Slashdot Mirror
NSA Publishes Blueprint For Top Secret Android Phone
mask.of.sanity writes "The National Security Agency has designed a super-secure Android phone from commercial parts, and released the blueprints(Pdf) to the public. The doubly-encrypted phone, dubbed Fishbowl, was designed to be secure enough to handle top secret phone calls yet be as easy to use and cheap to build as commercial handsets. One hundred US government staff are using the phones under a pilot which is part of a wider project to redesign communication platforms used in classified conversations."
Wow sounds very secure, hopefully they did n't decide to go with ROT-13 twice.
In a shoe?
A feeling of having made the same mistake before: Deja Foobar
Surely you mean all three sides of the conversation...
Seven puppies were harmed during the making of this post.
All I've really wanted for christmas for the last 10 years is a phone easily disassemblable, with a transparent case, and user facing dip switches for the mic, the antennas, the battery, and these days, the power line going to the camera. Or alternately for the camera, a physical piece of plastic that slides to expose/cover the camera. Also the dip switches should be placed in such a way that it is reasonably convincing to technical users that they are in fact breaking the relevant physical traces/wires.
Maybe in 10 more years...
Just wondering when Microsoft sues the NSA for patent infringement for using Android.
re: "The doubly-encrypted phone, dubbed Fishbowl"
A strange combination of clever and ironic.
Fishbowl is an anagram of Blowfish, though I dunno if they use that cipher.
However to most folks, a fishbowl is something in clear view, under close observation.
Quirky.
Um, maybe being able to use it inside the secured faciltiy? I worked at DIA for a while, and if someone wasn't at their desk, aside from leaving a sticky note for them, the only thing you could do is walk around and look for them or wait. Outside of work, I could call, text, email, facebook, IM, etc. But at work, there was email to their desk, call their desk, or nothing. A secured cell phone to take with you when you walk around would make things so much easier.
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
I was at the talk yesterday (at the RSA Conference) where NSA IAD director Margaret Salter presented this information. While the linked article is mostly factually correct, it glosses over or misses quite a few things. In no particular order:
* NSA's goal was to produce a spec for how to use commercial devices and commercial carriers yet still meet the requirements for SECRET or higher classified comms *without* forcing every user to be a COMSEC custodian. IMO, this represents a *huge* change in NSA's outlook on COMSEC and security in general. In the past, their focus has always been "security first, regardless of the impact on usability." Fishbowl's goals are an intriguing departure from this mindset.
* The selection of Android was not a starting point, but the outcome of a selection process that included requirements like "we have to be able to get the OS tweaked to meet our needs." The relative openness of Android played well against this requirement.
* Fishbowl currently only works on one handset. Salter declined to say which one, but it was clearly a Motorola product. Again, this was related to technical requirements around customization, boot loaders, etc
* The article gets it right about IPSEC vs SSLVPN but falls short of detailing the laundry list of things NSA wanted but was ultimately unable to obtain. It's clear that as the landscape evolves, NSA will update the fishbowl spec. For example, if someone made available an Android that supported Suite B, I think that would appear on the spec immediately.
* Salter did address the issue of rogue apps directly. She said that Fishbowl basically required policy support for locking out unapproved app installs, and that only NSA approved apps from the NSA enterprise app store would be allowed. "we don't want to be in the business of accrediting Angry Birds" is as close a quote as I can manage from memory.
* The best question from the audience was when someone asked if, by publishing a spec on how to do encrypted secure comms on an Android, her division hadn't made the job of the SIGINT spooks impossibly more difficult. She somewhat artfully dodged/refused to answer, and simply said that her job was to protect the data and communications of the US Government. My take: draw your own conclusions about NSA's ability to break IPSEC.
The talk was interesting, well presented, and completely sold out. I got one of the last 5 or 6 seats before they stopped letting people in the room.
If you're implying a back door, the overriding problem as far as I can see is that if you have a secret double encrypted phone with an option, no matter how secret, for someone else to listen in, as a secret organization you wouldn't dare use the phone. Because somehow, by hook or by crook, by bribery, blackmail or corruption from the richest countries and individuals of the world, that back door *will* be made available to foreign powers. It's inevitable.
And so, the NSA will have created a phone that the NSA itself could not use.
If it had been intended as a honey pot, then bravo. Otherwise, no.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
MS knows that the government controls patents and that national security is a grounds that the government can take a patent away and make it public domain.
Interestingly enough the NSA has special status when it comes to patents. They can file secret patents that remain classified until someone tries to patent the same thing. At such time their patent is revealed and is valid from that date of revelation.
One day I was reading James Bamford's book "The Puzzle Palace" which was all about the NSA and crypto stuff. I was sitting on the back porch of The Last Exit on Brooklyn street coffeehouse reading when I got to a chapter about a guy who had made an encrypting phone out of cheap off the shelf components. He called it the phasorphone. When he applied for a patent the NSA seized it and gagged him (that means he was threatened and coerced to not talk about it). I pointed at the name in the book and held it up to the guy across the table from me and said "Carl, is this you?". He told me a bit about it and said the NSA kept track of him all the time after that. Department of Defense DIRECTIVE NUMBER 5535.02 March 24, 2010 USD(P) SUBJECT: DoD Patent Security Review Process You know, national security and all that. Because the light of democracy is so weak that it can only succeed if veiled by the cloak of secrecy, right?
However cryptography wasn't widely used or known to the public back in the day. Also while the codes used were technically cryptography by the pure meaning of the word, they really weren't by modern thinking. They were, well, codes, secret language and the like. As an example the highly successful Navajo Code Talkers in WWII weren't using mathematical encryption, book cyphers, or the like, they were just speaking a language that nobody in Germany understood, and using special terminology.
The public really didn't have much of a study of cryptography in the modern sense back in the day. Heck, read up on the DES process. The NBS asked for submissions and nobody presented anything useful so they went to IBM and asked them to try (IBM being the biggest civilian employer of mathematicians at the time) and they developed DES, with some consultation with the NSA (who asked them to keep a lid on things like differential cryptanalysis).
When DES came out, it lead to a real jump start of civilian study of cryptography. People were curious about this new thing and started looking at it.
If you want to equate coded speech with mathematical crypto, ok fine then I guess, but it really isn't. Mathematical cryptography changed the game. With codes it was all about working to understand and guess the enemy's coding scheme, and such things were done all the time. With mathematical crypto, you can design a system that is unbreakable except through brute force (which you can make infeasible) or via some sort of new discovery in cryptology.
This is something the NSA was one of the very fist involved in, and indeed they came about due to the importance of code breaking in WWII. They were the largest employer of mathematicians in the world for a time (not sure if that is still true).
That's what I mean by "nobody had heard of it." I don't mean they invented it, I mean the concept was pretty much unknown to the public. The idea of a mathematical system that you could use to secure information was just not something people had heard of on any large scale. The NSA was writing crypto systems back when the geeks who now use crypto all the time were doing everything in plain text.