Android and Me » android security

First Android phone cleared by Pentagon for government use? The Dell Streak 5

Dustin Earley — Tue, 01 Nov 2011 21:14:58 +0000

This is the kind of news you really can’t (or, should I say, don’t want to) make up. The Defense Information System Agency has just cleared the first ever Android device for use with secure unclassified communications. And it’s none other than the discontinued Dell Streak 5.

Armed with enhanced security features like remote wiping, device lockdown after too many incorrect password input attempts and remote access to “peripherals and security policy levels,” the DISA has been preparing the Dell Streak 5 for this moment for over a year now. Originally chosen in September of 2010, drafts of the Streak’s certification were started this summer.

So why did the government decide the Froyo Android 2.2 powered 5-inch slate was the device for them? According to DefenseSystems.com, the military “likes the form factor.” If government and military personnel are lucky, by this time next year they just might be using something as powerful as the Sidekick 4G. Or Cliq 2.

In all seriousness, it’s nice to see Android devices finally being cleared for government use. Back in the middle of October, it was outed that the NSA is working with Google to create a hardened kernel that would allow Android to be cleared for use with classified communications. The Dell Streak is not a part of that project. The new high security version of Android is expected to launch sometime next year. Until then, government workers, “Dude, you’re getting a Dell.”

Google teams up with the government to tackle BlackBerry security

Dustin Earley — Thu, 13 Oct 2011 20:31:10 +0000

Research In Motion and BlackBerry have long been considered the undisputed kings of mobile security. BlackBerrys are the go-to devices for the government when it comes to classified communication. If Google has any say in the matter, however, it won’t be that way forever. Google wants to take Android security to the next level, making it the default platform for government and military use.

Google, along with George Mason University, is working very closely with the NSA to develop a top level security certified version of Android. A “hardened” kernel has already been developed and is being tested for its Federal Information Processing Standard 104-2 certification. Eventually, Android will have a higher security clearance than BlackBerry.

The Army, Justice Department, White House and FBI have all shown interest in using the new high security Android in both tablets and phones. The government is looking to push communications away from radios and towards smartphones. According to Michael McCarthy, operations director of the Army’s Brigade Modernization Command’s Mission Command Complex, the move from radios to phones is “potentially a multi-billion dollar effort.” Android will be a huge part of that.

With the pace at which things are currently going, the highly secure version of Android should be available by 2012. Android devices could be deployed as soon as late March of next year.

Biggest Android usage study researching smartphone habits – are you in?

Edgar Cervantes — Fri, 17 Jun 2011 18:51:55 +0000

One of the best things about Android is the sense of community among its users. We’re sharing locations with each other, updating our status in social networks and messaging each other all day long. The sense of community doesn’t end there, though. How many times have you taken time to help a fellow Android user? Whether it’s for simple things like recommending an app or spending hours trying to root a device, I’ve noticed we’re always there for each other. Just how far are you willing to go for the Android community, though? Would you be willing to share all your smartphone habits for Android usage research?

This is exactly what PhD student Daniel Wagner at the University of Cambridge (UK) is doing, and anyone with an Android device can be part of this research. Upon becoming part of this project, the participant would consent to share information about device usage with the University. This information goes quite deep. It includes data like how often the phone is charged, quantity and length of calls/texts, which applications are being used, which networks the device is connected to, usage of WiFi and bluetooth and even the device’s settings.

These are only some of the things the University would have access to. Imagine what else they could find out. Android smartphones are not only powerful, but they hold powerful information. I personally have credit card information, access to all my networks, schedules, calendar info, etc. Needless to say, I’m very careful about who I allow to access my device. In a world of hackers, stalkers and “e-thieves,” many Android users hesitate to even share their location with Google. Is the University of Cambridge doing anything to keep people safe?

We know we can’t provide the participants with a guarantee of anonymity, however we do remove strongly identifying data before publicly releasing it, and we are giving participants information about what we collect and the means to opt-out retroactively. If the data collection concerns or worries you, it is easy to have your data removed permanently.Dr. Alastair BeresfordUniversity of Cambridge

As Dr. Beresford mentions, you’re not exactly imprisoned with the research after you agree to give them your information. In an effort to make participants more comfortable, the University gives them the option to opt out if they feel like surrendering certain data could be harmful in any way. Users have continuous access to all the data the University is recording, and no information is made public until after 3 months’ participating in the research. Before this 3-month deadline, one can simply opt out of the study. All private data would then be removed, along with any record of participation.

What do participants gain from this? There’s no immediate satisfaction, but this study will be made available to everyone at no price. Manufacturers could take this data into consideration when making your next favorite device. Such information would help manufacturers optimize device performance and battery life, based on the way we use smartphones as a whole. Aside from helping the Android community, participants could also improve their device management, as they would be able to access this information at any time. This aids in improving your own battery life, which is a big issue in the Android universe as we all know.

Currently, there are more than one thousand people participating in this study–comparatively few when you consider how many Android devices are being activated daily (about 400,000). Regardless, it’s good to see Android studies are now starting to show up, as they can substantially improve future devices. If you trust the University of Cambridge with your information, sign up at http://deviceanalyzer.cl.cam.ac.uk and become part of this research. Anyone out there willing to get in on the action? Would you guys be comfortable sharing your private info with university students?

Vote BioWallet To Bring Biometric Security To Android

Taylor Wimberly — Mon, 06 Apr 2009 20:23:25 +0000

The first Android Developers Challenge was the birthplace for some of the most popular applications in the Market. One of the finalist that caught my eye was BioWallet. It was a biometric security app that protected your information with iris and handwriting recognition.

I had been eagerly waiting for this innovative software to be released when I received the following note today. It appears the developers are having difficulty bringing their original idea to the Android platform and are in search of more funding. They are currently entered in the BBVA Open Talent contest and have asked for our help in reaching the next round of competition.

We know many of you have been eagerly waiting to see BioWallet in the Android Market, but we are still facing some serious development issues that are making the BioWallet release quite difficult. Iris recognition with a mobile device is a complex task and the Android platform is not making things easier because it is not well suited for this kind of application. Right now, our main handicaps are (without getting too technical):

Dalvik (Android Virtual Machine) imposes a memory limit for applications that is too low (16 MB) for many of the image processing operations we have to perform in order to recognize an iris.

Dalvik is an interpreted virtual machine and that causes a poor performance for CPU-intensive operations like iris recognition.

The only Android phone in the market so far (HTC Dream / T-Mobile G1) doesn’t have an outstanding camera. The resolution is enough (3.1 Mpx) but the auto-focus feature doesn’t work well with short distances, it lacks a macro mode and the picture quality with low lighting is quite poor.

We are working hard to solve these problems, but BioWallet is not our main job and we can only develop it in our “free” time (nights, weekends, holidays…). In addition, we have to balance it with other personal and professional projects, so please bear with us.

These days we are trying to get some funding from the Spanish bank BBVA to keep the development active. You can help us just clicking the button “Votar” (Vote) in the BBVA OpenTalent section in our web page or theOpenTalent site (Spanish).

Last but not least, we really want to thank you for your support. Seriously, that means a lot for us and gives us a reason to push ourselves hard and get BioWallet ready soon.

Cheers,

BioWallet Team

If you would like to show your support and help this Android developer, please visit the official BioWallet or BBVA sites and place your Votar (vote). BioWallet also has a poll on their site asking what other biometric methods you would like to use for security. Videos are also available if you would like to see a demonstration of the application.

[Thanks to Roy for the tip.]