NSA Develops New, Super-Secure Android Phone

The U.S. National Security Agency (NSA) released the specifications for a new, super-secure smartphone for use by government officials and based on Google’s widely-used Android operating system, inviting the public to make use of its research.

The U.S. National Security Agency (NSA) released the specifications for a new, super-secure smartphone for use by government officials and based on Google’s widely-used Android operating system, inviting the public to make use of its research.

The intelligence agency produced a limited run of about 100 phones as part of Project Fishbowl, and has distributed to government employees who needed to be able to discuss top secret information, according to SC Magazine Australia.

The phones were developed with help from the Information Assurance Directorate (IAD), a division of the agency that helps protect the US Government’s communications and IT systems. The NSA used commercial ‘off-the-shelf’ technologies and published its specifications (.PDF) for the phone, according to IAD’s head, Margaret Salter who spoke about the device at the RSA Conference in San Francisco this week.

Among the Fishbowl Phone’s security features is two-fold encryption using Internet Protocol Security (IPsec) and Secure Real-time Transport Protocol (SRTP) and is based on layered security.

“Layers of commercial encryption, hardening of devices, Government provisioning (including keys and certificates), boundary protection (again layered), and controls within unclassified access networks all contribute to the overall security,” reads one part of the NSA report.

NSA Android

The Android-based phones also support the use of NSA-sanctioned apps, including a “police app” to log the phone’s activity and a custom VoIP application. When users make a call, the call goes through the VoIP app that ships the data off to a server with the NSA where it’s verified, logged and re-encrypted.

The phone is just the beginning of the NSA’s Mobility Program, an effort the agency launched to develop security-conscious communication technologies using commercial “off-the-shelf” components.

Android is one of the most widely used smartphone operating systems. But Google’s hands-off approach to the security of its Android Market, and the balkanized market for Android phones has led to security headaches. Android malware increased by 472 percent in the second half of 2011, and reports of Android based botnets have already surfaced. In February, Google announced that it would begin doing automated security assessments for applications on the Android market and remove applications it finds in violation of its terms of service.

Suggested articles

Discussion

  • Anonymous on

    shoulda used apple

  • Anonymous on

    Not an option. They need to add things into it for security purposes - Apple wouldn't give them the code to do that with, nor let them run it on their pristine hardware. There's a reason NSA is so active with Linux in general - because they can add their stuff into the open-source codebase. This illustrates the advantages of open source - if it's not secure enough for someone, they can add in what they want to get it there.
  • Anonymous on

    lolKetz

  • Anonymous on

    Thank you Captain Jackass. Just because the common threatpost reader doesn't need the explanation doesn't mean people who think NSA "should have used Apple" don't. Knowledge is there to be shared, not reserved to the "in the know" community.

  • Anonymous on

    The apple fangirl needed the smackdown...the reply was well-done and extremely tactful.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.