First Android Device Certified For DoD Personnel

aneroid writes "The Defense Information Systems Agency (DISA) has certified its first secure mobile device running Android 2.2 — the Dell Streak 5. It is certified for use in the Defense Department's secure but unclassified communications. 'Although the Streak 5 is no longer available commercially, Dell is supplying it to DOD because the military likes the form factor,' said John Marinho, director of Dell enterprise mobility solutions. It 'includes a set of Android application interfaces designed to enhance the security of the device. Besides being able to transmit secure unclassified messages, the device can have its data remotely wiped in the event of loss or theft.' The device also has the ability to lock down after multiple unsuccessful password entries and allows admins to remotely control the peripherals and security policy levels on the device. You may recall that President Obama got an NSA-certified phone-PDA to use instead of his BlackBerry. We also discussed a related article last year about the U.S. Army considering smartphones. So, how soon will we start seeing other smartphone vendors bid for secure-communications-devices contracts?"

Re:

[Anonymous Coward]

For the same reason you care about securely transmitting your credit card info even though it isn't classified?

Locations for one

[ace37]

Not everything useful is classified--especially when you get large amounts of easily categorized data.

For one, you could monitor a soldier's location using a tracker. Infect some statistically significant number of phones, and you have extremely useful logistical data.

This won't fix it, but at least they can make it less trivial to compromise.

Re:

[X0563511]

My friend, meet Mr. OTP [wikimedia.org].

Obama's no longer using his Blackberry?

[jordanjay29]

Since when? [engadget.com]

Re:

[X0563511]

You forgot about the "It is certified for use in the Defense Department's secure but unclassified communications." part of the summary, didn't you?

Here, I'll highlight the important part, since you seem deficient in sentence parsing.

Re:

[jordanjay29]

You seem deficient in reading post titles. I specifically questioned the article's stated fact that Obama was given a Sectera Edge (the NSA-certified phone-PDA device), which was proven false in my link. Obama's not using a phone-PDA, he's using a juiced-up Blackberry that's been locked down and yeah, probably certified for secure but unclassified communications as well.

Re:

[schnell]

The Sectera Edge [gdc4s.com] is certified for classified communications... in fact, it's the only "smartphone" that is certified for Top Secret comms. That fact is half of what they're trying to get around here.

The good news is that the US government takes information assurance really, really seriously. The bad news is that they take it seriously enough that the only mobile device you can read your Top Secret e-mail on is a government-only, multi-thousand dollar Windows PDA that's many years behind the times because it

Re:

[wshs]

I'd question the government taking information assurance seriously. Manning obtained hundreds of thousands of classified docs undetected, and was only caught when he bragged to an outsider who ratted him out. If anything, information assurance in the government is pretty much nonexistent.

Re:

[slacker001]

Check the date on that picture... it's almost 3 years old.

Re:

[MobileTatsu-NJG]

It's Android and it's a Dell product. That means it'll forever be stuck on 1.6 and all the new malware requires 2.3!

Re:

[Synerg1y]

In regards to OP, they probably lock down install rights, the government's giving you a phone to borrower while in service, it's not your phone to do w/e with is the different.

Mobile: that's security through obscurity as a real world example for you!

Re:

[X0563511]

Er, the summary itself said "running Android 2.2" - where did 1.6 come from?

Re:

[HarrySquatter]

It's this new thing called a joke.

Re:

[ackthpt]

Er, the summary itself said "running Android 2.2" - where did 1.6 come from?

Probably the joke is: Dell was wrapping them up on the commercial market when the DoD procurement office called and said they'd like to buy 1.6 million of them. At which point the sales department head at Dell picked up his/her jaw and then called their plant in China and told them to keep making them.

Re:

[garyebickford]

Just a point of interest - one of the problems DoD has had for a long time (since early 1980s, from my own indirect experience) is that the time it takes to get through certification is generally longer than the modern device release cycles. Five to ten years is not uncommon. So for example, most of the chips used in most of the electronics in most of the DoD's planes, vehicles and tools have the capabilities and features of stuff that you gave to Goodwill five years ago. IIRC DoD funded some special fab

Re:

[Sparrow1492]

A 5 year cycle for safety of flight issues and major weapons system is not uncommon. Handheld stuff like this is off the shelf tech (albeit old for this example). You'll find DoD folks using brand new Blackberries today as an example fo the other way.

Re:

[Niomosy]

My Streak was shipped from Dell with 2.2 (2.2.2, I believe). They upgraded some time back.

Re:

[h4rr4r]

I am going to bet they won't be installing pirated apps from Chinese third party markets. Stick to amazon and google and you will do just fine.

Locked down, no installing apps

[perpenso]

What about all that android malware everyone keeps talking about?

The device is probably locked down and the user can not install apps. These are highly specialized **work related** devices.

All kinds of smart phones

[Anonymous Cowar]

for a semi-complete list of smart phones that DISA is looking at, check here: http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html [disa.mil] (A simple google search takes you right there).

That being said, IT infrastructure needs to expand and accommodate smart phones, both in the commercial and military world. You can only say NO for so long before everyone starts hearing "640K should be enough for anybody".

Re:

[jeffmeden]

for a semi-complete list of smart phones that DISA is looking at, check here: http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html [disa.mil] (A simple google search takes you right there).

Interesting that their iPhone and iPad risk assessment document comes up as "access denied"... Maybe I need one of those Dell Streak thingys to see it?

Re:

[MobileTatsu-NJG]

That looks more like a webmaster oops than a "DENIED" message . Even so, I doubt the iPhone assessment would be very interesting. I mean, seriously, I cannot picture the prospect of involving iTunes making anybody's eyes light up.

Re:

[ColdWetDog]

That looks more like a webmaster oops than a "DENIED" message . Even so, I doubt the iPhone assessment would be very interesting. I mean, seriously, I cannot picture the prospect of involving iTunes making anybody's eyes light up.

Apples, certainly. Have a few DOD iTunes account would be just swell.....

Re:

[NatasRevol]

Actually, it's just bad security setup on that server. See the pki for Blackberry - same thing.

Smart Phone - Military

[ackthpt]

Ob: Oxymoron comment

Non-secure, meaning: Do not leave sitting in your car with the records of 500,000 service personnel on it.

Re:

[jeffmeden]

Ob: Oxymoron comment

Non-secure, meaning: Do not leave sitting in your car with the records of 500,000 service personnel on it.

Clearly the Military wouldn't pay for a redundant device that allows them to lose 500,000 private records (get it, omg military puns) at a time, when the DAT tapes they have now work just fine...

secure but unclassified - correct term?

[starless]

secure but unclassified
I thought the term was "sensitive but unclassified"...

Re:

[oodaloop]

Sensitive But Unclassified is a classification for documents. Secure But Unclassified refers to the network. Surely you can see the difference in meaning in the words secure and sensitive.

Re:

[aneroid]

(My $0.02 as the summarizer)

I understood it as:
Secure --> Network ...and... Classified --> Document/Content sensitivity+visibility

So they're referring to both - secure network yes but no using it to get your covert mission orders via video conf on the device, for example. They probably still expect their personnel to use previously established procedures/devices. Could be a bit of a grey area though.

battery

[ace37]

One of the primary issues was that if the battery runs out of juice, a soldier can't swap it out for a fresh battery. They brought it up, and Apple basically said "we don't care." So they looked harder at Android.

Re:

[atrain728]

This is actually a tablet, not a phone.

Re:

[barry99705]

The Streak 5 makes a perfectly good phone. Makes an awesome on dash gps as well.

Re:

[Falconhell]

Also very popular for users of XCSoar the excellent open source glide/nav program

Why not Blackberry instead/also?

[acoustix]

BlackBerry has had all of these security features since 2004/2005. Remote wipe, policy enforcement, encryption, etc. Why not use a product that was secure off the shelf? Was it not expensive enough???

Re:

[Drakonik]

Because it's not secure enough unless they can put a "DoD home grown and raised" sticker on it.

Re:Why not Blackberry instead/also?

[PolygamousRanchKid]

"CNN - Due to a glitch in Research In Motion's infrastructure, all combat operations for this week have ceased. Now to our correspondent in the field . . . what's going on down there on the field, Nic?"

"Well, both sides have laid down their arms, and are gaming with each other instead . . . not much to report here . . . you got some old Lindsay Lohan footage to show instead . . . ?"

Re:

[tehcyder]

Sounds like a huge improvement all round to me.

Re:

[garyebickford]

Same reason we don't all use blackberries - some users or groups at DoD wanted other capabilities or just like Android or something, and they asked DISA to find or get something that was or could be certified.

Re:

[LWATCDR]

Well those that run their won BES systems are not supposed to be taken down by things like this but the outage seemed to get them as well.

Re:

[Drathos]

Probably because most of what makes a Blackberry a Blackberry requires going through RIM's servers.

Re:

[AHuxley]

The NSA and CIA love you using their servers. DoD has its own network to track/set up leakers and spies ..
Different crypto needs for different areas and legal needs.

Re:

[Prune]

Please don't spread misinformation. For those that run their own BES servers--which is any big business and obviously government--RIM is not in the loop and the other side of the encryption tunnel is at your own servers, not RIM's.

Re:

[LWATCDR]

Probably too dependent on RIM for the server. If RIM goes out of business and the BlackBerry was the standard then the DOD might have to spend even more keeping them alive and using outdated equipment.
And no I am not suggesting that they would have to go us RIMs servers but they would depend on RIM for BES support, updates and installs.

Re:

[nixman99]

Maybe because RIM is a foreign company?

I wonder if Dell has to pay for a Windows license

[schwit1]

Wasn't it a while back that Dell paid Microsoft for a Windows license on all computers even if it didn't ship with Windows?

Re:

[garyebickford]

In at least a sense he/she's right - several Android makers do pay MS a license fee for every Android they ship. I don't recall if Dell is one of them.

What U'd Really Like to Know

[YetAnotherBob]

What I'd really like to know is when can we get something like this secure phone at Verizon?

Of course, then we would need a secure Market..

Re:

[ColdWetDog]

What I'd really like to know is when can we get something like this secure phone at Verizon?

Of course, then we would need a secure Market..

Why do you want a secure phone? What are you hiding, citizen?

Re:

[narcc]

You can already get a secure phone at Verizon. It's called the "Blackberry 9930".

Re:

[Lunix Nutcase]

The Streak is not a phone.

Re:

[coredog64]

That's strange. I use my Streak 5 to make voice calls all the time and have since the moment I pulled it out of the box.

The Streak 7, although still an Android device, makes you work harder to unlock the phone capabilities.

Re:

[tehcyder]

That's strange. I use my Streak 5 to make voice calls all the time and have since the moment I pulled it out of the box.

The Streak 7, although still an Android device, makes you work harder to unlock the phone capabilities.

Using a tablet to make phone calls may be technically possible, but it still makes you look like a twat.

First Android Device NOT Certified For DoD

[cetroyer]

The Dell Streak with Android 2.2 is NOT certified for use by DoD personnel.

All that DISA has issued is an "Interim Security Configuration Guide" (see: http://iase.disa.mil/stigs/net_perimeter/wireless/u_android_2.2_dell_iscg_v1r1_20111020.zip [disa.mil]), which is for "limited deployment, pilots and demonstrations" (see: http://iase.disa.mil/stigs/net_perimeter/wireless/u_android_iscg_release_memo.pdf [disa.mil]). An approved device would have a "Security Technical Implementation Guide" (see: http://iase.disa.mil/stigs/net_pe [disa.mil]

Linux DOD Accreditation

[gatkinso]

Redhat is accredited to run on classified networks, so I guess it will be easier to get Android in the door.

Re:

[Lunix Nutcase]

Except that Android is radically different than Red Hat? Sure they share a kernel base to some degree, but that's about it.

Re:

[hitmark]

The Android "fork" holds a task scheduler that is quite peculiar, and tho i have not payed attention as of late i think their attempts at having it pulled into the main source was resisted because of how extensive it was.

Remotely wiping

[future assassin]

Thanks for the heads up. If I find one I'll be sure to not connect it to network untill I copy everything off the hd.

Already happening...

[LoadWB]

> So, how soon will we start seeing other smartphone vendors bid for secure-communications-devices contracts?"

Was at the N.S.A. Trusted Computing Conference last month in Orlando. Saw at least one vendor with smart phones for secure use. I'm not going to dig out the paperwork to find names right now, but one company is offering secure and rugged phones. A lot of other interesting stuff there, as well -- multi-domain systems in the same box with full RF shielding between compartments, "cloud" printing

Motorola Defy

[Neil Boekend]

Wouldn't the military be more interrested in something durable? Something like the Motorola Defy? Don't think most devices would like how a soldier would treat them (no offence. Mud/dust/water is not something you can always avoid).

Re:

[coredog64]

My guess is that this is for people in the "Chair Force", not those at the sharp end. Even if AT&T offers 3G in Kandahar, how far do you think the coverage area is? ;)

Re:

[hitmark]

http://www.otterbox.com/Dell-Streak-Defender-Series-Case/DEL2-STRK1,default,pd.html?dwvar_DEL2-STRK1_color=20&start=1&cgid=dell-streak-cases [otterbox.com]