The question of whether to truly shift governance and military operational need to mobile devices that were developed for consumers is an issue that is ever present in the budget conversations and strategic planning of government agencies.
In part 1, we went through an analysis of Apple’s iOS. Here in Part 2, we’re going to analyze Google’s Android operating system. Since it was initially released in 2008, it has taken the mobile world by storm, appearing on dozens of devices and now achieving nearly 48% market share of the smartphone market. Android differs from iOS in that has been developed as an open source operating system – meaning Google has released the source code to the world and anyone is free to pour over it, look for security flaws and develop it further.
Just like Apple’s iOS, Android has proven itself a very capable operating system for increasing user productivity, but is it secure enough for the government and/or military to adopt it?
Lets first rehash the basics of mobile security and then do a deep dive on the Android OS.
The Basics of Mobile Security
There are five pillars to securing a mobile operating system:
- Traditional Access Control – Protecting devices that have fallen into the wrong hands with methods such as passwords and locking when idle.
- Application Provenance – Each application on the device is stamped with unique author data, making it more difficult for hackers to alter code of existing applications for malicious purposes.
- Encryption – This protects data stored on the device from being decipherable should it be accessed by a hacker. Remote-wipe functionality is also included in this pillar.
- Isolation – Each application is basically on its own little island and they cannot interact with each other, preventing one malware infested application from spreading it’s virus to others and eventually infecting the ones that hold sensitive data.
- Permissions-based access control – Each application is issued a set of “permissions” for what it can and cannot access regarding the devices data.
Is Android Secure?
By nature, because Android is an open source OS, it’s security profile benefits from the millions of eyes that have been able to evaluate it. By comparison, iOS is tightly controlled by Apple so only Apple’s engineers and specialized security consultants are able to evaluate its source code for vulnerabilities. Perhaps as a result of the added attention from being open source, Android has thus far had a very good track record when it comes to security. Only twelve major security flaws have ever been discovered and they have all been patched quickly.
When looking at the pillars of security, Android stacks up differently than iOS. The first versions of Android had more rudimentary forms of traditional access control, but that are has now been shored up in later releases of the OS putting it on par with iOS. Android’s isolation is even more severe than iOS because of the architecture of the operating system. Within Android, apps are not only isolated from other apps, but they are also isolated from accessing or modifying the operating system kernel.
There are some exceptions to this though. Apps are able to access a list of what other apps are present on the device, they may read all the contents of the user’s SD flash card and they may launch other applications on the device. These are not liabilities unless the SD flash card on the device stores sensitive data or if there are proprietary and/or classified apps that the government wants to remain secret. Theoretically, a security breach could consist of a simple list of the apps a specific Army unit is harnessing. The good news is all of these permissions could be disallowed in a government-specific iteration of Android.
Unlike iOS, Android relies heavily on permissions based access control to put users in control of their own data security. If operated properly, this system allows for very robust data security as every single app requests the user to set permissions individually. However, there is great potential for security breach as malicious apps can send permissions requests to the user and often the user grants wide access permissions because they either don’t realize they are dealing with a malicious app or have a habit of always granting apps far-reaching access. This could be a big hurdle for government implementation. Government and military personnel would need to be trained explicitly on how to handle permissions requests from unfamiliar apps. While it is conceivable that very specialized personnel could be trained to report these types of security threats 100 percent of the time, it is hard to image a large portion of the civilian government workforce upholding these type of security protocols uniformly and accurately.
Android’s application provenance is much weaker than Apple’s and consequently this aspect of Android’s security is weaker than iOS’. Android handles application provenance by requiring app developers to digitally signed their completed apps with a digital certificate the same way that Apple does, but the key difference is that developers must go through a lengthy application process with Apple to get the digital certificate necessary to “digitally sign” their app to achieve application provenance. Conversely, Android app developers can create their own digital certificates and are not required to go through any application process with Google where their credentials can be vetted. In fact, Android app developers can even digitally sign apps under fake names and companies creating a potentially dangerous security loophole in Android’s application provenance system that would allow a malware developer to create malicious apps anonymously, greatly increasing the difficulty in tracking down such a hacker that poses a cyber threat to government data.
Implications for Government Adoption
There could definitely be some security implications if the government wishes to implement Google’s Android operating system into its existing network structure. While there are several ways in which Anroid’s security can be compromised, the government and its cybersecurity teams would benefit from the open source nature of Android. Once a threat is realized it could be patched very, very quickly. That isn’t to say that Apple wouldn’t patch iOS much more quickly for the government than it does for consumers, but its something worth noting.
The structural nature of Androids security protocols – especially that Android relies so heavily on permissions-based access control – could place the government employee in a critical role as gatekeeper and identifier of security threats, something that the government likely would not be comfortable with. In many ways, while this system keeps the consumer focused Android OS from being a popular target of hackers that want the most bang for their buck when it comes to malicious development, it also presents very real challenges for a government entity that wishes to harness the productivity gains of such a multi-talented OS without leaving security settings in the hands of the user.
Ultimately, it’s likely that this conflict of interest will push the government to adopt iOS devices sooner than they adopt Android devices.
Pingback: iOS v. Android - Is Either Ready for Government Primetime? Part 1 | The Contracting Post