Back in mid-January, I posted a note here about the release of Security Enhanced Android [SEAndroid] by the US National Security Agency [NSA]. SEAndroid is, essentially, a set of modifications to the open-source Android operating system to enhance its security. (The NSA has had a similarly enhanced version of Linux, SELinux, for some time.) The release was in line with the NSA’s expressed interest in pursuing improvements in security for mobile devices.
Technology Review has a report that the NSA has introduced a new, highly-secure Android phone (called “Fishbowl”) at the RSA Security Conference, which has just taken place in San Francisco. (The Australian publication, SC Magazine, also has an article on the phone.)
The US National Security Agency has modified Google’s Android operating system to create smart phones that use powerful encryption to protect every call.
The phone and supporting systems, developed by the NSA’s Information Assurance Directorate using off-the-shelf components, uses a VoIP application to route encrypted conversations via NSA servers. It is intended to be sufficiently secure to allow discussion of material classified as Top Secret. The NSA says about 100 phones have been issued to government employees to test the new system.
The agency has also indicated that it wants other phone vendors to consider incorporating some of Fishbowl’s features in their products.
Another high up NSA official said yesterday that finding ways to secure smart phones and tablets was a major priority for the agency and that some details would be shared to encourage private companies to make all mobile devices more secure.
The NSA has released a preliminary specification (“Mobility Capability Package”) of the Fishbowl system, as a stimulus for further discussion and development.