Sunday, November 25, 2012 - 23:43

Consumer level communication devices and risk management in government agencies.

I read an interesting article a while ago talking about the NSA's problems dealing with demand for consumer level devices. Read iPhone, iPad, BB and the likes. Some maybe remember the discussion about Obama's love for his Blackberry and that he apparently would defend it to the death.

It is understandable that someone wants to use what he knows. And military grade or more broadly special purpose equipment isn't known for fancy design or ease if use. They are usually easy to operate once you got to it. It's a design goal most of the time. But it's very different from consumer products and most people don't like to adapt to that.

The president is getting his daily intelligence briefing on an iPad. Ten years ago we wouldn’t have done that, but that’s what the president wants, so that’s what he gets.

That statement is disturbing and the typical 'high ranking guy' problem. He is the president but that doesn't mean he gets what he wants. He doesn't get a Porsche or a cabriolet if he demands it. He doesn't get his personal space shuttle if he wants one. So why the hell does he get an iPad?

The iPad is stripped down and castrated on the network part. Apparently it's more of an e-book reader in that configuration.

Phones however are networked. And consumer products premier task is not security. They will happily sacrifice security for ease of use or even design. Security doesn't sell with most people and most people don't require this level of security with their communication. You can put an iPhone on the leash as you can with a Blackberry. It however remains the same beast.

A good strategy always includes the option of failure to various degrees. That however doesn't mean you have to start with the worst possible basis and try to fix around it. If people get the tools they want - instead of those they need - they will lose their stupid laptops and iPhones. And for reasons beyond me these often aren't encrypted. Probably because it's too hard to remember the fucking password.

You can pull a torx with a slotted screwdriver of a suitable size...most of the time. But you will most likely damage it. It's a very similar tool but not quite the same.

This is not their private phone, pad or computer. It's a tool they need for their work. And they need to figure out how to operate it. No one asks a mechanic if he likes his screwdrivers or a Marine if he likes the sound or color of his rifle.

If the iPad is a solution for the problem without relevant tradeoffs. That's fine. But I want one is no reason anyone should be concerned about. It is important when dealing with customers. It's totally irrelevant when dealing with employees. Even if that employee is the head of the state.

This is your tool of the trade. It doesn't come in pink or with a retina option, there are no little ponies on it and no ... you cannot dual use it nor can you install Angry Birds, facebook or use your face to unlock it.

Add new comment

This form is protected by Google Recaptcha. By clicking here you agree to include Google Recaptcha for this session. The page will reload and the form will become avaiable.
Error | Mobile Grid


Error message

Recoverable fatal error: Argument 1 passed to xmlsitemap_node_create_link() must be an instance of stdClass, boolean given, called in /opt/nginx/vhosts.d/ on line 28 and defined in xmlsitemap_node_create_link() (line 194 of /opt/nginx/vhosts.d/
The website encountered an unexpected error. Please try again later.