Marketingmobile OSMobilitySecurityWorkspace

RSA 2012: NSA Develops Ultra-Secure Android Smartphone

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined
as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Follow on: Google +

Spooks’ ‘Fishbowl’ smartphone is locked down but made entirely from off-the-shelf components

The US National Security Agency has built an ultra-secure Android device that is built entirely from off-the-shelf components.

The NSA said that they would be sharing some of the technology behind the smartphone, codenamed “Fishbowl”, so that they could adopt some of the ideas used in the system.

There’s an app for that

NSA Employees will be able to make fully encrypted calls using a voice over IP (VoIP) app that routes connections through NSA servers. Speaking at the RSA security conference, the agency’s technical director Margaret Salter said that if workers used commercially available phones they had to “speak in code”.

The NSA has previously advised Google on how to improve its security measures following a Chinese cyber-attack, while its former head has said the US needs to understand the concept of cyber-war.

Apparently 100 Fishbowl phones were being used to test the technology and form part of a wider NSA Mobility Programme that was established in response to “the substantial and justified urgency for delivering mobility solutions that securely provide the rich user experience of commercial technology”.

Delivering locked-down products has been a major priority for the agency as they sought to balance keeping up with the pace of the commercial market with the need for security. The aim was to use off-the-shelf, cheap components, meaning that anyone could emulate the system.

Some of the details of the system would be shared in an effort to encourage security across the industry, but any manufacturer wishing to do so would need to operate its own servers for encrypted VoIP calls. The prospects of this happening are made more likely by the fact that Android is open source software, meaning that much of the source code would be made public.

In December, Twitter announced it was going to make Whisper System’s Android secure text messaging client TextSecure open source, just one month after its acquisition.

How much do you know about smartphones? Take our quiz