Slashdot Mirror
PDA Security, the Next Big Hurdle for IT?
Jack writes "ITO published an article on a new secure PDA requested by the NSA. 'General Dynamics inked an $18 million contract with the secretive National Security Agency to design and develop a secure mobile personal assistant for defense workers. The PDA will integrate all types of communications including voice, data and web.'" In related news palmtops writes "Insecure Magazine has a great and in-depth article written by Seth Fogie, the VP of Airscanner.com, about Pocket PC security. His summary of PDA attacks states: 'These devices are easy to smuggle into a business and can be used to propagate an attack against network devices. Don't make the mistake of assuming is a PDA is a simple data keeper. As the cliche' goes... it is how you use it that matters.'"
I didn't think any one on slashdot had much to worry about when it came to Public Displays of Affection ....
It has yet to be proven that intelligence has any survival value. Arthur C. Clarke (1917 - )
From the (IN)SECURE article: How are we supposed to take this article seriously, when the author can't even spell 'pwn3d' correctly? ^_^
____
~ |rip/\/\aster /\/\onkey
to make companys bend over and grab the ankles for PocketPC AVs, Wouldnt surprise me a bit if the virus development for the various PDA platforms was unofficially sponsored by the big AV companies
It might be a little late mentioning this but the link in this snippet actually points to a 9.1 meg PDF file.
In the future it would be nice if submitters (and especially editors) actually describe the target of a link when it doesn't go to a good old fashioned HTML or XHTML page of content.
Avantslash - View Slashdot cleanly on your mobile phone.
The PDA will integrate all types of communications including voice, data and web
Riiight, so its sort of a SMARTPHONE then? Sure PDAs could be a threat, but its probably worth focusing more on something that everyone already has and which is has all this functionality already, as well as a digital camera etc.... the ubiquitous mobile phone.
Developing, and then requiring, a "secure" PDA for all your people and then being "suprised" when information leaks via their mobile phone with the 1GB Flashcard, 2 Mega-pixel camera and Broadband 3G connection doesn't sound like a plan for tomorrow.
An Eye for an Eye will make the whole world blind - Gandhi
I think the biggest problem is every manufacturor makes his own synchronisation software running some weird propietary protocol. It feels like the good old days where you spent half a day setting up your dotmatrix in WP 2.1, and then restarted from zero in Lotus 123. Somebody should set some standards here. A PDA/Phone should be hardware abstracted at the OS level, just like a printer. And on corporate networks, the PC should just be a USB/Bluetooth -to-ethernet router, with the PDA authenticating directly to Exchange/Notes/whatever.
10 ?"Hello World" life was simple then
I work for an agency under DoD as ADP R&D Program Manager. I think you'd be amazed at how many people are hollering for connected PDAs - and for the ones who have a real need we usually give them Blackberrys but you can't connect a Blackberry to a trusted network ;-)
Granted, most of these connected PDAs will end up in a desk drawer as soon as the user finds out how unpleasant it can be to send and receive email with a PDA, but they still want the things - and most of the people who want them outrank me. IF the boss wants executive jewelry I guess it's my job to get it for him.
Common access card compatibility will be a good thing - except the resulting PDA will probably be about the size and weight of your average brick. Right now we've got more than enough challenges with PDAs as DoD requires FIPS 140-2 encryption, a firewall feature set and a virus scanner on connected PDAs.
I did send TFA to our local IA department just because I like to watch their heads spin around every once in awhile, though - the last time I did that I sent them a brochure on an NSA-approved 802.11 solution for access to *classified* computer networks.
I love my job ;-)
we see things not as as they are, but as we are.
-- anais nin
If using Firefox, try this in your [profile]/chrome/userContent.css: /* indicate PDF links */
a[href$=".pdf"]:after {
font-size: smaller;
content: "pdf";
}
Think I got that from another Slashdot post, can't seem to find it now though (thanks anyway, whoever posted it!)
-- Nothing unusual happened today
http://openbsd.org/zaurus.html
Nuff Said.
Chaos is Divine *
I was happy when the pager business finally died. That reduced the number of gizmos that I was carrying around on a daily basis from 4 to 3; the cellphone features became advanced (and cheap) enough to obsolete the pager completely. At one time, I thought that I would probably snarf up the PDA/phone combo, but I haven't yet found one that I really want to buy -- the price/performance just isn't there yet. When the PDA/cellphone combination gets cheap enough (and full-featured enough), then I envision reducing my current gizmo count to 2.
As for the laptop, it looks like that will be around for a while. At this point, the PDA just doesn't have the display or input capability to make it the all-in-one personal computing tool. In order for a PDA-sized device to displace the laptop, the I/O needs to get way more advanced, something on the order of a combination ocular/cochlear implant and voice (or better yet, thought ) recognition.
What are the security folks gonna do when the day comes that you can look at a document and issue a thought-command " copy "? I'm guessing that will be the end of paper documents; to be replaced entirely by electronic (and encrypted) communications for all purposes, including money.
Concealed Handgun License Courses in Plano, Texas