Forgot your password?
typodupeerror
Security Technology

Boeing Preparing an Ultra-Secure Smartphone 101

Posted by samzenpus
from the secret-security-phone dept.
bobwrit writes in with a story about Boeing's new secure government phones project. "Earlier this week, it was revealed that aerospace firm Boeing was working on a high security mobile device for the various intelligence departments. This device will most likely be released later this year, and at a lower price point than other mobile phones targeted at the same communities. Typically, phones in this range cost about 15,000-20,000 per phone, and use custom hardware and software to get the job done. This phone will most likely use Android as it's main operating system of choice, which lowers the cost per phone, since Boeing's developers don't have to write their own operating system from scratch."
This discussion has been archived. No new comments can be posted.

Boeing Preparing an Ultra-Secure Smartphone

Comments Filter:
  • by Joe_Dragon (2206452) on Sunday April 15, 2012 @12:52PM (#39693929)

    How secure is the data at the tower?

  • by ShooterNeo (555040) on Sunday April 15, 2012 @12:58PM (#39693967)

    Thanks to declassified files and leaked files from the former Soviets, it is possible to figure exactly how the Soviets usually stole their secrets.

    It would be very interesting to analyze how often they stole information via technical means (tapping phones, intercepting transmissions, etc) vs. human intel means (sending Anna Chapmen to coach you into giving it all up)

    I have a sneaky suspicion that more than 90% of the time, the Russians/Soviets succeed with human intel. Heck, if I knew top secret information, and Anna Chapman came after me with the goal of convincing me to give it all up, I'm not sure how long I could hold out under her interrogation...

    • by ColdWetDog (752185) on Sunday April 15, 2012 @01:09PM (#39694053) Homepage

      No, the Russians used to get most aerospace intelligence from the magazine 'Aviation Week and Space Technology' (usually referred to as 'Aviation Leak').

      And there reporters weren't even remotely good looking.

      • err. there, their - what the hell. This time it's my brain's fault.

      • by ClickOnThis (137803) on Sunday April 15, 2012 @05:58PM (#39695807) Journal

        No, the Russians used to get most aerospace intelligence from the magazine 'Aviation Week and Space Technology' (usually referred to as 'Aviation Leak').

        And there reporters weren't even remotely good looking.

        Well, Aviation Week leaked at both ends: the west got intel on the Soviets with it too.

        I heard a funny story once (perhaps apocryphal?) about someone working on photographs taken during the Mayday Parade of all the military hardware the Soviets were showing off. He was trying to figure out basic dimensions and capabilities, etc., by examining the hardware and comparing it to the size of other things in the photographs. Someone came up to him, looked over his shoulder, and said, "Oh hey, the Mayday Parade." The guy with the photographs covered them up along with his work, turned to his visitor, and hissed "You shouldn't be looking at this!" The other fellow sad, "whaddya mean, it's all here in Aviation Week." He opened the magazine to the exact same photograph, with an article containing all of the data the fellow was trying to gather.

    • by mjwalshe (1680392)
      I think most people would twig that something was up if a hottie like Anna Chapman paid attention to you. I would have have probably contacted Thames House to see if they wanted to run a sting on the KGB - of course to keep up the pretense of a besotted nerd under her thumb id need an expense account to keep up the pretense I am embezzling from the MO'ds secret paperclip replacement project.

      I recall that some on who knew her slightly in the Uk said he thought she was a high class call girl.
      • The replacement paperclip project is classified Secret. We don't want the Americans to know we are still using paperclips, and we don't want the Chinese to know where all those paperclips we import are going.
        • by mjwalshe (1680392)
          I know Sir harry Perice just came in and is offering me a whiskey :-)
        • by PNutts (199112)

          The replacement paperclip project is classified Secret. We don't want the Americans to know we are still using paperclips, and we don't want the Chinese to know where all those paperclips we import are going.

          Undercover Clippy? God help us...

      • And condoms. Don't forget you'd need condoms. On your expense account.

    • by mrmeval (662166)

      It's cool that this is public information. This of course is shocking but there are clearance reviews that are just boring paperwork with nothing exciting. The more open they are about it the better. I do however thing Shep should have had to do some hard time for failure to disclose. When I had a clearance if you screwed up you could lose your clearance but if you disclosed a mistake like this upfront it was much easier on you. With that information they can target the whore and feed her misinformation.

      htt [dod.mil]

      • Well, if he'd reported right away (as in the moment he found it missing) I'm not even sure he would have committed a crime of any sort. Perhaps he should have locked the notebook in a safe before letting her in the room, but anyone can slip up and make a mistake (especially when thinking of getting some from a beautiful women).

        However, his second huge mistake was admitting that she took it. It would have been simpler to maintain that he didn't know how he lost the notebook, and less likely to get him in t

        • by mrmeval (662166)

          Not reporting it and not freely admitting the one night stand should have been a fast way of jail time. I'm not sure if he was punished or not.

          Losing the ability to get a clearance is a pretty stiff blow as there are few civilian jobs that require a clearance and pay as well.

          • He wasn't, other than losing his clearance.

            I'm saying that either he should have
            1. done the right thing right away
                                      or
            2. Forget it ever happened, and never mention it to anyone

            Taking option 3 just screwed himself and his family.

  • So if I take an existing OS (Android in this case) under GPL and I alter for greater security, does that have to be release too if all I'm doing is some sort of internal release? I'm sure this has been answered to death with Linux but just curious.
    • by tekiegreg (674773)
      To clarify, I mean does the source have to be released under GPL? Me type crazy today...
    • Re:GPL Apply here? (Score:5, Informative)

      by sribe (304414) on Sunday April 15, 2012 @01:01PM (#39693993)

      GPL has NEVER required release of source to anyone other than those to whom you release executable. GPL has NEVER restricted internal forks/releases.

    • Re:GPL Apply here? (Score:5, Informative)

      by Anonymous Coward on Sunday April 15, 2012 @01:02PM (#39694003)

      The GPL only requires that you distribute the source code to the same people you distribute the binary to. (And requires that you give them the same ability in turn.) Presumably, this means that Boeing has to give the government the source code, but that's it. The government could choose to release it, but I doubt they would.

      • by Spykk (823586)
        Is the government then required to make the source available to each individual that it distributes the binary to, or are those individuals considered to be the same entity as the government in the context of the GPL?
    • Re:GPL Apply here? (Score:5, Interesting)

      by Skapare (16644) on Sunday April 15, 2012 @01:08PM (#39694051) Homepage

      They could do the same with it as they did with SELinux. If it's truly secure, it can be fully open. Just don't leave the keys in it.

    • by TrueSpeed (576528)

      So if I take an existing OS (Android in this case) under GPL and I alter for greater security, does that have to be release too if all I'm doing is some sort of internal release? I'm sure this has been answered to death with Linux but just curious.

      The Linux part of Android is under the GPL. The other is under the Apache License.

  • by aglider (2435074) on Sunday April 15, 2012 @12:59PM (#39693975) Homepage

    without Windows?
    Ha! Impossible Mission!

  • imagine if you get stopped while driving and the cop wants to take a browse thru your phone, for his usual fishing-for-crimes spree.

    it would probably be impossible, by design, for him to invade your privacy with a phone like this.

    finally, one that is safe to carry around outside.

  • Read out loud: ''there's an 'as' too many in this fragment.''

    Or is that 'ass'?

    Excuse me for any spelling errors -- which after all are less grave than grammatical errors.

  • Will the bootloader be locked or unlocked? It would be nice to have a secure variant of CM7 or CM9 on this device.

    • I can pretty much guarantee you it'll be as locked down as possible.
    • Will the bootloader be locked or unlocked? It would be nice to have a secure variant of CM7 or CM9 on this device.

      On a secure device?

      On a device that security would depend on complete control of it's configuration?

      The answer is left as an exercise for the student.

  • by GNUALMAFUERTE (697061) <almafuerte@NospaM.gmail.com> on Sunday April 15, 2012 @01:20PM (#39694127)

    And they still won't allow you to use it on a fucking plane.

  • by dryriver (1010635) on Sunday April 15, 2012 @01:25PM (#39694159)
    So the people who feel entitled to intercept everybody else's emails, text messages, instant messaging, social media usage, phonecalls, internet browsing, credit card usage, GPS driving data and much more, preferably without any legal warrants of any sort being required, feel entitled to having "highly secure means of communicating" when it comes to themselves? Doesn't this create a strange division in society, where a small, select group of individuals enjoys complete communication privacy/security in their day to day dealings, while everybody else's supposedly "private" data is one easy keypress or mouseclick away from being fully searchable/viewable? How can there be any "accountability", "fairness" or "balance of power" in a society where a few select people enjoy "total communication privacy" and are completely "untransparent" and "invisible" as a result, while Joe Ordinary, who pays for all of this to happen with his taxes, has his own right to "personal privacy" completely annulled, and is forced to become completely "fully transparent" to the system at press of a key? I don't see how this kind of starkly assymetric "privacy rights inequality" can be good for a society, and least of all for a supposed "free & fair" Western democracy where people are - in theory - supposed to enjoy equal rights, as well as "basic rights", like the simple right to personal privacy.
    • So the people who feel entitled to intercept everybody else's emails, text messages, instant messaging, social media usage, phonecalls, internet browsing, credit card usage, GPS driving data and much more, preferably without any legal warrants of any sort being required, feel entitled to having "highly secure means of communicating" when it comes to themselves?

      I don't think it's going to be available to blackhat and defcon attendees.

    • by PNutts (199112)

      You must be new here. And by "here" I mean Earth.

  • Improved secure smartphones sound like a good thing, but I would be interested to know how Boeing plans to handle the application installation issues associated with a secure platform. If the platform really is to be secure, you probably don't want the end user to just install any random applications on the phone. So you'll need to have a management process to either: develop in-house applications that duplicate existing functionality; or a mechanism of approving outside applications for use in the secure

    • by wvmarle (1070040)

      Google Play is of course the first component to go. The next is other installer code, that allows installation of stuff. Only pre-approved, possible in-house developed apps will be allowed.

      Remember it's ultra-security so highly locked down. The implementation of such policies is the hard part: proper vetting in place, keeping on top of any and all security issues in the OS, etc. You may assume this device can also not connect to the Internet. Encrypted VPN to the mothership, web/mail/whatever from there, no

  • Phone should have a "plausible deniability" mode where it appears like a regular, non-secure phone, easily giving up lots of details to any browsing / scanning attempt, while hiding all secure content.
  • by tirerim (1108567) on Sunday April 15, 2012 @01:40PM (#39694257)
    15,000 to 20,000 dollars? If so, seriously? Does that just factor in R&D to develop the software for a very small number of phones, or is there some other reason why they should be so expensive?
    • Yes, they have Words with Friends, too, but all the words are redacted.
    • by Anonymous Coward

      Where else would you put the following apps?
      1. BunkerBuster-Lat-Long
      2. RF-Jam-Lat-Long
      3. EMP-Lat-Long
      4. LiveFootageIR-Lat-Long

      and no...they won't be 99 cents each. The price field is now a long integer, preceed by "$" and followed by an "m"

  • by schlachter (862210) on Sunday April 15, 2012 @01:54PM (#39694355)

    Everyone should have an ultra-secure smart phone. Get the costs down and make it a standard feature for smartphones. It shouldn't be something only for the gov.

    • by Anonymous Coward

      Everyone should have an ultra-secure smart phone. Get the costs down and make it a standard feature for smartphones. It shouldn't be something only for the gov.

      What, like a blackberry? Certified by NATO, common criteria, FIPS, yada yada yada:
      http://us.blackberry.com/ataglance/security/certifications.jsp [blackberry.com]

      In fact you can buy blackberries pretty cheap these days since most people are focused on OOOOH!!! SHINY! instead of real security.

      Two weeks ago we bought some spare 3G blackberry curves for the office. Unloc

      • No, Blackberries are under a media assult to make them look unattractive so that the normal phones people use are not of the secure type...
    • by wvmarle (1070040)

      Hardware on client side is only part of the equation.

      Encrypted networks, secure e-mail storage, secured communications channels, security-checked apps: it's all part of the package. How good is your ultra-secure phone when you can install random 3rd party software that can do who-knows-what to your phone?

      Even if it's highly secured, well I'd say especially when it's highly-secured, you must assume that there are security bugs in the underlying software. Besides fixing them as soon as you find them, you will

  • Units, you fuckers (Score:4, Informative)

    by Hognoxious (631665) on Sunday April 15, 2012 @03:02PM (#39694777) Homepage Journal

    Typically, phones in this range cost about 15,000-20,000 per phone

    Is that in Turkish Lira? Bargain!

    • Typically, phones in this range cost about 15,000-20,000 per phone

      Is that in Turkish Lira? Bargain!

      1 Turkish lira = 0.55 USD

    • by wvmarle (1070040)

      More like Chinese Yuan, ex-factory price. Before shipping and retail mark-ups.

      What you saying, that factory is not in China?

  • ... ended the careers of a [wikipedia.org] few [wikipedia.org] of their exec, I can understand why Boeing in particular would want more secure communications.

  • Will it be branded and use Google apps?

    I assume they are trusted.

  • by mbkennel (97636) on Sunday April 15, 2012 @04:15PM (#39695227)

    for an ultra-secure implementation of "Angry JDAMs"

  • The Fishbowl project was covered in great detail at the RSA conference a month ago. NSA has already built it, certified it, and conducted trials. Unless Boeing is just replicating Fishbowl, they may find it a tough sell.
  • And is Apple now making air planes?
  • am I the only that saw the headline boeing making a phone and was like... ha, say what? :) yes, I am sure they got the competences for that but not their core business as far as I know

  • See Boeing is Seattle Washington. Some super smart engineers were laid off by another tech company in town and Boeing scooped them up for a low price in the depths of the recession. They pitched this idea involving some, "protected audio path", "protected video path", "Signed drivers" etc that essentially guarantee uncrackable computing platform. One of the engineers "it is impossible to crack it because, even legitimate users can hardly use it, hackers? foggetabotit"
  • by Anonymous Coward

    This phone will most likely use Android as it's main operating system of choice, which lowers the cost per phone, since Boeing's developers don't have to write their own operating system from scratch.

    Having worked with Boeing for a while now, I can safely say that it has nothing to do with cost, and everything to do with the fact that the engineers would still be sitting in meetings five years from now trying to figure out who needs to authorise cubicles and hardware for the project.

    Boeing is the least effi

  • 20 kUSD seems awfully expensive for a device that will simply inherit any android security hole.
  • ... as long as I can be sure that no filthy thieving foreigners have got the keys.

    Oh, where is it made?

    USA?

    I'm sure I can get one from a safe(-er) location.

    No sale.

"Go to Heaven for the climate, Hell for the company." -- Mark Twain

Working...