Feeds

Unrootable: Mash these bits together to get a CLASSIFIED spyphone

Someone kind of already has - but who?

Intelligent flash storage arrays

Sysadmin blog What does it take to build a classified smartphone? Demand clearly exists Given how readily every iPhone and Android device is rooted, infected, and otherwise compromised, the answer isn't simply "better software." In the battle to secure our mobile endpoints, operating system tricks and mobile device management will only take us so far.

To build a powerful, capable smartphone that can be trusted with classified documents, but used by personnel in the field takes the perfect marriage of hardware, software and expertise. To start with, we obviously need sealed storage – nothing on or off that device unless both the hardware and the software agree that this is allowed. Memory curtaining is also vital; technologies like Intel's TXT enable segmentation of system memory such that not even the OS can see all of it.

Signed everything will be part of our classified smartphones – the bootloader, the OS, every single app, patch, and the communications. In some cases, you can let local hardware like Intel's Trusted Platform Module handle verification of signatures for items like the bootloader. In others you need to use hardware and software to do remote attestation: verifying a package (or communication) is allowed against a centrally controlled authority.

This classified smartphone needs to be able to encrypt not only every bit of data on the device, but every bit of data shuffled off of it. It may even need to secure every screen displayed. Storage encryption is old hat. Secure communications is harder, but doable. Encrypting display output, meanwhile, is even trickier – we're probably headed into the realm of wearable communications there, with headsets that verify the iris prints of the user. We've been a while getting there, but these technologies are now all doable in the real world, not just the lab.

On the software side, a classified smartphone can't rely on post-event detection. It needs to prevent data compromise before it happens. Packets or phone calls can't go "anywhere by default". They go to whitelisted destinations only, or get forwarded through a centralised IDS with the knobs turned to 11. The phone should have heuristic software looking for deviations from expected operation. In a "classified smartphone", the hardware and software are not only known, they're signed.

This is Trusted Computing Group's Trusted Computing (TC) taken to its logical conclusion. The main complaints about TC to date have been the lack of control the end user has over their device combined with privacy and even ethical concerns regarding the creation and adoption of such technologies. Classified systems users are not expected to have control over their systems nor are their interactions with said classified systems expected to contain any form of privacy whatsoever.

This is what the acquisition of McAfee by Intel was all about. This is why Intel feels there is a market for Medfield-descendant phones, despite them offering nothing obvious beyond compatibility issues to those who adopt them. This is part of the reason Intel keeps its fingers in Tizen, and why it tried repeatedly at all those predecessors.

Let's not forget Wind River, either. It might seem reaching to drag that acquisition into my prognosticating, but the talent and expertise within Wind River would certainly lend itself nicely to a classified Smartphone project.

Intel has a combination of talent and the technologies that nobody else on Earth can match. Sources within Intel tell me the firm is preparing to broach the "classified smartphone" topic in a big way; paving the road for porting its significant investment in TC technologies into the mobile sphere. If this is true - and I suspect we'll know very soon - Intel will become one of the biggest players in mobile overnight. Classified smartphones, tablets and even Ultrabooks would be the only viable choice for billions of units shipped each year into government, military and high-security corporate markets.

Intel's mobile strategy has seemed chaotic (at best) for years. It seems now that they were merely biding their time and they are ready to make their play.

Mobile is just the beginning. Systems like this could power a new generation of "smart radios;" extended functionality radios for the military, emergency services or civilian uses. They could power unmanned aerial vehicles, your self-driving car or your high-end eco-friendly smart-meter-enabled home appliances. So what does it take to make a classified smartphone? The first ingredient is Intel Inside. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Don't wait for that big iPad, order a NEXUS 9 instead, industry little bird says
Google said to debut next big slab, Android L ahead of Apple event
Netscape Navigator - the browser that started it all - turns 20
It was 20 years ago today, Marc Andreeesen taught the band to play
A drone of one's own: Reg buyers' guide for UAV fanciers
Hardware: Check. Software: Huh? Licence: Licence...?
Jaguar Sportbrake: The chicken tikka masala of van-sized posh cars
Indian-owned Jag's latest offering curries favour with us
The Apple launch AS IT HAPPENED: Totally SERIOUS coverage, not for haters
Fandroids, Windows Phone fringe-oids – you wouldn't understand
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
Here's your chance to buy an ancient, working APPLE ONE
Warning: Likely to cost a lot even for a Mac
Xiaomi boss snaps back at Jony Ive's iPhone rival 'theft' swipe
I'll have a handset delivered. Judge us after you try us...
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.