Pentagon to grant security clearance for Apple's IOS, some Samsung devices

Posted:
in iPhone edited January 2014
Devices from the world's two largest smartphone makers will soon be cleared for use by Department of Defense employees, as the Pentagon makes ready to open up its systems to Apple's iPhone and handsets from Samsung.

pentagonphone


The coming weeks will see the Department of Defense granting separate security approvals for Samsung's Galaxy smartphones and Apple iPads and iPhones, sources familiar with the Pentagon's plans told The Wall Street Journal. The policy shift will be the culmination of a plan announced earlier this year to move the DoD into a more "platform agnostic" IT position.

Specifically, the DoD will reportedly grant clearance for both iOS 6, Apple's current mobile operating system, as well as iOS 5, the company's previous-generation software. iOS 5 will be cleared for use on an "as needed" basis subject to hardware modification, while any device running iOS will be acceptable, without the need for hardware modification.

Approval for DoD use requires that a manufacturer's devices pass stringent security examinations. Apple prides itself on security in iOS, with its iMessage encryption reportedly strong enough to stymie the DEA.

Apple's iPads and iPhones are already in use in a number of government agencies, as well as some divisions of the military, but Pentagon certification will allow for their use in more critical security areas.

Samsung, meanwhile, has been rapidly adding security layers to its Galaxy line of devices to make them suitable for enterprise and government use. The South Korean tech giant is also said to be readying a more "rugged" version of its Galaxy S4 handset. Initially thought to be geared toward more active users, the waterproof and dust proof Galaxy S4 "Active" would also be attractive to officials in hardship postings and soldiers on the battlefield.

While previous reports have colored the widening of the range of acceptable devices as an undeniable negative for BlackBerry ? currently the standard holder among secure devices for large operations ? AppleInsider's own contact with Pentagon spokespersons has shown the shift to be intended to widen the Pentagon's options.

"The key takeaway is that it's a multi-vendor solution," Lt. Col. Damien Pickart told AppleInsider in February. "We will have a DoD-wide device management system and a DoD-wide app storefront."

This multi-vendor model is intended to allow specific departments to tailor their device and app requisition needs to their own requirements, as opposed to going with a one-size-fits-all model. BlackBerry is said to be close to securing Defense Department approval for its new OS, BlackBerry 10.
«1

Comments

  • Reply 1 of 23
    SpamSandwichSpamSandwich Posts: 33,407member
    Big mistake to allow products from Samsung into secure government facilities.
  • Reply 2 of 23
    tallest skiltallest skil Posts: 43,399member


    Originally Posted by AppleInsider View Post

    …any device running iOS will be acceptable, without the need for hardware modification.


     


    That says it all, really.

  • Reply 3 of 23
    suddenly newtonsuddenly newton Posts: 13,811member
    What, Microsoft, not invited to this party?
  • Reply 4 of 23
    suddenly newtonsuddenly newton Posts: 13,811member
    Big mistake to allow products from Samsung into secure government facilities.

    Not sure if serious. The South Koreans are not the Chinese.
  • Reply 5 of 23
    SpamSandwichSpamSandwich Posts: 33,407member

    Quote:

    Originally Posted by Suddenly Newton View Post





    Not sure if serious. The South Koreans are not the Chinese.


     


    Samsung isn't South Korea... they're Samsung, a company with an incredible track record of IP theft, corruption and bribery.

  • Reply 6 of 23
    tallest skiltallest skil Posts: 43,399member


    Originally Posted by Suddenly Newton View Post

    What, Microsoft, not invited to this party?


     


    Microsoft! In a secure setting! Ha ha!

  • Reply 7 of 23
    sflocalsflocal Posts: 5,990member

    Quote:

    Originally Posted by SpamSandwich View Post


     


    Samsung isn't South Korea... they're Samsung, a company with an incredible track record of IP theft, corruption and bribery.





    I agree.  Samsung believes it is a sovereign nation of its own.  Company owner is a convict.  They reek of stealing IP.  I wouldn't trust Samsung and their connected refrigerators.

  • Reply 8 of 23
    skleinivskleiniv Posts: 37member
    Why can't our government support a pure USA play here? Samsung shouldn't even be considered given the clear indication that they steal other people's technology, (think apple here). IMO I don't think their trustworthy enough to have any involvement with our military.
  • Reply 9 of 23
    r00fusr00fus Posts: 245member
    Please fix capitalization:
    IOS = Cisco's router OS, iOS = Apple's mobile OS.

    I know a former Cisco guy who flies off the handle every time he sees this mistake - hard enough to find Cisco IOS search results in google, when all the references point to Apple stuff :)
  • Reply 10 of 23
    anantksundaramanantksundaram Posts: 20,356member

    Quote:

    Originally Posted by skleiniv View Post



    Why can't our government support a pure USA play here? Samsung shouldn't even be considered given the clear indication that they steal other people's technology, (think apple here). IMO I don't think their trustworthy enough to have any involvement with our military.


    And do you believe everyone else should do the same with their "pure home plays"? The EU? Japan? Korea? China?


     


    In fact, why stop at phones? Why not computers? Where can we find a "pure USA play"?

  • Reply 11 of 23
    agramonteagramonte Posts: 345member

    Quote:

    Originally Posted by SpamSandwich View Post



    Big mistake to allow products from Samsung into secure government facilities.


     


    Most will stick with what the DoD thinks

  • Reply 12 of 23
    SpamSandwichSpamSandwich Posts: 33,407member

    Quote:

    Originally Posted by agramonte View Post


     


    Most will stick with what the DoD thinks



     


    Or they will until certain Congresspersons see an opportunity for grandstanding.

  • Reply 13 of 23
    jupiteronejupiterone Posts: 1,564member
    That says it all, really.

    I think the article meant iOS 6 without hardware modification. The original quote doesn't make sense.

    iOS 5 will be cleared for use on an "as needed" basis subject to hardware modification, while any device running iOS will be acceptable, without the need for hardware modification.
  • Reply 14 of 23
    lkrupplkrupp Posts: 10,038member

    Quote:

    Originally Posted by SpamSandwich View Post



    Big mistake to allow products from Samsung into secure government facilities.


     


    I've been wondering if any Samsung parts are being made in that jointly operated factory in North Korea. You know, the one that has been shut down because of the little fat man's attention tantrum. Who knows what the Chinese and North Koreans might do to compromise security on products sold in the United States.

  • Reply 15 of 23
    kdarlingkdarling Posts: 1,640member

    Quote:

    Originally Posted by lkrupp View Post


    I've been wondering if any Samsung parts are being made in that jointly operated factory in North Korea.



     


    No, all that's made in the Kaesong joint industrial region is simple stuff like clothes, shoes, wristwatches, stuff like that.


     


    As for the lead article, it certainly left out some important information from its source, apparently to make it sound like iOS was being approved as more secure than the NSA-derived Samsung Knox OS... when in fact, the opposite is true:


     


    "The Defense Information Systems Agency, or DISA, the agency that sanctions commercial technology for Pentagon use, is set to rule in the next two weeks that Samsung's Galaxy line of smartphones, preloaded with Samsung's Knox security software, conforms with the Pentagon's so-called Security Technology Implementation Guide, according to a Defense Department spokesman. That would allow it to be used by some Pentagon agencies for things such as sending and receiving internal emails."


     


    iOS, on the other hand, only gets non-classified clearance:


     


    "Separately, DISA is expected to rule in early May that Apple's latest operating system, iOS 6, conforms to a different security-requirement guide, the Defense Department spokesman said. That would allow iPhones and iPads to be used by military agencies for nonclassified communications, such as email and Web browsing."

  • Reply 16 of 23
    macbook promacbook pro Posts: 1,605member
    I don't understand how the United States Department of Defense could approve a remotely exploitable operating system developed and deployed in a manner that does not allow quickly deployable security patches.

    The latest versions of Apple iOS and Google Android offer very good security with both solutions offering Address Space Layout Randomization (ASLR), Application Sandboxing, Code Signing, File System Encryption, Mobile Device Management (including Remote Wipe).

    Apple iOS has several distinct and important advantages which make all the difference in the world;

    [LIST]
    [*] Centralized app Privacy and Security Management
    [*] Background Processes are managed by an strict API guidelines and managed through admission to the App Store to prevent errant applications;
    [*] Integrated SSL, TLS and VPN support including integrated encryption for default apps such as Calendar, Mail and Safari;
    [*] No Multiple Abstraction Layers, i.e. Dalvik Virtual Machine on Linux kernel with every abstraction layer providing potential vulnerabilities;
    [*] Fewer Ports offer fewer potential vulnerabilities especially SD cards;
    [*] Software Updates are managed exclusively by Apple allowing security updates to be developed and deployed rapidly
    [/LIST]
  • Reply 17 of 23
    kdarlingkdarling Posts: 1,640member

    Quote:

    Originally Posted by MacBook Pro View Post



    I don't understand how the United States Department of Defense could approve a remotely exploitable operating system developed and deployed in a manner that does not allow quickly deployable security patches.


     


    Knox uses the dual-mode secure kernel that was created by NSA.  It is not "remotely exploitable", as the civilian and secure sides are kept separate.  Even if the civilian side somehow got compromised, the secure side would be fine.  It's the whole point of that setup.


     


    As for updates, of course they could be quickly deployed.  The approval is for a few Samsung models, not for Android in general.  However, they should not be needed for security patches, as (see above) the secure side is not accessible to outsiders.

  • Reply 18 of 23
    macky the mackymacky the macky Posts: 4,799member


    Uncle Fester is not happy. 


     


    This is a three-year contract that will not necessarily be revisited at the end. It may be just be automatically renewed. So Microsoft may be shut out in the cold until 2009 or so...


     


    I did notice that ONLY Samsung phones were approved while Apple iPhones AND iPads made the cut.

  • Reply 19 of 23
    macky the mackymacky the macky Posts: 4,799member

    Quote:

    Originally Posted by skleiniv View Post



    Why can't our government support a pure USA play here? Samsung shouldn't even be considered given the clear indication that they steal other people's technology, (think apple here). IMO I don't think their trustworthy enough to have any involvement with our military.


     


    Think about it... The government is switching from a pure CANADA only stance to a three country stance. The US government is allowing a US manufacturer into the club. 


     


    Question I haven't seen answered is whether the NEW Blackbarry phones were released in time to make the cut...? This RFQ has been on the table for about a year.

  • Reply 20 of 23
    daylove22daylove22 Posts: 215member
Sign In or Register to comment.