Apple, Google Diss the DoD Over Mobile Security 150
Julie188 writes "The Defense Information Systems Agency (DISA) has long supported the use of BlackBerry smartphones for soldiers. It built a system called Go Mobile to provide secure communications, training, and collaboration applications to mobile soldiers. DISA recently decided to add Android and iPhone to the list of approved devices because of high demand from users. Unfortunately, this choice has become a giant pain in the flank. Why? Because both Apple and Google refuse to give DISA access to their security APIs."
Unpatriotic? (Score:4, Funny)
Re: (Score:2)
Queue the Palin.
I saw this a few days ago. Is this a meme? Pedantically speaking, Palin is is a queue of one (at least!) wherever she is. Cue the responses. Might be time for Grammar Nazis and pendants to be hunted down like Apple and Google. Is there any room left in the Assange bunker?
Re: (Score:2)
Queue the Palin.
I saw this a few days ago. Is this a meme? Pedantically speaking, Palin is is a queue of one (at least!) wherever she is. Cue the responses. Might be time for Grammar Nazis and pendants to be hunted down like Apple and Google. Is there any room left in the Assange bunker?
Errr, "woosh". I think.
Though why people are picking on the Cantab-educated globe-trotter as if he were a retarded backwoods fuckwit, I don't claim to understand.
Re: (Score:1, Insightful)
It's not possible for big $$$ corporation to be unpatriotic.
Re: (Score:2)
Well according to Senator Joe Lieberman, Amazon was being a "good corporate citizen" when it kicked WikiLeaks out of its cloud
Re: (Score:1)
It's not possible for big $$$ corporation to be unpatriotic.
Not true. A big $$$ corporation is unpatriotic if it refuses to invest enough money in purchasing lawmakers.
Re: (Score:2, Informative)
It'll be convenient of Palin to forget that RIM is a Canadian company. Or are they the obedient little Labradors anyway (since the UK is the poodle).
Also, Sergey Brin is Russian! Aaaaaa, he's a red commie!!!! But then again, Palin is neighbors with him, with she being able to see his childhood home front her front porch and what not.
For my more serious contribution to this discussion, iPhone security is "trust that the app reviewer catches anything malicious that the developer is trying to do.". Android sec
Re: (Score:1)
So checkboxes == more security?
Or more ways for there to be back doors...
Re: (Score:2, Insightful)
For my more serious contribution to this discussion...
So which do you think offers more security?
Oh dear.
As well as the app review process the iPhone does prompt when an app wants to first use location services, notification, push services, etc. and then allows you to manage and subsequently revoke those permissions. The apps are also sandboxed.
I am not in a position to comment on any of the Android flavours or BlackBerry security, so I won't.
Re: (Score:2)
How about reading the address book, calendar, or making internet connections?
Oh, none of those? Hey, some guy in some country just got your contact list!
Umm something is fishy (Score:5, Interesting)
Android is open source, how hard could it be to download the code and look into it to find those elusives security apis ?
I have rolled custom firmware onto an android device using the instruction on some forums, and it worked great, if a dude with is budgies can do it, why can't they ?
Re: (Score:2)
As much as I am afraid to ask... /please don't be a rule 34
WTF is a budgie?
Re:Umm something is fishy (Score:4, Informative)
first google link for budgies:
http://www.freewebs.com/budgierisa/appearance.htm [freewebs.com]
Re: (Score:1)
And you can get one free if you visit Tex and Edna Boil's Organ Emporium.
Re:Umm something is hurting my eyes! (Score:1)
Re: (Score:2)
If they phone home, where they phone home doesn't have to be open source, next question.
Re: (Score:2)
You do realise, apk, that Slashdot's moderation system actually prevents providing justification, as any successive post nullifies all moderation to a conversion, right?
Personally, I'd suspect that you were downmodded for being completely off-topic - you're going on about hosts files in a discussion on the DISA not getting access to the Android and iPhone OS security APIs.
Re: (Score:2)
apk, really. Let it go, you're not doing yourself any favours. This is exactly the sort of behaviour that gets you downmodded, you know. It's a bit like that twitter fellow.
Stop. Just... stop.
Re: (Score:2)
The justification on technical grounds is you have no idea and what you try to pass of as technical insight is demented ignorant rambling.
Use the souce. (Score:3, Insightful)
Want to access the "security" APIs? Use the Source.
Why not just offer a custom DoD firmware for Android phones?
Seriously, there's no way for an application to be "secure" if the platform the application runs on is itself untrusted.
IMO, My device is not "secure" unless I can control the device's OS & inspect the device's hardware. My phone, my router, my PCs, my GPS, all have firmware I've compiled myself. If an average coder like myself can do this, the DoD shouldn't have any problems either.
Note: Android works on iPhones too, it's still buggy, but the DoD could help with that if they desired, or just use phones that support custom, open source firmware.
Re: (Score:1)
Note: Android works on iPhones too, it's still buggy, but the DoD could help with that if they desired.
A smooth Android install on an iPhone? It seems like you've found something Apple would like even less than the DoD having access to the iPhone security stack.
Re: (Score:1)
Why? Apples margins of the iPhone4 is probably huge.
Re: (Score:1)
Re: (Score:1)
Less functionality is good because it's only supposed to be the functionality Apple wants/can profit from anyway? =P
Oh well, plenty of used N900 ads around :)
Re:Use the souce. (Score:5, Interesting)
IMO, My device is not "secure" unless I can control the device's OS & inspect the device's hardware. My phone, my router, my PCs, my GPS, all have firmware I've compiled myself.
This doesn't make it secure. It just means that if someone's made a mistake, or inserted a backdoor, you've missed it. Control != Security -- sometimes it just creates a poor illusion of security. If you don't have control, you have to trust someone to provide security. Depending on who it is and what their experience is, I often prefer to trust.
Regardless, one of the big issues that I've seen in this area is that although yes, you CAN jailbreak iPhone or install custom firmware on whatever device you want, you want the ability to deploy commercial-off-the-shelf stuff to users in the field with a 10 second install from the app store. They want to leverage the existing distribution network for the product and application distribution for software packages. They want to piggyback off the commercial world with minimal development effort and cost. What you're proposing a better model from a secure perspective, but is massively more expensive.
Re:Use the souce. (Score:5, Informative)
I know this is Slashdot and all, but still:
IMO, My device is not "secure" unless I can control the device's OS & inspect the device's hardware. My phone, my router, my PCs, my GPS, all have firmware I've compiled myself.
This doesn't make it secure. It just means that if someone's made a mistake, or inserted a backdoor, you've missed it. Control != Security -- sometimes it just creates a poor illusion of security. If you don't have control, you have to trust someone to provide security.
I write code. I read code. Yes someone can make a mistake, I can miss the mistake, but I can also fix said mistakes as soon as the mistake is discovered. You can't do that unless you can compile your own OS / Firmware. Faster Fixes == Less Vulnerability Window == More Secure. I'm not arguing that open source makes something secure, but using the source can give you more security than otherwise.
If you argue that control != security, I will put it to you that the inability to Control = No Provable Security. Thus, Control = infinitely times more secure than uncontrollable. How secure is a device that can auto-update it's firmware without your consent?
Depending on who it is and what their experience is, I often prefer to trust.
Let us not forget that I am compiling the same sources that those you "often prefer to trust" are compiling; Except that I am also sure that no additional closed source code has been included in my build.
Binary_Blob == !Trust;
Re: (Score:1)
It is not possible to prove security in a modern computer system for any plausible level of control.
What if your compiler has a "backdoor" that introduces vulnerabilities when certain code is produced, and propogates it to new versions of the compiler? You going to write your own compiler in machine code?
What if your processor intentionally misinterprets certain sequences in order to introduce a vulnerability?
Re: (Score:1)
Exactly. http://cm.bell-labs.com/who/ken/trust.html [bell-labs.com]
Re: (Score:1)
Re: (Score:1)
Except that I am also sure that no additional closed source code has been included in my build.
no you aren't. did you compile your compiler? did you compile the compiler that compiled your compiler?
Re: (Score:3, Insightful)
Sometimes control isn't security, but lack of control is always insecurity. Any solution that results in security will necessarily require control.
If you need security, then this simply isn't going to be one of your goals. Instead, you're going to want 10 second install from your repository, which consists solely of software that you have audited. As a compromise, it might be so
Re: (Score:2)
If you don't have control, you have to trust someone to provide security. Depending on who it is and what their experience is, I often prefer to trust.
Exactly. I also prefer to trust. But not blindly: I must be reasonably certain that I can control who I am trusting, and that person/entity has the capacity review the item under consideration.
That rules out non-free software, as only the author has the capacity to review, and the Apple model, as even with open source apps, I have no control. Quoting an Anon comment in this thread,
It is not possible to prove security in a modern computer system for any plausible level of control.
it is obvious that no one person or entity can guarantee the security, so the only sensible option is to not trust any single e
Re: (Score:2)
it is obvious that no one person or entity can guarantee the security, so the only sensible option is to not trust any single entity, and instead, distribute that trust among as many people you can, for as much of the toolchain as you can, and be ready to replace the offending part when a problem is detected.
That toolchain is only as secure as its weakest link.
I don't disagree that open source software can be very secure, but your argument for open source software being more secure is uncompelling. Once a problem is detected, it's too late - a backdoor could be inserted that is effectively itself undetectable.
Re: (Score:2)
it is obvious that no one person or entity can guarantee the security, so the only sensible option is to not trust any single entity, and instead, distribute that trust among as many people you can, for as much of the toolchain as you can, and be ready to replace the offending part when a problem is detected.
That toolchain is only as secure as its weakest link.
I don't disagree that open source software can be very secure, but your argument for open source software being more secure is uncompelling. Once a problem is detected, it's too late - a backdoor could be inserted that is effectively itself undetectable.
As opposed to what? Reducing the chances of even detecting the compromise? I didn't just state that it was more secure (did I say that at all?). The more people who can cry foul, the lower the chances of a single entity to silence them all. After the problem is detected, you have the chance of replacing everything on top of the compromised element of the toolchain and prevent future damage. You can't prevent past damage, obviously, with either approach. But with "closed", you may not be able to prevent the
Re: (Score:1)
This doesn't make it secure. This doesn't make it secure.
That's not what he said. If the code is open, then it can still be insecure. But, if the code is proprietary, then it is ALWAYS insecure.
What utter nonsense. How secure code is depends on the quality of the code and whether it has been analyzed by tools and/or other people to uncover flaws. You do not have to have outsiders looking at the code. Code review by peers can improve code quality by finding mistakes the original author may have missed.
Outsiders do not have some magical quality in finding bugs in code.
Exactly (Score:2)
This is exactly the reason that platforms like OSX and Windows are so secure, and linux is so riddled with viruses. Can you imagine the problems we would be facing if people actually had access to review and update those operating systems?
Re: (Score:3, Insightful)
My phone, my router, my PCs, my GPS, all have firmware I've compiled myself.
Who modded this insightful?
Do you even have the source code for your GPS firmware, the baseband in your phone, your PC's BIOS and so on? No. Even if you did, are you seriously saying that you've perfectly audited hundreds of thousands of lines of code?
Where's the "-1 this is really stupid" option?
Re: (Score:1)
My phone, my router, my PCs, my GPS, all have firmware I've compiled myself.
Who modded this insightful?
Do you even have the source code for your GPS firmware, the baseband in your phone, your PC's BIOS and so on?
::Sigh:: Yes, yes I do. You may not, but I do. Modding your GPS hardware, your phone, etc may not be your thing, but you can get started with modding your PC's BIOS [coreboot.org], and/or Router [polarcloud.com] pretty easily.
It also helps if you research the mod-ability of your device before purchasing them.
Even if you did, are you seriously saying that you've perfectly audited hundreds of thousands of lines of code?
No, I haven't audited it all, perfectly, but really, no one has with any large project -- perfect is a goal, and as I've previously stated, the goal is to provide more security via quickly patching my own hardware's firmware if any
Re: (Score:2)
I envy the amount of free time you have to accomplish all of this. Sometimes I wish I didn't have friends, family, a job, or a life, too.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Wheres the -1 clueless? Installing tomato and coreboot isnt remotely close to "compiling firmware" for them, any more than sticking an ubuntu install disk in your PC is rolling your own operating system.
Unless, of course, you compile the firmware [sourceforge.net].
Re: (Score:1)
Regardless, a third party company rolling their own DoD-approved secure ROMs for common Android phones sounds like a pretty good business plan (though I'm not sure how the licensing would play out)...
Re: (Score:2)
If this is a bunch of users saying "I want an Iphone issued by the government instead of a blackberry" then the obvious answer is "no, sit down and shut up, we waste enough tax payer monies on you already".
If this is as I suspect like in the corporate world, where someone sees a commercial of a phone doing all sorts of "cool things", then without any interaction with IT or even coworkers to see if they had problems doing work related tasks with them, buys one, then complains because their 5-10 year old mes
DoD should not support the Foxconn iPhone (Score:3, Insightful)
The iPhone is made by the Foxconn division of Hon Hai Precision Industry Company Ltd, in Shenzen, China. Apple is just the design and sales firm. That's not a reliable source for secure DoD communications.
There are still some non-China cell phone manufacturing facilities. DoD needs to look hard at sourcing.
Re: (Score:3, Informative)
Re: (Score:2)
Re: (Score:2)
Yes, and how many of them missiles are actually fired off every year? I'm guessing not a lot.
Re: (Score:2)
The strategic value of a missile is quite a bit more/different then that of a phone that can already be replaced by another phone already on the market.
comparing a missile's value to a phone is much like comparing the value a working car presents to you with the value of a toy matchbox car. You can justify spending a larger sum of money on one of those 1967 mustangs, but not the other.
Re: (Score:2, Insightful)
I don't see why the DoD can't contract Texas Instruments to make them a custom Android phone entirely in the US.
Because even the DoD can't afford a seventy-thousand-dollar-each cellular phone with every component made in the USA.
Heck, considering that you'd have to open new fabs for some of the parts, it'd probably run more like $170,000 each.
Even with the defense contractor mark-up, 170k is not how much it would cost to make an iPhone or Android in the US. Well, unless the plants were run like a unionized auto-plant...
Re: (Score:1)
If you factor in that they could easily use up a million phones before they became obsolete (depending on how serious they are about them being used by everybody) economy of scale would drive that price way way way down.
Re: (Score:2)
Qty 1M != economies of scale for a consumer electronics device. The iPhone sold more in 1 day.
Re: (Score:1)
LoB
Re: (Score:2)
It only takes one mole to compromise your security. At that point, it isn't strictly a technological issue, although technology can ameliorate it.
Re: (Score:1)
Except that Foxconn is actually headquartered in the Republic of China on Taiwan, a US ally.
Re: (Score:3)
Re: (Score:1)
And it's not like you spy on your allies.
Re: (Score:2)
Re: (Score:1)
The iPhone is made by the Foxconn division of Hon Hai Precision Industry Company Ltd, in Shenzen, China. Apple is just the design and sales firm. That's not a reliable source for secure DoD communications.
There are still some non-China cell phone manufacturing facilities. DoD needs to look hard at sourcing.
Right, because American citizens never, ever are criminals or terrorists? Didn't the 9/11 terrorists live in the US for a long time?
Re: (Score:1)
Ah yes.. and then complain that the DoD-special-phone is hopelessly delayed, incredibly be over budget and not as secure as it was supposed to be. Doing everything from scratch is a lot more work than you may think. You can't simply trust a non-China manufacturer because it's not in China. It's not like US companies don't employ immigrants or that local citizens can't be bribed. No matter what, the DoD will have to do it's due diligence.
Re: (Score:2)
At least a large portion of the iPhone's cost comes back to Apple as a revenue and supports American programmers.
Since Android is completely free and Google does not license it, NO PORTION of most of the Andorid's phones comes back to US. It goes almost completely back to Taiwan and China.
RIM's a Canadian company and all of their revenue goes to Canada.
PS: Be careful when you try to throw stones in a glass house.
Access to what? (Score:5, Insightful)
TFA is very light on technical details. What security API are they looking to access? To do what? They have access to AOSP/Linux, and could even cook up custom ROMs if they needed. Is there some cryptographic hardware driver they need or something?
Also, From the 'article'
It seems to me that Apple and Google are making self-centered bad decisions here that won't play well with the American public. Clearly, Apple and Google should re-think these myopic and selfish policies
WTF? Maybe this journalist should re-think his self-centered trite opinion fluff pieces. Oh wait, it's NetworkWorld. Not much chance of that happening I guess.
Re:Access to what? (Score:5, Insightful)
One person I spoke with from DOD said that Apple flat out refused to play ball, telling DOD to "talk to our integrators and carriers."
I don't have any more details than the author but he seems to be making assumptions based on conversations that he wasn't involved with. Maybe the simple fact of the matter is that Apple doesn't have any security APIs that would meet the DoD standards. Frankly Apple has designed their phone for the consumer space; Blackberries are more designed for security. Also it may be that Apple simply doesn't want to share any source code with the government. If they did, someone here on slashdot would espouse some conspiracy theory that Apple was helping the federal government track and mind-control you through your iPhone.
As for Android, it is open source so the DoD can make their own modifications like the NSA did with SELinux.
Re:Access to what? (Score:4, Insightful)
Re: (Score:2)
Look at this way, Balmer is Dooku and google is clone army.
Yes, but Count Dooku got his hands chopped off and died.
I don't think this is the full picture... (Score:5, Interesting)
Shenanigans! There's got to be more to it than this.
The entire source for Android is available; what could Google be holding back? It's not as if they manufacture the phones.
What are these 'Security APIs'? It doesn't make any sense.
I think it's more likely that the DoD asked for some of Google / Apple's signing keys and the companies rightly refused.
Re: (Score:3)
Last time I looked (~2.0 era) there was still a ton of closed source stuff in android, usually labelled 'prebuilt' in the source directory.
Even if all the prebuilt stuff is gone now, there is still a ton of closed source firmware that's not distributed, but required for a working handset.
Cyanogen would be the man to ask get all the nitty gritty.
Re: (Score:2)
Isn't that the prebuilt toolchain stuff?
I'm sure there may be some closed-source stuff lower down than the OS in some of the phones, but that'd all be parts written by the handset manufacturers, and will vary between phones.
Patriotism? (Score:5, Insightful)
Apple, Google Diss the DoD (Score:1)
Dissing the DoD - or, as the article says, "thumbing their noses at" the DoD is not a wise move.
The Denizens of Doom are a group of hacker-biker crossbreeds. A true Ubermensch, if you will. Piss them off sufficiently, and they will kick your digital ass!
security, the ultimate pretext (Score:3, Interesting)
The military's security evaluations are heavily biased. Any technology the military does not want to use can be declared insecure, whether or not it is, and vice versa. One can always find a reason something is not secure.
For example, they wanted to use Windows, and not any flavor of UNIX. The fact that Windows is produced by an American company was trotted out as a reason it was more secure. Code written by foreigners might have back doors, etc. Also, open source software development was shot down as fundamentally less secure than proprietary ways. Anyone might slip malware into open source. So, no Linux or FreeBSD. But then, why not a proprietary UNIX? They also prefer dealing with big companies, which informally disqualifies many UNIX vendors. They just have to come up with good sounding excuses, and security ones are great.
For the other side of the issue, they'll lean on their evaluators to rubber stamp tech that they like. Often it seems that what they really want out of their evaluators is creative reasoning that gives them the cover they need to use what they want, not impartial evaluations. Or they'll bypass them. They can get approval on an interim basis when there is nothing secure enough, and they have to have something. They're accustomed to Windows, and they like it, so they found ways to get it on board.
However, they can't do absolutely anything. Often there are ways that though extremely inconvenient, do increase apparent security, and which cannot be worked around. A big one is the "air gap". Need a separate computer for each network, to prevent information leakage across the boundaries.
Re: (Score:2)
WTF are you talking about. Unix and Linux are used extensively on mission systems with in the DoD. You think they use Windows to manage the Missile systems you need to think again.
You are correct in thinking that if a general wants something then he can probably get it secure on not but you are an idiot to think that Open Source is not used in the DoD. The politics can overrule the evaluators. Many times I have seen the evaluators say something is not a good idea and get overruled by the bosses.
Re: (Score:1)
WTF are you talking about. Unix and Linux are used extensively on mission systems with in the DoD. You think they use Windows to manage the Missile systems you need to think again.
of course a rebuttal of this is simply to point you at the USS Yorktown [wikipedia.org]. True that the "missile"systems were not controlled by NT, but being dead in the water would not have helped firing any weapon at all.
Re: (Score:2)
WTF are you talking about. Unix and Linux are used extensively on mission systems with in the DoD. You think they use Windows to manage the Missile systems you need to think again.
of course a rebuttal of this is simply to point you at the USS Yorktown [wikipedia.org]. True that the "missile"systems were not controlled by NT, but being dead in the water would not have helped firing any weapon at all.
The failure appears not to be an OS issue but an application issue; something that can happen with any OS.
Re: (Score:2)
The failure appears not to be an OS issue but an application issue; something that can happen with any OS.
The point was that the DOD is/was using Windows technology in critical applications.
Re: (Score:2)
The failure appears not to be an OS issue but an application issue; something that can happen with any OS.
The point was that the DOD is/was using Windows technology in critical applications.
No one said they weren't - just that *Nix was also used; and that Windows was not the cause of the Yorktown's failure.
Re: (Score:1)
The military's security evaluations are heavily biased. Any technology the military does not want to use can be declared insecure, whether or not it is, and vice versa. One can always find a reason something is not secure.
BS. There may be some grey areas, but there are all sorts of actual, real documented standards. The blackberry platform has been audited & certified from end-to-end:
http://us.blackberry.com/ataglance/security/certifications.jsp [blackberry.com]
Blackberry has been approved by the governments of Canada,
Re: (Score:2)
EAL 4 is not really that good, but it is used a lot because that's the highest level that is easy to obtain. EAL 5 through EAL 7 is where the real security begins.
A big problem is that there's almost nothing rated EAL 5+. Only stuff I have heard of are devices simple enough that formal proofs are possible, software that is so locked down as to be nearly useless, and stuff such as GEMSOS that is obsolete because the evaluation process took longer than the lifetime of the technology. Undoubtedly, Apple a
Re: (Score:3)
FBCB2 runs on Solaris and can be found in almost every Stryker since 2001.
It can be found almost every US platoon of wheeled vehicles in Iraq or Afghanistan. Probably in all the Brads and Abrams too.
Re: (Score:2)
What a non argument. It's not like Microsoft doesn't employ foreigners.
Re: (Score:2)
yes, and you are full of shit, DoD is filthy with Unix, Linux, Mac OS, and other assorted systems. Go back under your rock.
Re: (Score:2)
For example, they wanted to use Windows, and not any flavor of UNIX.
Except they do use UNIX.
and Linux
what the hell are you rambling on about?
Bad summary (Score:2)
Google and Apple just told the DISA to talk to the integrators. They aren't getting special treatment which makes sense: as big as the DoD is, they are still smaller and more specialized than the general public which the devices were meant to serve.
This is a job for a small, tight-knit development company developing under NDA, i.e. integrator.
Cryptograms (Score:1)
Poor Article (Score:2)
FTA: "Providing API access to DOD is the patriotic and morale thing to do, especially since DOD is opening the door to lots of sales opportunities for both companies. "
Yeah, that's a well-written article. I'm convinced.
Google and Apple know all too well (Score:2)
If you give access or information about APIs that this information can leak out and be used for the wrong purposes.
The military should buy something that does what they want, not buy a consumer product then try to get the manufacturer to change it for them.
seems fair enough (Score:1)
Apple's iPad needs a CAC reader... (or a USB slot) (Score:2)
This is going to get even worse for Apple's iPad and other USB free devices. Without a smart card reader, or at least a USB slot to add one, these devices are going to have very limited usability in the DoD as things move forward.
Re: (Score:2, Troll)
They gay ban hasn't been overturned yet.
Re: (Score:2)
Seriously, how is a disgruntled private supposed to suck down the contents of the DoD document store without a USB port?
Sorry I don't see government as the gate keeper (Score:1)
Google and Apple CAN'T DO IT! (Score:2)
Linux and BSD the OS's under Android and iPhone both have solid security tools. Linux's version was written by the NSA FFS. But once the machine leaves the hands of G&A the 'integrators' have full control over what goes in and what stays out. For Linux the major security enhancements can be turned off with a single switch & kernel recompile.
The only way either company could force the issue is to use legal means and renegotiate their agreements with these 'integrators' AKA 'Phone companies'.
Good
fair is fair... (Score:1)
If blackberry did just that, then they should too, although I do not understand what the big deal is, if the military is reviewing the code in order to see what is going on as to ensure no one is logging the communication flow, but anyways, this is not news, happens all the time when dealing with military, they need to follow protocal, and the rest of us civis don't....no big deal, so they stay with BB and just keep ensuring their platform survives even longer...
Good for them (Score:1)
Give the gov their code and expect it spread on the internet the next day. (Yeah, I have a lot of faith in the gov'ment)
Re: (Score:2)
iPhone and Android make money by spying on you [citation needed]. DOD wants to reprogram their OS [citation needed] to make that impossible [citation needed], and they said no [citation needed]. They won't even let the DOD have a secure version of their OS [citation needed], because their OS are inherently insecure [citation needed].
FTFY.