A View from Tom Simonite
The NSA Builds a Super-secure Android Device
The prototypes, code-named “Fishbowl”, make encrypted calls, and may be emulated by handset manufacturers.
The US National Security Agency has modified Google’s Android operating system to create smart phones that use powerful encryption to protect every call. The “Fishbowl” devices were announced today at the RSA security conference in San Francisco by Margaret Salter, the agency’s Technical Director, who said she hoped to encourage companies to adopt some of ideas used in the system.
Such was the interest in the NSA’s presentation that this reporter – and most others – weren’t able to gain access to the room where the demo was held. Australian IT publication SC Magazine did, though, reporting that Salter said 100 Fishbowl phones are being used to test the new technology. The Fishbowl phones allow fully encrypted calls that can be used to discuss the most classified information. Commercially available phones would require NSA employees to “speak in code”, SC say.
The NSA has made rough specifications of the system available online. They show that Fishbowl phones make calls using a Skype-style VOIP app that routes connections through NSA servers.
Another high up NSA official said yesterday that finding ways to secure smart phones and tablets was a major priority for the agency and that some details would be shared to encourage private companies to make all mobile devices more secure. A company wishing to emulate the Fishbowl approach would need to operate its own servers to route encrypted calls between phones running VOIP apps.
Android is open source software, so it may be that the source code to some modifications made by the NSA will be made public. The size of the government, and business, markets for mobile devices – still dominated by RIM’s BlackBerry devices – make it plausible that companies that manufacture Android phones will develop and sell Fishbowl-style devices of their own.