Feeds

GCHQ imposes Whitehall iPhone ban

BlackBerry secures monopoly

Protecting against web application threats using SSL

The image of ministers and their advisors hunched over their BlackBerries is set to become an enduring legacy of the New Labour era, as it's emerged that RIM will maintain its stranglehold on the government smartphone market under the coalition.

A Whitehall iPhone embargo is in place because encryption and electronics experts at the Cheltenham-based eavesdropping agency GCHQ have not so far approved the device for secure official business. Apple-fanciers will have to make do with a BlackBerry.

The effective ban is imposed by the Communications-Electronics Security Group (CESG), GCHQ's most outward-facing unit. Its job is to test the security of communications for all parts of government.

"The only mobile telecoms or personal digital assistant devices that have been issued to Ministers of the Department [of Health] are BlackBerry devices," explained Conservative minister Simon Burns on Monday.

"The Department does not issue Apple iPhones to staff as these are not approved for Government use by the CESG. CESG is the Information Assurance arm of GCHQ which aims to protect and promote the vital interests of the United Kingdom by providing advice and assistance on the security of communications and electronic data."

It's unclear whether CESG has tested the iPhone and found it too insecure, or if Apple simply hasn't sought approval. Neither Cheltenham nor Cupertino is known for openness on such matters.

RIM is meanwhile free to brag about its end-to-end encrypted product and its CESG certification, won in 2006.

Government BlackBerries use Triple DES and Advanced AES for data in transit, and AES to scramble locally stored data. They are assured to communicate official material up to the Restricted level, where a breach is considered undesirable but not damaging to national security.

Not that any phone can be completely immune to security breaches. In 2008 it was reported that an aide to Gordon Brown had his BlackBerry stolen on a visit to Beijing. It is suspected he was the victim of a honeytrap operation by Chinese intelligence after picking up a local woman in a nightclub. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.