Invincea’s work on the Android operating system, dubbed ‘Mobile Armour’, is being driven by government and military requirements; but is expected to feed eventually into the commercial and consumer markets. “The investment by DARPA and the U.S. Army in the Mobile Armour project,” explained Anup Ghosh, founder and CEO of Invincea, “demonstrates the critical need for secure mobility. As government departments and agencies across the civilian and defense sectors shift their focus towards the use of mobile applications for executing their missions, they must be able to trust that these platforms are secure.”
This requirement is, in reality, no different to the needs of general commerce: it is ‘national security’ rather than just commercial security. It is the same basic threats that have been attacking both military and private desktops for years now moving to the smartphone. The security route being taken by Invincea is to enforce whitelisting; that is, to allow only known and approved apps to run on the devices; and to focus defense on any exploits that can attack those apps.
But other and essential areas, and again things that will equally appeal to corporations and consumers, are to protect data stored on the devices, and to avoid remote tracking. Soldiers do get captured by the enemy, so any data on any devices carried must be secure. And secret patrols do not want to give away their location via their mobile devices.
At first sight, the Android might appear a strange choice for a secure system. It is generally considered to be the least secure of the mobile devices. However, the lack of security is caused by its open nature; and it is that openness that is attractive. “Without wishing to comment on the [government] motives for anything, the choice of Android as a base OS for creating a hardened device seems obvious,” Rik Ferguson, director of security research at Trend Micro told Infosecurity. “The Android OS is open source, meaning that developers are able to create, change and tweak the base code as much as they like. This is not the case with any of the other major mobile OSes.”
While there are moves for other open mobile systems for the future, from Mozilla and Linux for example, the military clearly needs something now. Several thousand early versions of Mobile Armour are already being ‘field tested’ by US military in Afghanistan.