In announcement issued Friday morning, the agency said it has granted iOS devices running iOS 6 FIPS 140-2 certification and STIG approval, granting them the same security clearances it issued to BlackBerry and Samsung last week. A crucial endorsement, and one that should open the door to lucrative contracts from customers in highly regulated industries like healthcare and finance.

Certainly, Apple views it that way and used DOD’s announcement to plug the inroads its iOS devices have been making in enterprise lately.

“With iPhone and iPad being tested or deployed in almost every Fortune 500 company, Apple continues to scale across enterprise with nearly 30,000 companies globally developing and distributing iOS apps for corporate use by their employees,” Apple spokeswoman Trudy Muller told AllThingsD. “The FIPS 140-2 certification and STIG approval demonstrate our ongoing commitment to deliver a secure platform to our enterprise and government customers around the world who deploy iOS devices on their networks.”

Read the rest of this article on the original site »

Late Thursday, the U.S. Department of Defense granted security approvals to BlackBerry’s new BlackBerry 10 devices — the Z10 and Q10 — and to a version of Samsung’s Galaxy S4 that’s outfitted with Knox, the company’s new security software.

Though DOD approval won’t result in immediate product orders for either company, it does clear the way for orders to be placed in the future. Good news, since the Pentagon currently has some 600,000 mobile device users. More important, however, are the implications of the agency’s endorsement.

Certification by the Pentagon is the gold standard in mobile device security. And it opens the door to all sorts of lucrative contracts from government customers and those from highly regulated industries like healthcare and finance.

So, truly a significant milestone for BlackBerry and Samsung, which, with Knox, has just fielded the very first approved-for-DOD-use Android-powered device. But not for Apple. It, too, is seeking security clearance for iOS 6. But the Pentagon has yet to grant it, though it is expected to later this month.

The Department of Defense is expected in coming weeks to grant two separate, security approvals for Samsung’s Galaxy smartphones, along with iPhones and iPads running Apple’s latest operating system, according to people familiar with the matter — moves that would boost the number of U.S. government agencies allowed to use those devices.

Read the rest of this post on the original site »

In February of 2014, the Pentagon will broadly open its networks to iPhones and iPads and smartphones and tablets running Google’s Android OS. Rather than issue its employees the same device, the agency wants to offer them a choice of devices. “We’re going to be device agnostic,” Air Force Maj. Gen. Robert Wheeler, the Pentagon’s deputy chief information officer, said during a press conference Tuesday, adding that this does not mean the Pentagon is embracing a “Bring Your Own Device” plan.

Rather, the DoD is going multi-vendor and offering any company that can meet its stringent security guidelines the chance to compete for what are surely some very lucrative contracts.

That’s bad news for BlackBerry, of course. The company is by far the Pentagon’s biggest supplier of smartphones. Of the 600,000-plus mobile devices in use by the agency, 470,000 are BlackBerrys. That could begin to change next year when the new policy goes into effect. Certainly, it seems likely to usher in a new era of competition for the Pentagon’s business — which is not to say BlackBerry will lose the traction it has established with the DoD, just that it’s going to have to fight a lot harder to retain it.

The renewed emphasis on building up cyberwarfare capabilities comes even as other defense programs have been trimmed. Along with unmanned aircraft and special operations, cyberwarfare is among the newer, more high-tech and often more secretive capabilities favored by the Pentagon’s current leadership.

Read the rest of this post on the original site »

To wit, the U.S. Department of Defense has approved RIM’s BlackBerry 7 devices for agency-wide use. Vetted by the U.S. Army and Defense Information Systems Agency (DISA), the BlackBerry Bold 9900 and 9930; BlackBerry Torch 9810; BlackBerry Torch 9850 and 9860; and the BlackBerry Curve 9360 have all been certified for use by U.S. Army and other Defense Department personnel.

Welcome news for DoD employees who’ve been stuck using an older, slower version of the OS, and great news for RIM, which has won a renewed vote of confidence from what must certainly be its single largest customer. According to the DoD’s fiscal 2013 budget, it currently has about 250,000 BlackBerrys in use (along with “5,000 Apple iOS pilot systems” and “3,000 Android pilot systems”). So having its BlackBerry 7 portfolio approved for use across the department is a lucrative win indeed — especially if it paves the way for deployment of BlackBerry 10 at some point in the future.

At a meeting in Washington, the Senate Armed Services Subcommittee on Emerging Threats and Capabilities heard testimony from experts that, essentially summarized, goes like this: The attackers already have access to the systems, so rather than try to lock them out, it’s now a matter of managing them, now that they’re in. Just as in the real world, spies are going to get into the country whether you want them to or not. So, knowing that they’re there, it makes more sense to make their day-to-day spying activities as difficult and costly as you can. DOD security practices currently focus on trying to keep intruders out.

“I think we have to go to a model where we assume that the adversary is in our networks,” James Peery, director of the Information Systems Analysis Center at the Sandia National Lab, told legislators, as reported by Threatpost, a blog produced by security firm Kaspersky Labs. “They’re on our machines, and we’ve got to operate anyway. We have to protect the data anyway.”

The hearing echoed some things we’ve been hearing on the security front from the likes of Art Coviello, the EMC vice president and former CEO of RSA Security, who spoke to AllThingsD recently.

Current practice calls for perimeter-based defenses that aim to put a defensive ring around a network to keep intruders out. That thinking is out of date and in need of a significant rethink, the panelists said. It should be noted that most of the agencies represented at the hearing were doing what government executives usually do when they go before the U.S. Senate: Jockeying for more funding.

That is, except for one agency: Michael Wertheimer, director of research and development at the super-secret National Security Agency (NSA), an agency whose budget is classified to begin with, said that current levels are sufficient, but that money needs to be spent more wisely. Then again, the NSA just built a massive data center in the Utah desert, which didn’t exactly come cheap.

You can watch a video of the 81-minute hearing here.

In its latest Security Technical Implementation Guide (STIG), the Pentagon okayed Android 2.2 for use on Defense Department computer networks, but with a number of caveats and limitations.

First, Pentagon approval doesn’t extend to all devices running Android 2.2. In truth, it covers just one: Dell’s Venue smartphone (it would have covered the Streak tablet, as well, had the company not binned it). Second, classified information cannot be transmitted to or from it. Third, any Web browsing done on the device must be conducted via a DOD proxy server. And finally, access to Android Market has been restricted.

So, if you’re a DOD employee hoping to kill some off-hours time with a game or two of Modern Combat on your work-issued Venue, you’re out of luck. And if you happen to own a different-model Android phone, you have no hope of getting it on the DOD’s network — for now, anyway. Devices manufactured by HTC, Motorola, et al, aren’t covered by the STIG.

So, as I said, this isn’t much of a step forward for Android, though it’s a step just the same. One version of the OS is now okay for use by DOD employees, which is more than you can say for Apple’s iOS operating system, which has, so far, been approved only for testing and pilot projects.

Although it could be a decade old or a mock-up, the 10-second segment—part of a longer report on cybersecurity—appears to be a rare example of an official source contradicting China’a repeated assertions that it doesn’t engage in cyberattacks, according to Andrew Erickson and Gabe Collins of the China SignPost analytical service, which specializes in military matters.

The slightest suggestion that the Chinese military has attacked U.S. websites is highly sensitive, especially since the Pentagon published a new cyberstrategy in July that laid the ground for the U.S. to potentially respond with traditional military force to crippling cyberattacks from abroad.

Read the rest of this post on the original site »

The Pentagon’s new strategy for threats from computer hackers primarily deals with enhancing the defense of its computer systems and those of its military contractors. But Marine Gen. James Cartwright, vice chairman of the Joint Chiefs of Staff, said that policy is just a start. He said that over the next decade the military would move beyond building better firewalls and make clear to adversaries that they will pay a price for serious cyberattacks.

“There is no penalty to attacking us now. We have to figure out a way to change that,” Gen. Cartwright said.

Read the rest of this post on the original site »

The latest batch of disclosure reports for lobbying expenditures during the third quarter have been released, and the Associated Press has been doing the yeoman’s work of moving a batch of short stories summarizing the facts contained in these disclosures. I noticed several focused on tech companies, and I thought I’d summarize the summaries, with a few highlights.

Verizon spent $3.83 million lobbying on several issues, including taxes and texting while driving, at numerous branches of the federal government, including the White House, Congress, the Internal Revenue Service and the Federal Trade Commission. It spent $2.96 million in the same period a year ago.

AT&T spent $3.47 million, up from $3.18 million a year ago. Its agenda items included legislation on calling cards, broadband buildouts and distracted driving.

Hewlett-Packard spent $1.6 million–nearly double the $970,000 it spent in the third quarter of last year–chatting with members of Congress and officials at the Department of Justice and the Commerce Department about taxes, immigration and how government agencies use technology in the areas of health care and law enforcement.

Microsoft spent $1.63 million, an increase from $1.49 million a year ago. It visited Congress, the Pentagon and the Departments of Commerce and Homeland Security to talk about computer security, how the government buys software and the competitive state of online advertising. It also lobbied the Federal Communications Commission on net neutrality.

Oracle spent $1.6 million, up from $1.3 million, lobbying Congress, the Pentagon and the Department of Homeland Security on patent litigation and the government’s technology spending plans.

Google spent $1.2 million in the third quarter (which TechCrunch noted in October following a press release by Consumer Watchdog), an increase from $1.08 million in the same period a year ago.

IBM spent $1 million, up from $850,000 a year ago, talking about transportation, the power grid, funding for research and the military, on visits to Congress and the Departments of Transportation, Defense, and Health and Human Services.

Intel spent $830,000, which is notable because the amount decreased from $1.1 million a year ago. Intel was the target of both a private antitrust lawsuit from rival Advanced Micro Devices and a government antitrust investigation by the Federal Trade Commission, both of which were intensifying in the fall. Both cases have since been settled. Its efforts were in immigration, government research funding and issues related to trademarks and education.

Yahoo spent $540,000, up from $510,000 a year ago.

Apple, easily the most influential company in consumer technology today, spent relatively little on lobbying efforts: Only $340,000.

Facebook spent $120,000.

For a little more on what companies spend on lobbying efforts in Washington, it’s always enlightening to peruse the database maintained by the Center for Responsive Politics, which tracks not only lobbying expenditures but campaign contributions.

As you can see, the CRP shows that, among computer and Internet companies, Microsoft was the leading lobbying spender for the first nine months of the year. The wireless industry’s trade association, the CTIA, led the pack in the telephone equipment and services category, spending more than $6 million. Meanwhile, Verizon and AT&T each spent more than $12 million.

The plan announced Monday also provides for quickly “surging” large numbers of CIA officers to hot spots around the globe such as the tribal areas of Pakistan or East Africa. Past agency plans haven’t provided for such war-time demands.

The moves reflect an effort to bolster agency operations and analysis without causing too much disruption, CIA veterans said. Although historically there has been tension between the CIA and the Pentagon, this plan aligns the two agencies’ priorities, the veterans said.

Read the rest of this post on the original site

Digital Daily’s John Paczkowski was among the thousands who bought an iPhone last Friday–we are hooked on handhelds here at AllThingsD.com. And then he waited. And waited. Not that he wasn’t eager to begin using his new device (reviewed here by Walt Mossberg and Katherine Boehret). He was simply one of the many unhappy iPhonatics who ran up against an overwhelmed AT&T activation system, which left him unable to make the most of his brand-new gadget for more than 40 hours. You can read his tale of woe or watch his video, which is available below as well.

Today in Digital Daily, John also notes the bizarre (if not goofy) Pentagon project to develop a nonlethal bullet that would release laughing gas. Seriously.

And on the subject of ill-considered ideas, he takes Google’s Health Advertising Blog to task for reviewing, of all movies, Michael Moore’s “Sicko,” which is highly critical of the U.S. health-care system, and of encouraging the health-care industry to counter the negative publicity by running–what else?–ads on Google.

Posted by Associate Editor John Sullivan.

From its Joint Non-Lethal Weapons Directorate comes word of a 2002 project to develop a nonlethal bullet with a laughing-gas payload. “The design of these bullets includes tailored explosives and propellants and a booster/projectile design with miniaturized mechanical components, where the energetic part or booster drops off on emergence from the gun, and a soft nose persists in its trajectory with high kinetic energy to impinge on the target with a strong blow or punch effect,” explains the 2002 proposal. “The nose can be automatically deflated on target impingement, releasing malodorants, irritants, laughing gas or other chemical agents. Essentially this nonlethal weapon will allow the military to ‘punch,’ slap and hit an individual repetitively from a distance and in a manner [that] provides no injuries.”

You’d think we had seen the pinnacle of Dr. Strangelove-style military schemes with “Who Me”–a material that produced a fecal odor with which its creators hoped to make enemy combatants a laughingstock.

I guess not. Next thing you know, they’ll be drawing up plans to
keep plutonium land mines warm and operative with a flock of chickens …