Forgot your password?
typodupeerror
Android Government Handhelds Security The Military United States IT

First Android Device Certified For DoD Personnel 79

Posted by Soulskill
from the handheld-fragmentation-grenade dept.
aneroid writes "The Defense Information Systems Agency (DISA) has certified its first secure mobile device running Android 2.2 — the Dell Streak 5. It is certified for use in the Defense Department's secure but unclassified communications. 'Although the Streak 5 is no longer available commercially, Dell is supplying it to DOD because the military likes the form factor,' said John Marinho, director of Dell enterprise mobility solutions. It 'includes a set of Android application interfaces designed to enhance the security of the device. Besides being able to transmit secure unclassified messages, the device can have its data remotely wiped in the event of loss or theft.' The device also has the ability to lock down after multiple unsuccessful password entries and allows admins to remotely control the peripherals and security policy levels on the device. You may recall that President Obama got an NSA-certified phone-PDA to use instead of his BlackBerry. We also discussed a related article last year about the U.S. Army considering smartphones. So, how soon will we start seeing other smartphone vendors bid for secure-communications-devices contracts?"
This discussion has been archived. No new comments can be posted.

First Android Device Certified For DoD Personnel

Comments Filter:
    • by X0563511 (793323)

      You forgot about the "It is certified for use in the Defense Department's secure but unclassified communications." part of the summary, didn't you?

      Here, I'll highlight the important part, since you seem deficient in sentence parsing.

      • Re: (Score:3, Informative)

        by jordanjay29 (1298951)
        You seem deficient in reading post titles. I specifically questioned the article's stated fact that Obama was given a Sectera Edge (the NSA-certified phone-PDA device), which was proven false in my link. Obama's not using a phone-PDA, he's using a juiced-up Blackberry that's been locked down and yeah, probably certified for secure but unclassified communications as well.
        • by schnell (163007)

          The Sectera Edge [gdc4s.com] is certified for classified communications... in fact, it's the only "smartphone" that is certified for Top Secret comms. That fact is half of what they're trying to get around here.

          The good news is that the US government takes information assurance really, really seriously. The bad news is that they take it seriously enough that the only mobile device you can read your Top Secret e-mail on is a government-only, multi-thousand dollar Windows PDA that's many years behind the times because it

          • by wshs (602011)
            I'd question the government taking information assurance seriously. Manning obtained hundreds of thousands of classified docs undetected, and was only caught when he bragged to an outsider who ratted him out. If anything, information assurance in the government is pretty much nonexistent.
    • Check the date on that picture... it's almost 3 years old.

  • by Anonymous Cowar (1608865) on Monday October 31, 2011 @04:37PM (#37899904)
    for a semi-complete list of smart phones that DISA is looking at, check here: http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html [disa.mil] (A simple google search takes you right there).

    That being said, IT infrastructure needs to expand and accommodate smart phones, both in the commercial and military world. You can only say NO for so long before everyone starts hearing "640K should be enough for anybody".
    • by jeffmeden (135043)

      for a semi-complete list of smart phones that DISA is looking at, check here: http://iase.disa.mil/stigs/net_perimeter/wireless/smartphone.html [disa.mil] (A simple google search takes you right there).

      Interesting that their iPhone and iPad risk assessment document comes up as "access denied"... Maybe I need one of those Dell Streak thingys to see it?

      • That looks more like a webmaster oops than a "DENIED" message . Even so, I doubt the iPhone assessment would be very interesting. I mean, seriously, I cannot picture the prospect of involving iTunes making anybody's eyes light up.

        • That looks more like a webmaster oops than a "DENIED" message . Even so, I doubt the iPhone assessment would be very interesting. I mean, seriously, I cannot picture the prospect of involving iTunes making anybody's eyes light up.

          Apples, certainly. Have a few DOD iTunes account would be just swell.....

      • Actually, it's just bad security setup on that server. See the pki for Blackberry - same thing.

  • Ob: Oxymoron comment

    Non-secure, meaning: Do not leave sitting in your car with the records of 500,000 service personnel on it.

    • by jeffmeden (135043)

      Ob: Oxymoron comment

      Non-secure, meaning: Do not leave sitting in your car with the records of 500,000 service personnel on it.

      Clearly the Military wouldn't pay for a redundant device that allows them to lose 500,000 private records (get it, omg military puns) at a time, when the DAT tapes they have now work just fine...

  • secure but unclassified
    I thought the term was "sensitive but unclassified"...

    • by oodaloop (1229816)
      Sensitive But Unclassified is a classification for documents. Secure But Unclassified refers to the network. Surely you can see the difference in meaning in the words secure and sensitive.
    • by aneroid (856995)

      (My $0.02 as the summarizer)

      I understood it as:
      Secure --> Network ...and... Classified --> Document/Content sensitivity+visibility

      So they're referring to both - secure network yes but no using it to get your covert mission orders via video conf on the device, for example. They probably still expect their personnel to use previously established procedures/devices. Could be a bit of a grey area though.

  • by acoustix (123925) on Monday October 31, 2011 @05:04PM (#37900242) Homepage

    BlackBerry has had all of these security features since 2004/2005. Remote wipe, policy enforcement, encryption, etc. Why not use a product that was secure off the shelf? Was it not expensive enough???

    • by Drakonik (1193977)

      Because it's not secure enough unless they can put a "DoD home grown and raised" sticker on it.

    • by PolygamousRanchKid (1290638) on Monday October 31, 2011 @05:18PM (#37900436)

      "CNN - Due to a glitch in Research In Motion's infrastructure, all combat operations for this week have ceased. Now to our correspondent in the field . . . what's going on down there on the field, Nic?"

      "Well, both sides have laid down their arms, and are gaming with each other instead . . . not much to report here . . . you got some old Lindsay Lohan footage to show instead . . . ?"

    • Same reason we don't all use blackberries - some users or groups at DoD wanted other capabilities or just like Android or something, and they asked DISA to find or get something that was or could be certified.

      • by LWATCDR (28044)

        Well those that run their won BES systems are not supposed to be taken down by things like this but the outage seemed to get them as well.

    • by Drathos (1092)

      Probably because most of what makes a Blackberry a Blackberry requires going through RIM's servers.

      • by AHuxley (892839)
        The NSA and CIA love you using their servers. DoD has its own network to track/set up leakers and spies ..
        Different crypto needs for different areas and legal needs.
      • by Prune (557140)
        Please don't spread misinformation. For those that run their own BES servers--which is any big business and obviously government--RIM is not in the loop and the other side of the encryption tunnel is at your own servers, not RIM's.
    • by LWATCDR (28044)

      Probably too dependent on RIM for the server. If RIM goes out of business and the BlackBerry was the standard then the DOD might have to spend even more keeping them alive and using outdated equipment.
      And no I am not suggesting that they would have to go us RIMs servers but they would depend on RIM for BES support, updates and installs.

    • by nixman99 (518480)
      Maybe because RIM is a foreign company?
  • Wasn't it a while back that Dell paid Microsoft for a Windows license on all computers even if it didn't ship with Windows?

  • What I'd really like to know is when can we get something like this secure phone at Verizon?

    Of course, then we would need a secure Market..

    • What I'd really like to know is when can we get something like this secure phone at Verizon?

      Of course, then we would need a secure Market..

      Why do you want a secure phone? What are you hiding, citizen?

    • by narcc (412956)

      You can already get a secure phone at Verizon. It's called the "Blackberry 9930".

    • The Streak is not a phone.

      • That's strange. I use my Streak 5 to make voice calls all the time and have since the moment I pulled it out of the box.

        The Streak 7, although still an Android device, makes you work harder to unlock the phone capabilities.

        • by tehcyder (746570)

          That's strange. I use my Streak 5 to make voice calls all the time and have since the moment I pulled it out of the box.

          The Streak 7, although still an Android device, makes you work harder to unlock the phone capabilities.

          Using a tablet to make phone calls may be technically possible, but it still makes you look like a twat.

  • The Dell Streak with Android 2.2 is NOT certified for use by DoD personnel.

    All that DISA has issued is an "Interim Security Configuration Guide" (see: http://iase.disa.mil/stigs/net_perimeter/wireless/u_android_2.2_dell_iscg_v1r1_20111020.zip [disa.mil]), which is for "limited deployment, pilots and demonstrations" (see: http://iase.disa.mil/stigs/net_perimeter/wireless/u_android_iscg_release_memo.pdf [disa.mil]). An approved device would have a "Security Technical Implementation Guide" (see: http://iase.disa.mil/stigs/net_pe [disa.mil]

  • Redhat is accredited to run on classified networks, so I guess it will be easier to get Android in the door.

    • Except that Android is radically different than Red Hat? Sure they share a kernel base to some degree, but that's about it.

      • by hitmark (640295)

        The Android "fork" holds a task scheduler that is quite peculiar, and tho i have not payed attention as of late i think their attempts at having it pulled into the main source was resisted because of how extensive it was.

  • Thanks for the heads up. If I find one I'll be sure to not connect it to network untill I copy everything off the hd.

  • > So, how soon will we start seeing other smartphone vendors bid for secure-communications-devices contracts?"

    Was at the N.S.A. Trusted Computing Conference last month in Orlando. Saw at least one vendor with smart phones for secure use. I'm not going to dig out the paperwork to find names right now, but one company is offering secure and rugged phones. A lot of other interesting stuff there, as well -- multi-domain systems in the same box with full RF shielding between compartments, "cloud" printing

  • Wouldn't the military be more interrested in something durable? Something like the Motorola Defy? Don't think most devices would like how a soldier would treat them (no offence. Mud/dust/water is not something you can always avoid).

Thufir's a Harkonnen now.

Working...