron comment

Non-secure, meaning: Do not leave sitting in your car with the records of 500,000 service personnel on it.

Clearly the Military wouldn't pay for a redundant device that allows them to lose 500,000 private records (get it, omg military puns) at a time, when the DAT tapes they have now work just fine...

Re:Smart Phone - Military (0)

Anonymous Coward | more than 2 years ago | (#37900192)

I assume you use an 'app' thats connected to a hightly encrypted 'cloud' so the records never get stored on the phone and get wiped from RAM pretty fast.

But then there is better than 50 percent for the sake of covenence that they won't do something like this or better.

secure but unclassified - correct term? (1)

starless (60879) | more than 2 years ago | (#37900124)

secure but unclassified
I thought the term was "sensitive but unclassified"...

Re:secure but unclassified - correct term? (1)

oodaloop (1229816) | more than 2 years ago | (#37900382)

Sensitive But Unclassified is a classification for documents. Secure But Unclassified refers to the network. Surely you can see the difference in meaning in the words secure and sensitive.

Re:secure but unclassified - correct term? (1)

aneroid (856995) | more than 2 years ago | (#37901150)

(My $0.02 as the summarizer)

I understood it as:
Secure --> Network ...and... Classified --> Document/Content sensitivity+visibility

So they're referring to both - secure network yes but no using it to get your covert mission orders via video conf on the device, for example. They probably still expect their personnel to use previously established procedures/devices. Could be a bit of a grey area though.

Re:secure but unclassified - correct term? (0)

Anonymous Coward | more than 2 years ago | (#37902374)

You are correct, it's sensitive but unclassified use on the NIPRNet -- http://en.wikipedia.org/wiki/NIPRNet

iPhone anyone? (0)

stanlyb (1839382) | more than 2 years ago | (#37900216)

Why there is no certified iPhone? WHY? Are not they superior and hyperior than any other youPhone device!!!

battery (2)

ace37 (2302468) | more than 2 years ago | (#37900510)

One of the primary issues was that if the battery runs out of juice, a soldier can't swap it out for a fresh battery. They brought it up, and Apple basically said "we don't care." So they looked harder at Android.

Re:iPhone anyone? (1)

atrain728 (1835698) | more than 2 years ago | (#37900574)

This is actually a tablet, not a phone.

Re:iPhone anyone? (1)

barry99705 (895337) | more than 2 years ago | (#37901168)

The Streak 5 makes a perfectly good phone. Makes an awesome on dash gps as well.

Re:iPhone anyone? (1)

Falconhell (1289630) | more than 2 years ago | (#37903584)

Also very popular for users of XCSoar the excellent open source glide/nav program

Re:iPhone anyone? (0)

Anonymous Coward | more than 2 years ago | (#37900972)

There is and an iPad as well. But thanks for playing.

http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html [disa.mil]

Now go cry to mommy and ask her for a cookie and a nice glass of milk.

Terminology (0)

Anonymous Coward | more than 2 years ago | (#37900218)

So a smartphone is now an "Android Device" and an android is now a humanoid [slashdot.org] . Check. When this is weaponized, you can control the humanoid with the android!

Why not Blackberry instead/also? (2)

acoustix (123925) | more than 2 years ago | (#37900242)

BlackBerry has had all of these security features since 2004/2005. Remote wipe, policy enforcement, encryption, etc. Why not use a product that was secure off the shelf? Was it not expensive enough???

Re:Why not Blackberry instead/also? (2)

Drakonik (1193977) | more than 2 years ago | (#37900292)

Because it's not secure enough unless they can put a "DoD home grown and raised" sticker on it.

Re:Why not Blackberry instead/also? (4, Funny)

PolygamousRanchKid (1290638) | more than 2 years ago | (#37900436)

"CNN - Due to a glitch in Research In Motion's infrastructure, all combat operations for this week have ceased. Now to our correspondent in the field . . . what's going on down there on the field, Nic?"

"Well, both sides have laid down their arms, and are gaming with each other instead . . . not much to report here . . . you got some old Lindsay Lohan footage to show instead . . . ?"

Re:Why not Blackberry instead/also? (1)

tehcyder (746570) | more than 2 years ago | (#37907034)

Sounds like a huge improvement all round to me.

Re:Why not Blackberry instead/also? (1)

garyebickford (222422) | more than 2 years ago | (#37900568)

Same reason we don't all use blackberries - some users or groups at DoD wanted other capabilities or just like Android or something, and they asked DISA to find or get something that was or could be certified.

Re:Why not Blackberry instead/also? (1)

LWATCDR (28044) | more than 2 years ago | (#37900686)

Well those that run their won BES systems are not supposed to be taken down by things like this but the outage seemed to get them as well.

Re:Why not Blackberry instead/also? (1)

Drathos (1092) | more than 2 years ago | (#37900600)

Probably because most of what makes a Blackberry a Blackberry requires going through RIM's servers.

Re:Why not Blackberry instead/also? (1)

AHuxley (892839) | more than 2 years ago | (#37900812)

The NSA and CIA love you using their servers. DoD has its own network to track/set up leakers and spies ..
Different crypto needs for different areas and legal needs.

Re:Why not Blackberry instead/also? (1)

Prune (557140) | more than 2 years ago | (#37903062)

Please don't spread misinformation. For those that run their own BES servers--which is any big business and obviously government--RIM is not in the loop and the other side of the encryption tunnel is at your own servers, not RIM's.

Re:Why not Blackberry instead/also? (1)

LWATCDR (28044) | more than 2 years ago | (#37900728)

Probably too dependent on RIM for the server. If RIM goes out of business and the BlackBerry was the standard then the DOD might have to spend even more keeping them alive and using outdated equipment.
And no I am not suggesting that they would have to go us RIMs servers but they would depend on RIM for BES support, updates and installs.

Re:Why not Blackberry instead/also? (1)

nixman99 (518480) | more than 2 years ago | (#37900908)

Maybe because RIM is a foreign company?

I wonder if Dell has to pay for a Windows license (0)

schwit1 (797399) | more than 2 years ago | (#37900282)

Wasn't it a while back that Dell paid Microsoft for a Windows license on all computers even if it didn't ship with Windows?

parent is a twerp (-1)

Anonymous Coward | more than 2 years ago | (#37900354)

Twerp alert! Twerp alert!

Re:parent is a twerp (1)

garyebickford (222422) | more than 2 years ago | (#37900580)

In at least a sense he/she's right - several Android makers do pay MS a license fee for every Android they ship. I don't recall if Dell is one of them.

Re:parent is a twerp (-1)

Anonymous Coward | more than 2 years ago | (#37900624)

What the twerp was referring to is different to what you are. This site is filled with fucking twerps.

What U'd Really Like to Know (1)

YetAnotherBob (988800) | more than 2 years ago | (#37900722)

What I'd really like to know is when can we get something like this secure phone at Verizon?

Of course, then we would need a secure Market..

Re:What U'd Really Like to Know (1)

ColdWetDog (752185) | more than 2 years ago | (#37900980)

What I'd really like to know is when can we get something like this secure phone at Verizon?

Of course, then we would need a secure Market..

Why do you want a secure phone? What are you hiding, citizen?

Re:What U'd Really Like to Know (1)

narcc (412956) | more than 2 years ago | (#37901836)

You can already get a secure phone at Verizon. It's called the "Blackberry 9930".

Re:What U'd Really Like to Know (1)

Lunix Nutcase (1092239) | more than 2 years ago | (#37901850)

The Streak is not a phone.

Re:What U'd Really Like to Know (1)

coredog64 (1001648) | more than 2 years ago | (#37905186)

That's strange. I use my Streak 5 to make voice calls all the time and have since the moment I pulled it out of the box.

The Streak 7, although still an Android device, makes you work harder to unlock the phone capabilities.

Re:What U'd Really Like to Know (1)

tehcyder (746570) | more than 2 years ago | (#37907180)

That's strange. I use my Streak 5 to make voice calls all the time and have since the moment I pulled it out of the box.

The Streak 7, although still an Android device, makes you work harder to unlock the phone capabilities.

Using a tablet to make phone calls may be technically possible, but it still makes you look like a twat.

First Android Device NOT Certified For DoD (1)

cetroyer (805668) | more than 2 years ago | (#37901262)

The Dell Streak with Android 2.2 is NOT certified for use by DoD personnel.

All that DISA has issued is an "Interim Security Configuration Guide" (see: http://iase.disa.mil/stigs/net_perimeter/wireless/u_android_2.2_dell_iscg_v1r1_20111020.zip [disa.mil] ), which is for "limited deployment, pilots and demonstrations" (see: http://iase.disa.mil/stigs/net_perimeter/wireless/u_android_iscg_release_memo.pdf [disa.mil] ). An approved device would have a "Security Technical Implementation Guide" (see: http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html [disa.mil] ), such as BlackBerry and Windows Mobile.

cetroyer

Linux DOD Accreditation (1)

gatkinso (15975) | more than 2 years ago | (#37901308)

Redhat is accredited to run on classified networks, so I guess it will be easier to get Android in the door.

Re:Linux DOD Accreditation (1)

Lunix Nutcase (1092239) | more than 2 years ago | (#37901868)

Except that Android is radically different than Red Hat? Sure they share a kernel base to some degree, but that's about it.

Re:Linux DOD Accreditation (1)

hitmark (640295) | more than 2 years ago | (#37905372)

The Android "fork" holds a task scheduler that is quite peculiar, and tho i have not payed attention as of late i think their attempts at having it pulled into the main source was resisted because of how extensive it was.

Remotely wiping (1)

future assassin (639396) | more than 2 years ago | (#37901496)

Thanks for the heads up. If I find one I'll be sure to not connect it to network untill I copy everything off the hd.

huge mistake (0)

Anonymous Coward | more than 2 years ago | (#37902456)

tremendous mistake, period. dont come crying to me when all sh!t hits the fan.

Already happening... (1)

LoadWB (592248) | more than 2 years ago | (#37903796)

> So, how soon will we start seeing other smartphone vendors bid for secure-communications-devices contracts?"

Was at the N.S.A. Trusted Computing Conference last month in Orlando. Saw at least one vendor with smart phones for secure use. I'm not going to dig out the paperwork to find names right now, but one company is offering secure and rugged phones. A lot of other interesting stuff there, as well -- multi-domain systems in the same box with full RF shielding between compartments, "cloud" printing for printing across domains, and a mess of other stuff.

FOR THE LOVE OF GOD AND COUNTRY (0)

Anonymous Coward | more than 2 years ago | (#37903926)

require that these be produced in the USA.

Motorola Defy (1)

Neil Boekend (1854906) | more than 2 years ago | (#37904546)

Wouldn't the military be more interrested in something durable? Something like the Motorola Defy? Don't think most devices would like how a soldier would treat them (no offence. Mud/dust/water is not something you can always avoid).

Re:Motorola Defy (1)

coredog64 (1001648) | more than 2 years ago | (#37905206)

My guess is that this is for people in the "Chair Force", not those at the sharp end. Even if AT&T offers 3G in Kandahar, how far do you think the coverage area is? ;)

I think I must have a military grade streak (0)

Anonymous Coward | more than 2 years ago | (#37913272)

my dell streak must be a military one because it has locked it's self down and doesn't let me to boot it any more.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>