Insufficient Samsung security forces UK military communications project to switch to modif...
A program in the United Kingdom to allow members of the armed forces to discuss military secrets using a smartphone will now involve a modified iPhone 7 with hardened security, replacing insecure Android devices
BT, the telecommunications company working on the UK Ministry of Defence (MoD) project, intends to use the iPhone 7 as the "device of choice" for secretive communications, reports TechRepublic. Steve Bunn, BT technical business manager for defense, advises the iPhone 7 is being modified so it can switch between different modes of operation and levels of security, depending on the sensitivity of information involved in the call.
"We've been working very closely with [the MoD] to develop what we've commonly called a 'dual-persona device," said Bunn. "Essentially [it] means you can have voice at official and at secret."
Aside from allowing secure communications between personnel, work is also being put into making the iPhone useful for retaining sensitive data. "Secure storage containers," presumably involving some form of hidden or encrypted files and folders, could allow mission-critical secrets to be stored for later use, and could potentially be used to transport data between locations without broadcasting it over networks.
Due to security reasons, BT officials were not able to provide further details about the iPhone 7's customization.
The project didn't originally use an iPhone at the start, with BT opting for the Samsung Galaxy Note 4, but that changed. "As more and more development and testing was done, the security wasn't deemed to be sufficient," states Bunn, with the iPhone's security credentials making it a more viable device.
BT business development director Derek Stretch notes there's another compelling reason to move to the iPhone. According to Stretch, the iPhone 7 is already widely used within the MoD for various purposes, which potentially makes deploying the more secure versions easier for both support teams and the users.
The switch to the iPhone 7 for security reasons goes against the smartphone market trend of high-security devices, such as the Boeing Black and the Silent Circle Blackphone. These high-priced smartphones usually employ a modified version of Android's that adds in more security-minded functions than the standard release used by manufacturers while also removing unneeded functionality.
By comparison, the difficulty of thwarting iOS security has forced parts of the U.S. government to take measures to try and weaken encryption with backdoors, though this is being met with resistance.
BT, the telecommunications company working on the UK Ministry of Defence (MoD) project, intends to use the iPhone 7 as the "device of choice" for secretive communications, reports TechRepublic. Steve Bunn, BT technical business manager for defense, advises the iPhone 7 is being modified so it can switch between different modes of operation and levels of security, depending on the sensitivity of information involved in the call.
"We've been working very closely with [the MoD] to develop what we've commonly called a 'dual-persona device," said Bunn. "Essentially [it] means you can have voice at official and at secret."
Aside from allowing secure communications between personnel, work is also being put into making the iPhone useful for retaining sensitive data. "Secure storage containers," presumably involving some form of hidden or encrypted files and folders, could allow mission-critical secrets to be stored for later use, and could potentially be used to transport data between locations without broadcasting it over networks.
Due to security reasons, BT officials were not able to provide further details about the iPhone 7's customization.
The project didn't originally use an iPhone at the start, with BT opting for the Samsung Galaxy Note 4, but that changed. "As more and more development and testing was done, the security wasn't deemed to be sufficient," states Bunn, with the iPhone's security credentials making it a more viable device.
BT business development director Derek Stretch notes there's another compelling reason to move to the iPhone. According to Stretch, the iPhone 7 is already widely used within the MoD for various purposes, which potentially makes deploying the more secure versions easier for both support teams and the users.
The switch to the iPhone 7 for security reasons goes against the smartphone market trend of high-security devices, such as the Boeing Black and the Silent Circle Blackphone. These high-priced smartphones usually employ a modified version of Android's that adds in more security-minded functions than the standard release used by manufacturers while also removing unneeded functionality.
By comparison, the difficulty of thwarting iOS security has forced parts of the U.S. government to take measures to try and weaken encryption with backdoors, though this is being met with resistance.
Comments
How can this be when Samsung advertises its Knox solution as THE secure solution? \s
http://www.samsung.com/us/business/security/knox/
Don't you remember when Knox was going to get nuked by a fat german and the red Chinese and was saved by 007 and Pussy Galore?
Sounds like BT doesn't have the skills to create a secure phone.
Perhaps the techrepublic article is fake news, no other press release from BT on this.
Why would BT give this exclusive story to techrepublic? If it was true it would be in the UK publications, anyone found another source?
Read this to educate ones self:
http://www.zdnet.com/google-amp/article/the-worlds-most-secure-smartphones-and-why-theyre-all-androids/
(sigh) If you are correct, why then it is not Android phones that created problems to DAs and FBI, then?
We are educated. Which is why we know Android is a joke for security. You linking an article without context doesn't change that.
First off, those aren't "Android phones" that a normal person might buy, like an LG or Samsung. They run highly modified versions of Android but are stripped of much of what normal users associate with Android or any smartphone. They then install their own custom software to replicate functionality that we get from "stock" Apps. They are completely and 100% locked down. The only reason they use Android is because it's a free OS with the source code provided for you to allow you to customize it how you like.
Calling these phones Android phones would be like calling the Presidents limo a "Chevy" just because the base platform happens to be a Cadillac.
Android that the general public gets with the phones they buy are a joke compared to iOS, and will never match the security of iOS.
http://securityaffairs.co/wordpress/53806/digital-id/secure-smartphones.html
The guy behind the ultra-secure Tor Phone doesn't trust either Google, Apple or their app stores.
"A closed source platform, such as Apple's mobile operating system, is at much greater risk of being compelled to deploy software backdoors, he added. "I think the best argument against backdoors is that they are technically impossible to deploy at all, due to the security properties of the system and people's ability to remove or avoid the backdoor. That argument is stronger for open source than it is for closed source."
Perry also worried aloud about targeted backdoors delivered to specific users.
"The iOS App Store is at a significant disadvantage there even compared to Google Play," he told us (ArsTechnica). "Each iOS app is re-encrypted specifically for the user with Apple's DRM, making it technically impossible to verify that the package you installed matches the official one."
He said that Apple has "created the perfect platform for delivering targeted backdoors to specific users. I don't like banking on iOS for those reasons."
And Google?
In order to solve the Android security mess, Google is taking steps that hurt user freedom, and make Android vulnerable to compelled backdoors, Perry argued.
The fragmentation of the Android ecosystem into multiple OEMs, who distribute their own versions of the operating system, has resulted in rampant insecurity. Without financial incentives to push security updates to users' phones, OEMs by and large abandon users to their fate. Under pressure from many quarters to solve this problem, Google is working to improve Android security, but Perry criticised Google's release and development process as increasingly opaque.
Android platform is effectively moving to a 'Look but don't touch' Shared Source Model that Microsoft tried in the early 2000s," Perry wrote in his blog post. "However, instead of being explicit about this, Google appears to be doing it surreptitiously.
That article is just as ridiculous as the zdnet one above.