Pentagon to grant security clearance for Apple's IOS, some Samsung devices
Devices from the world's two largest smartphone makers will soon be cleared for use by Department of Defense employees, as the Pentagon makes ready to open up its systems to Apple's iPhone and handsets from Samsung.
The coming weeks will see the Department of Defense granting separate security approvals for Samsung's Galaxy smartphones and Apple iPads and iPhones, sources familiar with the Pentagon's plans told The Wall Street Journal. The policy shift will be the culmination of a plan announced earlier this year to move the DoD into a more "platform agnostic" IT position.
Specifically, the DoD will reportedly grant clearance for both iOS 6, Apple's current mobile operating system, as well as iOS 5, the company's previous-generation software. iOS 5 will be cleared for use on an "as needed" basis subject to hardware modification, while any device running iOS will be acceptable, without the need for hardware modification.
Approval for DoD use requires that a manufacturer's devices pass stringent security examinations. Apple prides itself on security in iOS, with its iMessage encryption reportedly strong enough to stymie the DEA.
Apple's iPads and iPhones are already in use in a number of government agencies, as well as some divisions of the military, but Pentagon certification will allow for their use in more critical security areas.
Samsung, meanwhile, has been rapidly adding security layers to its Galaxy line of devices to make them suitable for enterprise and government use. The South Korean tech giant is also said to be readying a more "rugged" version of its Galaxy S4 handset. Initially thought to be geared toward more active users, the waterproof and dust proof Galaxy S4 "Active" would also be attractive to officials in hardship postings and soldiers on the battlefield.
While previous reports have colored the widening of the range of acceptable devices as an undeniable negative for BlackBerry ? currently the standard holder among secure devices for large operations ? AppleInsider's own contact with Pentagon spokespersons has shown the shift to be intended to widen the Pentagon's options.
"The key takeaway is that it's a multi-vendor solution," Lt. Col. Damien Pickart told AppleInsider in February. "We will have a DoD-wide device management system and a DoD-wide app storefront."
This multi-vendor model is intended to allow specific departments to tailor their device and app requisition needs to their own requirements, as opposed to going with a one-size-fits-all model. BlackBerry is said to be close to securing Defense Department approval for its new OS, BlackBerry 10.
The coming weeks will see the Department of Defense granting separate security approvals for Samsung's Galaxy smartphones and Apple iPads and iPhones, sources familiar with the Pentagon's plans told The Wall Street Journal. The policy shift will be the culmination of a plan announced earlier this year to move the DoD into a more "platform agnostic" IT position.
Specifically, the DoD will reportedly grant clearance for both iOS 6, Apple's current mobile operating system, as well as iOS 5, the company's previous-generation software. iOS 5 will be cleared for use on an "as needed" basis subject to hardware modification, while any device running iOS will be acceptable, without the need for hardware modification.
Approval for DoD use requires that a manufacturer's devices pass stringent security examinations. Apple prides itself on security in iOS, with its iMessage encryption reportedly strong enough to stymie the DEA.
Apple's iPads and iPhones are already in use in a number of government agencies, as well as some divisions of the military, but Pentagon certification will allow for their use in more critical security areas.
Samsung, meanwhile, has been rapidly adding security layers to its Galaxy line of devices to make them suitable for enterprise and government use. The South Korean tech giant is also said to be readying a more "rugged" version of its Galaxy S4 handset. Initially thought to be geared toward more active users, the waterproof and dust proof Galaxy S4 "Active" would also be attractive to officials in hardship postings and soldiers on the battlefield.
While previous reports have colored the widening of the range of acceptable devices as an undeniable negative for BlackBerry ? currently the standard holder among secure devices for large operations ? AppleInsider's own contact with Pentagon spokespersons has shown the shift to be intended to widen the Pentagon's options.
"The key takeaway is that it's a multi-vendor solution," Lt. Col. Damien Pickart told AppleInsider in February. "We will have a DoD-wide device management system and a DoD-wide app storefront."
This multi-vendor model is intended to allow specific departments to tailor their device and app requisition needs to their own requirements, as opposed to going with a one-size-fits-all model. BlackBerry is said to be close to securing Defense Department approval for its new OS, BlackBerry 10.
Comments
Originally Posted by AppleInsider
…any device running iOS will be acceptable, without the need for hardware modification.
That says it all, really.
Not sure if serious. The South Koreans are not the Chinese.
Quote:
Originally Posted by Suddenly Newton
Not sure if serious. The South Koreans are not the Chinese.
Samsung isn't South Korea... they're Samsung, a company with an incredible track record of IP theft, corruption and bribery.
Originally Posted by Suddenly Newton
What, Microsoft, not invited to this party?
Microsoft! In a secure setting! Ha ha!
Quote:
Originally Posted by SpamSandwich
Samsung isn't South Korea... they're Samsung, a company with an incredible track record of IP theft, corruption and bribery.
I agree. Samsung believes it is a sovereign nation of its own. Company owner is a convict. They reek of stealing IP. I wouldn't trust Samsung and their connected refrigerators.
IOS = Cisco's router OS, iOS = Apple's mobile OS.
I know a former Cisco guy who flies off the handle every time he sees this mistake - hard enough to find Cisco IOS search results in google, when all the references point to Apple stuff
Quote:
Originally Posted by skleiniv
Why can't our government support a pure USA play here? Samsung shouldn't even be considered given the clear indication that they steal other people's technology, (think apple here). IMO I don't think their trustworthy enough to have any involvement with our military.
And do you believe everyone else should do the same with their "pure home plays"? The EU? Japan? Korea? China?
In fact, why stop at phones? Why not computers? Where can we find a "pure USA play"?
Quote:
Originally Posted by SpamSandwich
Big mistake to allow products from Samsung into secure government facilities.
Most will stick with what the DoD thinks
Quote:
Originally Posted by agramonte
Most will stick with what the DoD thinks
Or they will until certain Congresspersons see an opportunity for grandstanding.
I think the article meant iOS 6 without hardware modification. The original quote doesn't make sense.
Quote:
Originally Posted by SpamSandwich
Big mistake to allow products from Samsung into secure government facilities.
I've been wondering if any Samsung parts are being made in that jointly operated factory in North Korea. You know, the one that has been shut down because of the little fat man's attention tantrum. Who knows what the Chinese and North Koreans might do to compromise security on products sold in the United States.
Quote:
Originally Posted by lkrupp
I've been wondering if any Samsung parts are being made in that jointly operated factory in North Korea.
No, all that's made in the Kaesong joint industrial region is simple stuff like clothes, shoes, wristwatches, stuff like that.
As for the lead article, it certainly left out some important information from its source, apparently to make it sound like iOS was being approved as more secure than the NSA-derived Samsung Knox OS... when in fact, the opposite is true:
"The Defense Information Systems Agency, or DISA, the agency that sanctions commercial technology for Pentagon use, is set to rule in the next two weeks that Samsung's Galaxy line of smartphones, preloaded with Samsung's Knox security software, conforms with the Pentagon's so-called Security Technology Implementation Guide, according to a Defense Department spokesman. That would allow it to be used by some Pentagon agencies for things such as sending and receiving internal emails."
iOS, on the other hand, only gets non-classified clearance:
"Separately, DISA is expected to rule in early May that Apple's latest operating system, iOS 6, conforms to a different security-requirement guide, the Defense Department spokesman said. That would allow iPhones and iPads to be used by military agencies for nonclassified communications, such as email and Web browsing."
The latest versions of Apple iOS and Google Android offer very good security with both solutions offering Address Space Layout Randomization (ASLR), Application Sandboxing, Code Signing, File System Encryption, Mobile Device Management (including Remote Wipe).
Apple iOS has several distinct and important advantages which make all the difference in the world;
[LIST]
[*] Centralized app Privacy and Security Management
[*] Background Processes are managed by an strict API guidelines and managed through admission to the App Store to prevent errant applications;
[*] Integrated SSL, TLS and VPN support including integrated encryption for default apps such as Calendar, Mail and Safari;
[*] No Multiple Abstraction Layers, i.e. Dalvik Virtual Machine on Linux kernel with every abstraction layer providing potential vulnerabilities;
[*] Fewer Ports offer fewer potential vulnerabilities especially SD cards;
[*] Software Updates are managed exclusively by Apple allowing security updates to be developed and deployed rapidly
[/LIST]
Quote:
Originally Posted by MacBook Pro
I don't understand how the United States Department of Defense could approve a remotely exploitable operating system developed and deployed in a manner that does not allow quickly deployable security patches.
Knox uses the dual-mode secure kernel that was created by NSA. It is not "remotely exploitable", as the civilian and secure sides are kept separate. Even if the civilian side somehow got compromised, the secure side would be fine. It's the whole point of that setup.
As for updates, of course they could be quickly deployed. The approval is for a few Samsung models, not for Android in general. However, they should not be needed for security patches, as (see above) the secure side is not accessible to outsiders.
Uncle Fester is not happy.
This is a three-year contract that will not necessarily be revisited at the end. It may be just be automatically renewed. So Microsoft may be shut out in the cold until 2009 or so...
I did notice that ONLY Samsung phones were approved while Apple iPhones AND iPads made the cut.
Quote:
Originally Posted by skleiniv
Why can't our government support a pure USA play here? Samsung shouldn't even be considered given the clear indication that they steal other people's technology, (think apple here). IMO I don't think their trustworthy enough to have any involvement with our military.
Think about it... The government is switching from a pure CANADA only stance to a three country stance. The US government is allowing a US manufacturer into the club.
Question I haven't seen answered is whether the NEW Blackbarry phones were released in time to make the cut...? This RFQ has been on the table for about a year.
http://www.theverge.com/2013/5/2/4294972/blackberry-10-devices-and-samsung-knox-approved-for-use-by-the-department-of-defense