NSA Addresses Mobile Security
A national Security Agency (NSA) pilot program aims to model secure classified communications over commercial mobile devices. However, the NSA has found that off-the-shelf products are inconsistent in their implementation of the standards and protocol that NSA requires. The agency would prefer not to have to be tied to one platform, but for the time being, they have no choice.
The standards and protocols exist to provide the security that NSA requires, but they are not being implemented consistently by vendors, Margaret Salter, a technical director in NSA’s Information Assurance Directorate, said Feb. 29 at the RSA Conference.
The agency went shopping with a list of requirements for encryption for the voice channel and for the Session Initiation protocol. “We couldn’t buy one” that met all the requirements, Salter said. “We could pay someone to make it, but that wasn’t the plan.”
- NSA builds own model of Android phone, wants you to do the same (engadget.com)
- NSA Agents Will Make All Their Private Calls with a Fishbowl [Security] (gizmodo.com)
- NSA builds Android phone for top-secret discussions (slashgear.com)