The National Security Agency, America's eyes and ears, constantly deals with highly-sensitive data. Problem is, discussing that data over unprotected airwaves represents a huge security risk, often requiring agents to communicate in code. That's why the Agency has developed its own super-secure Android handset.
Dubbed the "Fishbowl," these devices make fully-encrypted calls that are secure enough to allow the discussion of even the most classified information. The handsets will rely on an unidentified VOIP app, similar to Skype, that routes calls through NSA servers (kind of like what they already do with everybody else's).
Surprisingly, the devices employ off-the-shelf components and run on openly-available protocols. "The plan was to buy commercial components, layer them together and get a secure solution," Margaret Salter, head of the NSA's Information Assurance Directorate, said. "It uses solely commercial infrastructure to protect classified data." Calls will be double-encrypted through both IPSEC and SRTP, per NSA policy.
The security platform will also be applied to tablets, another NSA official told the Technology Review. So far, 100 of the devices have been developed and distributed to government officials.
Agents will also be able to install national defense-related apps from an app store run by the US Defense Information Systems Agency, ensuring that only secure applications are installed (sorry Path).
What's more, the NSA is hoping that carriers and mobile manufacturers will adopt some of the same concepts for their own products. That is, run all data from its VOIP app through its own servers, which I'm sure consumers would have absolutely no qualms with. There's no word on how well this device protects its sensitive contents from being left it in a bar. [SC Magazine via Technology Review]
An NSA diagram of how Fishbowl works:
An NSA diagram of its encryption process: