Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Communications Cellphones Encryption Government United States

The NSA Wants Its Own Smartphone 172

Art Vanderlay writes "Troy Lange might work for one of the more secretive spy agencies in the United States, but he is happy to talk about his work. He is the NSA's mobility mission manager and he has been tasked with creating a smartphone that is secure enough to allow government personnel who deal with highly sensitive information to take their work on the road. At present, the U.S. Government has secure cellphones; they use the government's Secret Internet Protocol Router Network. The problem is that they can only communicate with other devices that are plugged into the network and their use is restricted to top-secret level communications. Lange wants a smartphone that is inter-operable and presumably trusted to deal with even more sensitive information. Lange said that he wanted to see his secure smartphone reach beyond the NSA – ultimately to reach every 'every employee in the Defense Department, intelligence community, and across government.'"
This discussion has been archived. No new comments can be posted.

The NSA Wants Its Own Smartphone

Comments Filter:
  • by elrous0 ( 869638 ) * on Tuesday September 27, 2011 @08:33AM (#37525648)

    Oh, so your boys get the privacy protections that you've spent the last 10 years undermining [eff.org] for all the rest of us plebs, huh? I tell you what, I'll be cool with your special phones if, in exchange, the President and NSA Director will issue a public directive to all NSA employees reaffirming the pre-911 NSA policy of not to spying on the phone calls or emails of any American citizen without a court order. You know that policy, right? It's the one we put into law [wikipedia.org] in 1978--the law that you ignored just because the President said so [nytimes.com].

    I'll hold my breath.

    • Who's saying that the employees conversations on these phones won't be tracked?
      • by FatLittleMonkey ( 1341387 ) on Tuesday September 27, 2011 @09:05AM (#37525990)

        Who's saying that the employees conversations on these phones won't be tracked?

        Yeah, but securely tracked.

    • I agree it would be better if "policy" was for them to not spy on us, but I don't believe that ever stopped them. It just limited what they could do with the information.
      • Re: (Score:3, Informative)

        by Ouchie ( 1386333 )
        The NSA/DOD listening is not as simple as you think. It isn't a bunch of analysts sitting around listening to everyone's phone calls to Pakistan. Computers listen passively to international phone calls looking for keywords and codewords. They score hits based on these usages and push it up for further analysis such as voice identification and stress pattern analysis.

        The analysis is multi-level relying on computers for the first few levels until the computer ranks you high enough to warrant an analyst atte
    • by bsDaemon ( 87307 ) on Tuesday September 27, 2011 @09:05AM (#37526002)

      I would be willing to bet that the people who will have this phone issued to them will have even less personal privacy on the device than normal cell phone users. After all, what good is securing the device from evesdropping by foreign intelligence if you can't catch people who are spying from the inside? State security and personal privacy aren't the same thing, not that the difference justifies fucking us, as citizens, over in the name of stopping turrerism.

    • What are you rambling on about? You can 100% guarantee that a phone given to you by the NSA capable of accessing classified information is going to be heavily and regularly monitored by the government without court orders required. There would be 0% expectation of privacy with such a phone.
      • What are you rambling on about? You can 100% guarantee that a phone given to you by the NSA capable of accessing classified information is going to be heavily and regularly monitored by the government without court orders required. There would be 0% expectation of privacy with such a phone.

        Except for the fact that there won't be many people who are cleared to hear all the secure phones, so the personnel required might make monitoring impossible, and for phones held by people with exceptionally high clearance, it's possible that nobody but the phone holder would be cleared for everything he might talk about.

        Add to that the fact that many truly "this didn't happen" operations need guarantees that nobody else knows means that routine monitoring of these sorts of phones is probably unlikely.

      • > There would be 0% expectation of privacy with such a phone.

        As opposed to....?

    • The thing is, they KNOW how bad it is with governments forcing businesses to share information with them. This is true for seemingly all governments and all businesses. But because that sword cuts both ways, they have essentially created a situation where the technologies and devices are no long trustworthy. So now, they have to create their OWN stuff and not depend so much on contractors (read: cronies).

      I can't say I didn't see this coming, but I can say I'm surprised it has taken them this long to real

  • by Anonymous Coward on Tuesday September 27, 2011 @08:40AM (#37525698)

    It's from General Dynamics:

    http://www.gdc4s.com/content/detail.cfm?item=32640fd9-0213-4330-a742-55106fbaff32 [gdc4s.com]

    Blackberry is very good, it currently holds many certifications (but not top secret):

    http://us.blackberry.com/ataglance/security/certifications.jsp [blackberry.com]

    Fundamentally, there is a problem with mobile access for top secret communications - you don't know who is looking over the shoulder of the authorized user. Or if someone is pointing a gun at the head of an authorized user. These problems are reduced when you make the user come in to the office.

    • SME-PED will bring SIPRNet to your hip, but the thing's a brick (35 mm thick and weighs half a kilo!) ....and don't get me started on the two hour battery life.

      • Well since feds were never big on fashion I don't think they'll care about the size or weight. The battery life's obviously a problem, and the other problem I see is that you apparently have to choose whether you want a cell modem or a wifi adapter installed, but that's not even a huge problem.

        So is that 2 hours of active use or 2 hours of standby? Even my N900 will get 3-4 hours of active use if I really abuse it (say, playing a movie with a non-GPU-accelerated codec). I'd say an N900 has about the minimum

        • That's two hours active use. But when you're going secure in the field it's because the shit has hit the fan and you need to weigh getting the mission done vs. possible leaks. Dunno why these things eat batteries. Maybe the crypto ASICs are particularly hungry?

    • Maybe you could program a stealthy mechanism to have the phone send a "help, my user is having a gun to his head" message, like entering and leaving a set of menus in a certain order?

      More likely it'l be forgotten or stolen, ovbiously, but if it contains no information but a password-encrypted VPN or authentication key by itself and the password is of proper length it should be practically safe anyway? And the data it has access to is presumably really, really limited and segregated?
      • Well... the forgotten or stolen problem is solved by the fact that you can do a remote wipe with a few keystrokes at the admin console.

        • Exactly my point; as long as you can delay cracking the password on the auth key to well beyond the time required to remove access privileges from the key the system should be safe in a practical sense. A remote wipe wouldn't be neccessary since it would be obviously unsafe for the phone to store or cache information - you could defeat remote wipe by putting the phone in a signal-proof container and taking it somewhere safe to view the data on it.
          • Okay, actually reading the feature list of the sectera it looks like it manages stuff that's not "secret" as well, like mailing lists and contacts and such and that's stored with "type 1 encryption" which wikipedia defines as being the designation for protection of "classified" data.
          • and if signal blocking is that much of a problem you have a Auto-Redaction Circuit with its own battery that redacts the phone (thermite charge or similar)) if it loses signal for more than 5 minutes and is not tethered to an authorized repair terminal.

        • The bad guys (or should I say other guys? ;) ) have Faraday bags for that. You need some kind of dead man's switch. Don't enter a password every 12 hours and it wipes itself and then maybe overvolts itself. Have a special "coercion password" that will self-re-image the phone and then unlock it, giving the bad guys a working but useless phone.

    • The Sectera is the one mentioned, that uses VOIP over SIPR. It's still quite large, poor battery life, and you have to treat the unit as classified at all times. The Blackberry is not authorized for classified at all, just sensitive but unclass.

      What they really want is the cell phone equivalent of the STU/STE deskphones with the size and battery life of a current modern cell phone.

    • General Dynamics? With Fargo in charge at least we know that the top minds are on the case.

  • And the information will remain highly secure - right up until someone takes a non-secure camera and points it at the secure smartphone so they can get their job done.
  • by js3 ( 319268 ) on Tuesday September 27, 2011 @08:43AM (#37525724)

    wouldn't the value of security be gone if it is allowed to communicate with other phones? Don't these people learn anything?

    • by EdZ ( 755139 )
      Yeah, I'm wondering how adding a few hundred thousand links between the public network and SIPRnet is meant to be a good idea..
  • hey look! someone left their phone.

    • by Thud457 ( 234763 )
      Obviously these would be hard-paired to the person's bio-chip so the phone would notify them if they moved too far out of range. sheeesh!
  • on the one hand they want to spy on each and everything

    on the other hand they want to keep their turf secret

    Does one have to be schizophrenic to work there?

    if not mandatory, it sure would help!

    • by kevinNCSU ( 1531307 ) on Tuesday September 27, 2011 @09:17AM (#37526156)
      I don't think there's anything inherently contradictory about wanting to keep the enemy's knowledge of you to a minimum while maximizing your knowledge of the enemy. Both stem from the idea that knowledge/information is power, and in the information battle, just like the physical battle, you're not interested in a level playing field.
      • by kubitus ( 927806 )
        the contradiction lies in :

        .

        on one side developing secure technology

        and on the other hand you want to eavesdrop

        .

        you ain't need to explain that the NSA wants to eat the cake and keep it too!

        and I'll bet that the ideas, if not the whole technology will land in the hands of those the NSA wants to spy on.

    • schizophrenic ? No.

      Hypocrite? YES

    • by Bob9113 ( 14996 )

      on the one hand they want to spy on each and everything
      on the other hand they want to keep their turf secret

      Does one have to be schizophrenic to work there?

      I believe a more apt term would be megalomaniacal; believing oneself to have absolute moral superiority -- in this case, over a craven race of incipient terrorists, pedophiles, and copyright infringers.

      • I believe a more apt term would be megalomaniacal; believing oneself to have absolute moral superiority -- in this case, over a craven race of incipient terrorists, pedophiles, and copyright infringers.

        Hey now! Do you have any evidence at all that any copyright infringement is going on?

  • AT&T and the mass media propaganda machine spys on everyone's cellphones as it is now, (kind of makes that cell blocked 800MHz scanner thing a red herring)
  • There has to be a way for the Patriot Act spying to go mobile...you can't just have people spying on Americans from a cubicle somewhere when they can do it from the privacy of their own government-owned car...

  • by Anonymous Coward

    what a load of crap. There are no TS data of any kind on or connected to SIPR. The current slate of smart phones that can carry classified comms do NOT connect to SIPR (they are point to point only and use PKI or Shared Secret keys to stand up a P2P secure channel). This article is regarding the Fort's effort to come up with a TS SMEPED as they're known.

  • Gah (Score:4, Insightful)

    by lightknight ( 213164 ) on Tuesday September 27, 2011 @08:57AM (#37525900) Homepage

    *facepalms*

    How can they ask for something like this after doing everything in their power to ensure something like this can't be created?

    Well, sure Mr. NSA, we can cobble together a secure phone for you...we'll just throw in an encryption / decryption chip and a process that prompts for a password every 5 minutes. And your agents will hate it, it will become compromised (journalists are so irresponsible), and it will become a waste of tax-payer money.

    Did I mention it won't be secure? But don't worry; someone will tell you it can be done, and you'll pay them a lot of money, only to realize they lied.

    • How can they ask for something like this after doing everything in their power to ensure something like this can't be created?

      This all makes perfect sense when you consider what the NSA's desired state of affairs is:
      * The NSA, and only the NSA, are technically capable of spying on everybody and anybody at the drop of a hat.
      * Nobody can spy on US government officials, and especially nobody can spy on the NSA.

      It's worth pointing out that both of these activities are very much within the stated mission of the NSA.

    • *facepalms*

      How can they ask for something like this after doing everything in their power to ensure something like this can't be created?.

      Uh, there is nothing preventing a US citizen or legal resident from creating a device that can handle information at different security levels, even TS. You are prevented (and rightly so) from having one already created *for them*, or to create a device that circumvent *their* information handling. But there is nothing that prevents you from creating one from scratch, even a more powerful (though it would be unlikely that you can market one of such from-scratch devices to them after building it outside of t

      • Uh, there is nothing preventing a US citizen or legal resident from creating a device that can handle information at different security levels, even TS.

        I wouldn't be so sure about that. Officially, yes, you may by now create a phone that does secure voice encryption without any backdoor or key escrow. Some data-channel apps out there claim to do that. But if you implement such an app on your own, I wouldn't be surprised if somebody had a long talk with you...

        Don't forget that there is the PATRIOT act -- as long as it is in place no US-made encryption device can be considered secure.

        • Uh, there is nothing preventing a US citizen or legal resident from creating a device that can handle information at different security levels, even TS.

          I wouldn't be so sure about that. Officially, yes, you may by now create a phone that does secure voice encryption without any backdoor or key escrow. Some data-channel apps out there claim to do that. But if you implement such an app on your own, I wouldn't be surprised if somebody had a long talk with you...

          Don't forget that there is the PATRIOT act -- as long as it is in place no US-made encryption device can be considered secure.

          Can you quote the precise piece of the PATRIOT act that deals specifically with this, and that will get the MiB to show to my house if I'm building such a device? I'm not a fan of the act, but I think you are attributing an interpretation to it that simply does not follow even in the paranoid sense.

          • Can you quote the precise piece of the PATRIOT act that deals specifically with this, and that will get the MiB to show to my house if I'm building such a device? I'm not a fan of the act, but I think you are attributing an interpretation to it that simply does not follow even in the paranoid sense.

            *Specific* passages? -- Have you *ever* read any law? There are barely ever any *specific* passages in laws...

            Anyway, Patriot Act Title II, sections 201, 202, 204, 209, 210, 211 are the relevant passages.

            I'm not saying that the issue is crystal-clear or that the "MiB" could use the PATRIOT act to *rightfully and constitutionally* force you to implement a backdoor. I've just said that someone might have a long talk with you as the implementor of a voice encryption device, not that the threats you will hear i

            • Can you quote the precise piece of the PATRIOT act that deals specifically with this, and that will get the MiB to show to my house if I'm building such a device? I'm not a fan of the act, but I think you are attributing an interpretation to it that simply does not follow even in the paranoid sense.

              *Specific* passages? -- Have you *ever* read any law? There are barely ever any *specific* passages in laws...

              Anyway, Patriot Act Title II, sections 201, 202, 204, 209, 210, 211 are the relevant passages.

              Section 201 deals with the government powers for intercepting communication related to terrorism. Section 202 deals with similar powers but in the context of computer fraud. How do section 201 and 202 that prevent me from building a TS-capable communication device? How are these two sections relevant to the discussion at hand?

              Section 204 deals with limitations on communication interceptions (including electronic communication) by a party other than authorized government agencies. This is no way precludes

              • Can you quote the precise piece of the PATRIOT act that deals specifically with this, and that will get the MiB to show to my house if I'm building such a device? I'm not a fan of the act, but I think you are attributing an interpretation to it that simply does not follow even in the paranoid sense.

                *Specific* passages? -- Have you *ever* read any law? There are barely ever any *specific* passages in laws...

                Anyway, Patriot Act Title II, sections 201, 202, 204, 209, 210, 211 are the relevant passages.

                Section 201 deals with the government powers for intercepting communication related to terrorism. Section 202 deals with similar powers but in the context of computer fraud. How do section 201 and 202 that prevent me from building a TS-capable communication device? How are these two sections relevant to the discussion at hand?

                "deals with...." could you be a tad bit more unspecific??

                First: I didn't say anywhere that these sections of the PATRIOT Act prevent you from building a voice encryption device that does not have any backdoor. I said that nowhere. Learn how to read. Really. I said the PATRIOT Act provides all the means to scare developers into implementing such a backdoor (be that ultimately lawful or not) and I wouldn't be surprised if it were used for that purpose. (And nobody might ever know because of so-called gag orde

    • But don't worry; someone will tell you it can be done, and you'll pay them a lot of money, only to realize they lied.

      The NSA employs more mathematicians than any other organization in the world. I don't know you from Adam, but it's still a near-certainty that they have people much smarter than either of us working for them. They often fab their own silicon, build their own hardware, write their own software -- all from the ground up.

      Whether or not this particular project will be a success is an open question -- the NSA is hardly immune to the Dilbert-style failings of any large bureaucracy, and "National Stupidity Agenc

  • by Anonymous Coward on Tuesday September 27, 2011 @08:58AM (#37525912)

    "Secret Internet Protocol Router Network"

      "use is restricted to top-secret level communications"
    This article contradicts it self, SIPR is only up to secret.

  • http://www.gdc4s.com/content/detail.cfm?item=32640fd9-0213-4330-a742-55106fbaff32 [gdc4s.com]

    Looks like a Blackberry, but it's about an inch and a half thick and weighs about a pound.
    Never before have I seen such hatred heaped upon an inanimate object by its user base.

    Wireless, secure, cheap, reliable -- pick two.

  • by kevin_conaway ( 585204 ) on Tuesday September 27, 2011 @09:03AM (#37525954) Homepage
    SIPRNet only allows SECRET information and below. You need to be on JWICS to access Top Secret information.
  • First of all, in order to take classified data out of a secure area, you have to seal it in an approved manner -- triple wrap it, stow it in a lockable opaque container, sign for it, and basically chain it to your body until it reaches its next secure location. That's been the rule in the DoD for over 50 years. Obviously a cell phone, even one with a password, doesn't meet any of these criteria.

    Second, how are you going to access this device while maintaining secure surroundings? Based on the way people

    • First of all, in order to take classified data out of a secure area, you have to seal it in an approved manner -- triple wrap it, stow it in a lockable opaque container, sign for it, and basically chain it to your body until it reaches its next secure location. That's been the rule in the DoD for over 50 years

      You know for Secret level stuff you can simply mail it right? As in regular post office right next to your post card to Aunt Jenny.

    • You are exaggerating just a little. Yes, there are some rather tedious steps involved in removing classified documents from a secure area. But, the procedure you describe would be enforced on things one level above top secret. Mere Top Secret can be shoved into a standard, lockable briefcase, and toted to a car, and driven between bases. The shackles are totally unnecessary. Levels below top secret are handled much more casually, in my experience. Ship's movement schedules, for instance, are routinely

  • "Troy Lange might work for one of the more secretive spy agencies in the United States, but he is happy to talk about his work. He is the NSA's mobility mission manager and he has been tasked with creating a smartphone that is secure enough to allow government personnel who deal with highly sensitive information to take their work on the road. At present, the U.S. Government has secure cellphones, they use the government's Secret Internet Protocol Router Network. The problem is that they can only communicate with other devices that are plugged into the network and their use is restricted to top-secret level communications. Lange wants a smartphone that is inter-operable and presumably trusted to deal with even more sensitive information. Lange said that he wanted to see his secure smartphone reach beyond the NSA – ultimately to reach every 'every employee in the Defense Department, intelligence community and across government.'"

    More sensitive than TS? Maybe the article is poorly referring to handling of less sensitive data at the secret level, or beyond that, configuration of the device to handle (or refuse to handle) information transfer at a particular security clearance according to context (keys, location, clearance at each end point, whatever) as opposed to just TS-level information.

    Or maybe the article is trying (again poorly) to refer to compartmentalization. That is, the device not only has a notion of TS, but also of c

  • And they should name the device the telescreen!!

  • by Anonymous Coward

    governments should not have secrets

  • 1. Create a nation wide LTE network using IPv6.
    2. Use end to end encryption on all devices and only use VOIP for voice.
    3. Allow the rest of the nation to use the network in the same way.
    4. Place highly accurate time bases in all LTE towers so where you have tower overlap you can get extremely precise locations even indoors.
    5. When overlap is not available use the LTE tower in the aGPS mode to provide the ephemeris data almanac as well as improved location based on differential GPS with the LTE tower as a ba

  • So lets say that you have this super secret network smartphone and you had a super secret topic that you wanted to talk about with another super secret person. Where could you have this discussion and should you even be talking out loud? Wouldn't you need to be in a building somewhere that has sound insulation, or some other mechanism to keep your voice from being picked up from some other microphone than the one on your super secret smart phone? Or is it a fancy camera phone and not meant for voice? I

    • Where could you have this discussion and should you even be talking out loud? Wouldn't you need to be in a building somewhere that has sound insulation, or some other mechanism to keep your voice from being picked up from some other microphone than the one on your super secret smart phone?

      That's what the Cone of Silence is for!

    • If they use IM instead, they just have to make sure nobody can see the thumb keyboard or do a TEMPEST-type attack on the phone (easy to shield against, if it's possible at all).

  • Several china manufacturers will gladly make you these phones.

  • Phones get lost and stolen All The Time. Then the bad guy has unfettered physical access to the device. Normally that means Game Over. Suppose they try to make it tamperproof, ignoring the lessons of history. A targeted pickpocket will deliver it into the hands of a national intelligence agency.

    You'd have to have a design that makes local storage impossible, which would make for a very strange smartphone.

    • You'd have to have a design that makes local storage impossible, which would make for a very strange smartphone.

      There's nothing wrong with that if you just need to access some plaintext. The only limitation to remote storage is bandwidth.

  • all is in the title, indeed... capable of working both the normal GSM way and with various levels of encryption...
    Various evolutions and models since then, like for instance
    http://www.thalesgroup.com/Press_Releases/Markets/Security/2011/Thales_launches_Every_Talk,_the_first_ruggedized_high-speed_smartphone_for_security_forces/?pid=15928 [thalesgroup.com]

  • whatever you say about security theater and such, the government does seem serious about securing its own stuff.

  • So what about us normal and decent folks? What options exist for us to end-to-end encrypt calls and messages (at minimum)? Anything open-source out there, that let's you do that?

Keep up the good work! But please don't ask me to help.

Working...