Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Navy Develops World's Worst E-reader

Posted by timothy on from the I-want-one dept.

First time accepted submitter Dimetrodon (2714071) writes "It is an unspoken rule of military procurement that any IT or communications technology will invariably be years behind what is commercially available or technically hobbled to ensure security. One case in point is the uncomfortably backronymed NeRD, or Navy e-Reader Device, an electronic book so secure the 300 titles it holds can never be updated. Ever."

21 of 249 comments (clear)

  1. In the navy by Anonymous Coward · · Score: 5, Insightful

    security > usability

    No sir, that's just my Kindle. I didn't load classified files on to it, I swear!

    What? Our secret base was compromised because Private Biff's iPad, which tracked everywhere we went, was stolen by a hooker at the last port?

    1. Re:In the navy by Shoten · · Score: 4, Informative

      security > usability

      No sir, that's just my Kindle. I didn't load classified files on to it, I swear!

      What? Our secret base was compromised because Private Biff's iPad, which tracked everywhere we went, was stolen by a hooker at the last port?

      Actually, on a nuclear-powered, nuclear-armed vessel with the ability to start World War III, I would argue that for the purposes of recreational reading, security is more important than usability. Consider the failure modes of usability for an e-reader meant for recreation. Now consider the failure mode of security on a nuclear missile submarine.

      I've tried to think of a way to make it updatable...including strong crypto that you'd need a keyloader to manage, so that only trusted devices could update or manage content on the readers. But ultimately, I couldn't find a way to make it so that the device wouldn't have to be considered a controlled asset...and that's essentially the situation they're trying to avoid in the first place. The sub is basically a gigantic SCIF, so if there's any doubt at all as to the device's capability for carrying data out of the environment, it becomes a lot harder to manage. And the OP speaks to it in terms of comparison to an e-reader like we'd have out in the open world; that's not what this is meant to be. It's meant to make it possible for sailors on the boat to have more books than they are used to having. It's a step forward.

      --

      For your security, this post has been encrypted with ROT-13, twice.
    2. Re:In the navy by Noah+Haders · · Score: 3, Insightful

      honestly, no big deal if you can't update it. every 6 months just send out new updated ones. You can collect the old ones for reuse / refurbishment.

  2. There's a reason books can't be updated by hawguy · · Score: 5, Insightful

    It's not like they "forgot" that users might want to add new books, the inability of any updatable storage was a design requirement to prevent it from being used for espionage or as a channel to inadvertently bring malware aboard a ship.

    This is to prevent it being used to smuggle secret military data ashore, take illicit photos, introduce computer malware or record covert conversations.

    Though it seems that there are so many ways for a person to smuggle a MicroSD card into a secure area that an eReader is probably not a huge concern.

    1. Re:There's a reason books can't be updated by Richard_at_work · · Score: 5, Interesting

      Getting data onto that MicroSD card would be an issue.

      The main reasons for the lockdown on the device is stray EM emissions which can give away a ships position - and that includes peripherals, so no ports. I have no doubt that its cheaper to replace the readers with new ones every year than it is to build in a way to securely updateable.

    2. Re:There's a reason books can't be updated by jythie · · Score: 5, Insightful

      Heh. This summary strikes me as an example of consumers applying their needs to other industries. Here we have a device that is built for a specific but niche use case. Some people are reacting with the idea that as average consumers it does not meet their needs very well therefor it is useless or inferior.

    3. Re:There's a reason books can't be updated by arth1 · · Score: 4, Insightful

      Though it seems that there are so many ways for a person to smuggle a MicroSD card into a secure area that an eReader is probably not a huge concern.

      I'd think it would be more of an issue with someone potentially editing or replacing the books, changing vital details in operation manuals. If you cannot change the books, at least you know exactly what they contain.

    4. Re:There's a reason books can't be updated by jcochran · · Score: 4, Interesting

      EM emissions in what is effectively a huge Faraday cage? I don't think so.
      The ebook lockdown is intended to prevent ex-filtration of security information. I'm rather surprised at the rather restricted number of titles they provide. And it seems that they could have designed it to permit updating of the contents while on shore. Say perhaps with a special loader that cryptographically signs the new content and the actual data transmission path being near field interactions. If such devices were only available at shore bases, it would be cumbersome, but would still allow for the updating of contents while preserving the security aspects of the readers.

    5. Re:There's a reason books can't be updated by SJHillman · · Score: 3, Funny

      For the same of variety, I'm hoping they didn't stock a lot of large print books...

  3. makes sense by Anonymous Coward · · Score: 5, Insightful

    "The company has already delivered similar gadgets to members of the US Army and other military personnel.
    The brainchild of the Navy's General Library Program, the electronic ink Kindle-alike has no internet capability, no removable storage, no camera and no way to add or delete content. This is to prevent it being used to smuggle secret military data ashore, take illicit photos, introduce computer malware or record covert conversations."

    Actually makes sense to me.....

    1. Re:makes sense by schnell · · Score: 4, Informative

      You mean photos of illicit activities.

      No, he means take illicit photos. Not to get in the way of a good conspiracy theory, but there are many highly sensitive areas on a US nuclear submarine that certain foreign powers would love to get pictures of for competitive intelligence purposes. That's what they're worried about, not some coverup of the Navy heartlessly waterboarding harp seals or giving blue whales torpedo enemas.

      --
      "95% of all Slashdot .sig quotes are incorrect or completely fabricated." -Benjamin Franklin
  4. O RLY? by CanEHdian · · Score: 3, Interesting

    I bet with all this slashvertising these things are going to become collector's items; every hacker will want one to see if they *can* change the content.

    --
    When the copyright term is "forever minus a day", live every day like it's the last.
  5. Makes sense by Anonymous Coward · · Score: 3, Insightful

    Can't have machines capable of transporting unauthorized files or tracking your fleet location on board. Would be idiotic.

    This provides a way to give sailors a decent library of books to read without having to find a place to have a dead tree library on a cramped ship.

    The concept is perfectly sound, despite obvious failings in the design/specs (only 300 books, and probably thousands of dollars each, hah)

  6. Titles? by RDW · · Score: 4, Interesting

    The WSJ is marginally more informative on the contents:

    "The content consists mainly of newer bestsellers and public-domain classics, as well as titles from the Navy reading list and other texts for professional development. Since publishing partners include Simon & Schuster, HarperCollins, Hachette and Random House, the lineup is impressive, ranging from contemporary fiction such as A Game of Thrones and The Girl with a Dragon Tattoo, bestselling non-fiction such as The Immortal Life of Henrietta Lacks, and bonafide nerd favorites including The Lord of the Rings series, Orson Scott Card's Ender's Game, and Stephen King's The Stand."

    Anyone have a list, or is it classified? Is 'Mutiny on the Bounty' allowed?

  7. Better Headline by Chillas · · Score: 5, Insightful

    "Navy Invents E-reader that is Secure, Meets its Needs; Hated By People Who Will Never See or Use It"

    --
    --- Math illiteracy affects 8 out of every 5 people.
    1. Re:Better Headline by sootman · · Score: 5, Funny

      Next on Slashdot: "Army tanks are uncomfortable, get horrible mileage."

      --
      Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
  8. Very bad summary title by davidwr · · Score: 5, Insightful

    This is not the "Worst" e-Reader ever.

    Why do I say that?

    Because it is working as designed.

    Frankly, for certain high-security situations this kind of "immutable" device is the only kind of device that would be allowed in. So it's either something like this, or books-on-tape/CD/paper/something else.

    For slightly less-but-still-very-secure situations you could allow some type of external read-only, no-processor-chip-onboard "expansion pack" memory so that the book content could be switched out without getting a whole new device. I wouldn't use USB though, as that requires a processor on the stick itself.

    Also, I'd make very sure the data format was really "data only" not something that could, in theory, be a vector for "code." This would rule out PDF and PostScript. In other words, it would be pretty limited.

    The things you absolutely do not want for this type of device in a high-security environment are:
    * Any ability to "run code"
    * Any wireless
    * Any ability to export data other than through the screen (you can't stop someone from photographing the screen)
    * Any ability to "hack" the device without physical access and accessing it in a non-standard way (e.g. with a screwdriver). This means the software must be proven to never do anything "bad" other than "just die, requiring a reboot" if the operator is tricked into giving it even carefully-crafted/designed-to-do-bad-things bad data.

    In some cases, you do not want it displaying anything other than what is "whitelisted." This can be done by either only displaying properly-digitally-signed files or, as in this case, by only providing a limited set of files and "sealing" the device.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  9. Re:Hmmm, So its like a book? by Wonko+the+Sane · · Score: 3, Interesting

    Manuals generally can't be updated unless new sections are added or pages added.

    Actually most technical manuals onboard ships that are still kept in paper form are designed to be easily updated. The pages aren't glued in place - they are three-hole punched and kept in binders. When an update to the manual comes out, they only need to distribute the specific pages which have changed. Each page has a revision number on it, and the manuals will contain a "List of effective pages" noting the most current version of every page in the manual.

    This means you can now assign people to do nothing but go through paper manuals page-by-page and verify that every page is present and at the correct revision.

  10. Re:Hmmm, So its like a book? by gstoddart · · Score: 3, Insightful

    This is not too different from commercial aircraft.

    Take a Boeing 747. They've been in production for almost 50 years, been through dozens of iterations and tweaks, man different variations, and quite possibly no two are exactly alike.

    You essentially need to be able to get the full manual as it applies to any given aircraft, because over time there's been upgrades, changes, recalls, and everything else you can imagine.

    When you have a few million parts flying in formation, making sure you know which specific parts are in which specific plane is a Very Important Task.

    This means you can now assign people to do nothing but go through paper manuals page-by-page and verify that every page is present and at the correct revision.

    And, compared to the cost of, say, an aircraft carrier of a submarine, the cost of that is pretty insignificant.

    --
    Lost at C:>. Found at C.
  11. Re:I'm sure it's perennial thrillers by FilmedInNoir · · Score: 4, Funny

    Ironically the last two sound more sexually charged then the first one.

    --
    Sig. Sig. Sputnik
  12. Re:I'm sure it's perennial thrillers by geminidomino · · Score: 3, Insightful

    It's a long assumption that the sun will live long enough, at the pace GRRM writes...