×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Inside Boeing's New Self-Destructing Smartphone

samzenpus posted about 9 months ago | from the wiped-clean dept.

Cellphones 162

mpicpp writes "It looks thicker than most of the phones you see at Best Buy, but Boeing's first smartphone isn't meant to be used by the average person. The company that's known for its airplanes is joining the smartphone game with the Boeing Black, targeted at people that work in the security and defense industry. One of its security features is self-destructing if it gets into the wrong hands, although not quite in the Mission Impossible sense. According to the company's letter to the FCC, the phone will have screws with a tamper-proof coating, revealing if a person has tried to disassemble it. 'Any attempt to disassemble the device would trigger functions that would delete the data and software contained within the device and make the device inoperable,' writes Bruce Olcott, an attorney for Boeing."

Sorry! There are no comments related to the filter you selected.

Boeing? (1)

Anonymous Coward | about 9 months ago | (#46366157)

Starting price is $10,000...

Re:Boeing? (1)

Taco Cowboy (5327) | about 9 months ago | (#46366235)

Starting price is $10,000...

What is $10,000 in today's currency when an ash tray already cost $900, in 1985 money ?

Source:

http://articles.sun-sentinel.c... [sun-sentinel.com]

Re:Boeing? (1)

Anonymous Coward | about 9 months ago | (#46366549)

Boeing was one the cheap, innovative, nimble, young upstart - but, like anyone involved in a cushy deal which gives it a lot of power, eventually it becomes comfortable and corrupted.

This is why I despair about SpaceX - it's like we're going back 80+ years, and assuming things will turn out differently this time around.

(Not quite as bad as the Bitcoin fad, though. MtGox was a clone of a more primitive banking era, and ended up suffering a common problem which has been largely eliminated in modern regulated banks.)

Even speaking as a complete techno-nerd, the older I get, the more I realise that every endeavour needs to be founded on a study of history.

Re:Boeing? (2)

neoritter (3021561) | about 9 months ago | (#46367409)

Or $629 if you bothered to read...

tamper-proof coating? (0)

Anonymous Coward | about 9 months ago | (#46366159)

Soon in an iPhone near you!

Re:tamper-proof coating? (1)

Z00L00K (682162) | about 9 months ago | (#46366355)

Until someone figures out a way around it.

Re:tamper-proof coating? (-1)

Anonymous Coward | about 9 months ago | (#46366375)

Until someone figures out a way around it.

Its not made to stop a sophisticated intelligent attacker. Its meant to stop the thug nigga crackhead that robs you to feed his habit cuz some rapper told him it was a good idea and Jesse Jackson told him the white man deserves it anyway. Totally different threat model.

Re:tamper-proof coating? (1)

AmiMoJo (196126) | about 9 months ago | (#46366429)

No, it is meant to stop sophisticated attackers. It will be interesting to see what happens the first time the police decide they need to access one of these and request that Boeing help them. If designed correctly there should be nothing Boeing could do to help them, but considering all the fat defence contracts and government money that goes their way I doubt they would have neglected to put an NSA approved back-door in.

Re:tamper-proof coating? (1)

Lumpy (12016) | about 9 months ago | (#46366545)

you disassemble them in a Argon or other non oxygen environment ot get around their "self destruct".

Guarantee they have a way to get all the data off of them for Law enforcement. It's not secure, it's marketing.

Re:tamper-proof coating? (1)

Sockatume (732728) | about 9 months ago | (#46366585)

Explosives, generally speaking, are their own oxidants. If (and it's a big if) this device is meant to blow itself up and not slowly burn away to nothing, an inert atmosphere isn't going to help.

I really doubt it is actually meant to blow itself up though.

Re:tamper-proof coating? (1)

AlecC (512609) | about 9 months ago | (#46366675)

I don't think it is anything physical. It is just that it will automatically execute "sudo rm -rf /" when it detects any tampering, which will be done by more than one unspecified mechanism. And, of course, use a destructive form of rm.

Re:tamper-proof coating? (2)

minstrelmike (1602771) | about 9 months ago | (#46366839)

I really doubt it is actually meant to blow itself up though.

If they used the right kind of battery it could ;-)

Re:tamper-proof coating? (1)

BlueStrat (756137) | about 9 months ago | (#46367203)

I really doubt it is actually meant to blow itself up though.

If they used the right kind of battery it could ;-)

All you'd need to do is build it on a flammable PCB with a nichrome-wire-style electrical ignition element embedded within it, and discharge the (I would assume normally inaccessible without tripping the destruct) battery through it. The destruct could even have it's own built-in and seperate battery

*Poof*, original "Mission Impossible"-style.

"Good morning, Mr. Phelps..."

Sometimes the old tech is the best tech. ;-)

Strat

Re:tamper-proof coating? (0)

Anonymous Coward | about 9 months ago | (#46366599)

If it's meant to stop sophisticated attackers why is it being marketed on the ordinary internet? Government contractors don't advertise that way. This is a consumer product masquerading as a product for spooks. I don't think real spooks would use anything that we know about.

Re:tamper-proof coating? (2)

InvalidError (771317) | about 9 months ago | (#46366973)

The simplest way to self-destruct data on the device is to simply encrypt it using a large key stored in CMOS embedded in the SoC's hardware crypto-engine and clear it (either with an actual reset signal or simply killing power) if tampering is detected to instantaneously render all stored data useless. The next time the boot-loader runs if the device is ever powered up again before being restored to factory specs, it can generate a new encryption key and start erasing storage to make the data completely unrecoverable.

I would not be too surprised if they only implemented the device encryption part of this with managed encryption keys so devices can be decrypted if ever recovered.

"Good afternoon, Mr. Phelps . . . " (1)

PolygamousRanchKid (1290638) | about 9 months ago | (#46366169)

" . . . this phone message will destroy your phone in 15 seconds . . . "

Completely Foolproof (1, Insightful)

C0R1D4N (970153) | about 9 months ago | (#46366181)

So...take a dremel and cut the case around the screws.

Re:Completely Foolproof (5, Funny)

Anonymous Coward | about 9 months ago | (#46366217)

"screws with a tamper-proof coating, revealing if a person has tried to disassemble it"

I'm pretty sure I would notice if someone took a dremel to my phone.

Re:Completely Foolproof (1)

PanAmaX (1102857) | about 9 months ago | (#46366323)

yeah, you'd notice..

but Im guessing the goal here that C0R1D4N was getting at was getting the data and not letting you believe that no one had tampered with your phone

if the goal was steal it and get access to the contents of the phone by accessing the underlying hardware directly.. then this seems (at least on the surface) like a suitable approach. As stated in the short description 'Any attempt to disassemble the device would trigger functions that would delete the data and software contained within the device and make the device inoperable,". So if the goal is data retrieval.. don't use the screws.. simply dremmel out everywhere you can while not damaging the SOC then remove that from the pcb and then break it out to some predetermined jig and read the contents of all memory on the device.

Re:Completely Foolproof (-1)

Anonymous Coward | about 9 months ago | (#46366403)

break it out to some predetermined jig

Uhh.. wtf do black people have to do with this?! I mean sure they're a lot more likely to be the one stealing your phone. Or your car. Or your wallet. Etc. The crime stats are clear, poor black people are much more violent and larcenous than poor white or asian people. But why bring that up this way?

Dremel can still trigger the self-destruct (1)

Firethorn (177587) | about 9 months ago | (#46366651)

The way I'd have the destruct work would be to encrypt everything and keep the key in a special tamper chip that will dump the key if a tamper trips.

Anyways, there are options to screw up your little proposal, such as a sensor inside that looks for disturbance. A light sensor where there should be no light, for example. Put a series of wires along the inside of the case, and if the resistance changes, such as from somebody cutting a wire trying to dremel their way in, trigger the tamper. Another option would be a button or something that's depressed normally. Remove a section of the case and it trips.

Re:Dremel can still trigger the self-destruct (1)

CastrTroy (595695) | about 9 months ago | (#46366773)

It would probably be difficult to build the "disturbance detecting" chip in a way that couldn't be circumvented but that also wouldn't trip accidentally. Any light detecting mechanism better not get accidentally triggered by electromagnetic rays (like infra-red) that are slightly outside the visible spectrum, but can easily pass through plastic. Also, if it was light sensitive, you could just disassemble the phone in a darkroom.

Re:Dremel can still trigger the self-destruct (1)

Firethorn (177587) | about 9 months ago | (#46366829)

It would probably be difficult to build the "disturbance detecting" chip in a way that couldn't be circumvented but that also wouldn't trip accidentally.

To be more clear, my 'tamper chip' is merely a storage device. If voltage is lost at pin 1, dump, if voltage present on pin 2, dump. If voltage on pins 3&4 don't match within tolerances, dump. After that, it's all about sensors hooked up. Careful design can minimize 'false alarm' trips, depending on where your relative paranoia lays. I've worked with equipment that have tamper alarms that a strong *bump* can trigger, then the device is unusable until you use a special key on it(and said key only works so many times).

Yes, the light idea is fairly simple to bypass if you know about it, but it also makes trying to hack the phone a pain if you have to do it in the dark. Makes you more likely to trip the other sensors - cut in the wrong spot, lift the wrong bit of case, etc...

That's why you get multiple people in a committee helping out. Other options include pressurizing the phone(you'd need a temperature sensor to to map the expected pressure).

Re:Dremel can still trigger the self-destruct (0)

Anonymous Coward | about 9 months ago | (#46367099)

Lol, what about isolating the phone from exterior signals and letting the battery die before trying to retrieve the data? I'm fairly sure THAT would defeat most electronic countermeasures unless the phone wipes itself when the battery is below a set % which is outright dangerous for regular use.

Re:Dremel can still trigger the self-destruct (1)

X0563511 (793323) | about 9 months ago | (#46367281)

Have you entered your PIN on a PIN pad within the last 10 years? If so, you've just used technology that's already solved this problem.

Re:Completely Foolproof (2)

swillden (191260) | about 9 months ago | (#46366501)

"screws with a tamper-proof coating, revealing if a person has tried to disassemble it"

I'm pretty sure I would notice if someone took a dremel to my phone.

No you wouldn't. You'd just know your phone was gone. And you'd believe that at least your data was safe, because the self-destruct would have been triggered when the thief removed the screws. Except it wasn't.

Re:Completely Foolproof (1)

jimbolauski (882977) | about 9 months ago | (#46366653)

The people that would use this phone are probably no as worried about someone taking their phone and attempting to access their encrypted data, rather they are worried about compromising their phone and any other systems their phone connects to.

Re:Completely Foolproof (0)

Anonymous Coward | about 9 months ago | (#46366761)

> I'm pretty sure I would notice if someone took a dremel to my phone.

Not if that someone first takes said dremel to you.

(or: "in soviet russia dremel phones *you*)

Re:Completely Foolproof (1)

usuallylost (2468686) | about 9 months ago | (#46366771)

Judging by the target audience my guess is they are afraid of a lot more subtle tampering techniques than using a dremel. I would fully expect that a professional, of the types they are worried about, could disassemble your phone modify it it and reassemble it without your being the wiser. Which is why they want it to be impossible, or at least exceedingly difficult, to hide tampering and want it to self destruct.

Re:Completely Foolproof (0)

Anonymous Coward | about 9 months ago | (#46367091)

Why not just use countersunk one-way screws. Bloody hard to remove without drilling and the vibrations from drilling could be made to damage some crucial parts

Re:Completely Foolproof (1)

JoeMerchant (803320) | about 9 months ago | (#46367205)

"screws with a tamper-proof coating, revealing if a person has tried to disassemble it"

I'm pretty sure I would notice if someone took a dremel to my phone.

Yes, but would the data-wiping routines get activated? (Probably yes, unless you have a couple of phones to practice on and/or a good X-ray machine.)

Re:Completely Foolproof (0)

Anonymous Coward | about 9 months ago | (#46366293)

If that would work there wouldn't be any reason for the phone to be so bulky and expensive.
Making a detection mechanism for screw removal only is as easy as having the screw go trough two nuts instead of one and connect the upper one to ground and a pull-up to the lower one. You then get a digital signal that goes high when the screw leaves the bottom nut.
Use a nut designed for soldering to the PCB and it will have no impact on assembly time/cost and component cost is in the cent range.

It should be pretty obvious that the solution isn't limited to detecting screw removal only. It is likely that they also have something like a metal foil inside to detect if the case is drilled/cut. If the case is air tight they could use a pressure sensor to detect case opening.

I would hope that they haven't settled for a version that only detects screw removal.

Re:Completely Foolproof (1)

VernonNemitz (581327) | about 9 months ago | (#46366353)

There is always a way. Consider dumping the phone into liquid helium, before applying the Dremel. Batteries don't work so well at cold temperatures. Software, including self-erasing software, can't run without a power source....

Re:Completely Foolproof (0)

Anonymous Coward | about 9 months ago | (#46366395)

Yes, there is also a way, and liquid nitrogen will probably be sufficient and stop any oscillators. And temperatures below -40 degrees can be considered as "tampering" and start an erase cycle before the temperature becomes too low to make it impossible.
By then you have an arms race but the one creating the tampering protection will have an information advantage since he is the only one who knows what they check for.
By then you have reached a point where it is easier and less risky to kidnap the phone owner together with the phone or just grab it out of his hands. If it reaches that point then the technology is no longer an attack vector and further development in that area will be unnecessary.

Re:Completely Foolproof (1)

bluefoxlucid (723572) | about 9 months ago | (#46367035)

Yeah that's not going to happen fast enough in a slush of dry ice and liquid nitrogen. That's instant-freeze.

Re:Completely Foolproof (1)

Anonymous Coward | about 9 months ago | (#46366477)

However, encrypted data stays encrypted. No reason not to include decent hardware encryption.

Re:Completely Foolproof (2)

BitZtream (692029) | about 9 months ago | (#46366667)

But it can damn sure run as soon as it notices rapidly dropping temps.

Dropping it in something really cold doesn't make it instantly cold, it'll take some time (even if that time isn't very long) and thats long enough to nuke itself if need be.

Its not like they're going to trigger self destruct based on a case screw or two being removed.

Unless its a joke, they would have multiple safe guards in place to destroy the device if need be. Rapidly failing temp that is well below human standards? Kill! Any one of multiple case pressure springs goes offline? Kill! For every way you can find to open it, I can add a way to stop you, and I'm not doing this for a living every day.

The question is, can they figure out a combination that you can't figure out how to work around.

And for reference to all the armchair spooks on slashdot ... if you were so good that they actually worried about YOU getting into this device, you wouldn't be talking about it on slashdot or we'd already know your name. (/me looks for Bruce, just in case) As I have to say here so often ... you aren't half as clever as you think you are.

hack (0)

Anonymous Coward | about 9 months ago | (#46367305)

Forget about busting into the casing, one question I have, maybe a couple, is it hack proof? Someone can and will find a way to hack it, in the sense they could steal the information from via the airwaves [if you will].

I would think the phone isn't complete hack proof in some form or another. The information still has to be sent/received/collected does it not?

You wouldn't be able to steal it, they'd [i would think] have some sort of 'kill switch' should the phone end up lost or stolen. I'm not sure what they have, they may have numerous things for the user to ID themselves and a failure to do so would also result in a kill!

Re:Completely Foolproof (0)

Anonymous Coward | about 9 months ago | (#46366521)

If they are going all the way with available tamper protection technology, that won't work.

But the really important question is... (1)

Anonymous Coward | about 9 months ago | (#46366183)

... Will it run Angry Birds and Candy Crush? ... Will it run Crysis? ... Will it run Slashdot Beta?

Re:But the really important question is... (2)

DeSigna (522207) | about 9 months ago | (#46366195)

Probably. But if you try installing a custom firmware, it will literally explode.

I can see a lot of carriers warming to this idea.

Re:But the really important question is... (5, Funny)

Anonymous Coward | about 9 months ago | (#46366201)

Will it run Slashdot Beta?

The self-destruction mechanism uses Slashdot Beta code to perform the operation.

Re:But the really important question is... (0)

Anonymous Coward | about 9 months ago | (#46366717)

More importantly...Will It Blend?

Alternatively (2)

ElectraFlarefire (698915) | about 9 months ago | (#46366187)

You could just get a Nexus, fill it's insides with epoxy, install Cyanogenmod, use whole disk encryption and some sort of 'erase data after failed attempt to decrypt'.
Or just, youknow, not have anything on your phone worth stealing..

Re:Alternatively (0)

Anonymous Coward | about 9 months ago | (#46366215)

Are those alternatives better?

Tamper-proof screws? (5, Informative)

Firethorn (177587) | about 9 months ago | (#46366191)

Oh, and you generally don't do a tamper 'proof' coating on screws, you do a 'tamper-evident' coating.

Want your own tamper evident coating? Buy a bottle of the cheapest, cheesiest glitter nail polish you can find. Coat the screws with a layer. Take a high resolution picture of each screw. Suspect tampering? compare the current coating with the picture.

As for deleting the data off the device, I'd probably simply encrypt everything on the device, with the key stored in a specific chip designed to dump said key if anything triggers it. No Key = No Data.

Re:Tamper-proof screws? (0)

Anonymous Coward | about 9 months ago | (#46366211)

How boring. I'd trigger the Frikken Sharkdog with Frikken Laser-Crossbow on his head to just shoot the phone. Frikken Sharkdog and Frikken Laser-Crossbow both sold separately. Frikken Sharkdog and Frikken Laser-Crosswbow both tradmark Anonymous Coward industries. Not available for purchase for ages under 21 unless proof of Evil Mastermind ID shown. Not available in Austria or Vietnam. Delivery available to all timespace continuums located on earth except 1880-1954 and anything beyond 3049.

Re:Tamper-proof screws? (1)

Bert64 (520050) | about 9 months ago | (#46366329)

A tamper coating like that will get gradually damaged just through normal wear and tear...

Re:Tamper-proof screws? (1)

jimbolauski (882977) | about 9 months ago | (#46366713)

A tamper coating like that will get gradually damaged just through normal wear and tear...

Requiring the owner to buy a new $10,000 phone every year, it's brilliant.

Re:Tamper-proof screws? (0)

Anonymous Coward | about 9 months ago | (#46366845)

You do realize that you don't need to leave the screws exposed to things which cause wear and tear right? My phone has dozens of screws in it, none of them exposed.

Even if you are very 'do it yourselfy' and want to use the nailpolish trick AND you have exposed screws. Just put a layer of epoxy over the glitter polish. You aren't going to be doing anything to a phone which will wear out the epoxy and not break your phone. And if it gets scratched up, you can just polish it back to a clear surface.

Re:Tamper-proof screws? (2)

Buchenskjoll (762354) | about 9 months ago | (#46366333)

I wish you hadn't said that. I spent 3 hours trying to turn my phone fast enough to take a picture of the backside.

Re:Tamper-proof screws? (1)

gweihir (88907) | about 9 months ago | (#46366371)

You do it with mirrors! ;-)

Re:Tamper-proof screws? (2)

hawkinspeter (831501) | about 9 months ago | (#46366517)

Use the camera on the other side.

Re:Tamper-proof screws? (1)

gweihir (88907) | about 9 months ago | (#46366369)

Side note: Nobody in the security industry that is trustworthy claims "tamper proof". Nothing is and hence the thing to claim is "tamper resistant".

Re:Tamper-proof screws? (1)

Anonymous Coward | about 9 months ago | (#46366535)

FIPS 140-2 Level 4. If the device passes current testing requirements for that, your pretty unlikely to get in.

Re:Tamper-proof screws? (1)

gweihir (88907) | about 9 months ago | (#46366665)

Indeed. "Tamper resistant" = "you are pretty unlikely to get in". "Tamper Proof" = "is is impossible to get in". Only marketing-liars claim the second.

Re:Tamper-proof screws? (1)

minstrelmike (1602771) | about 9 months ago | (#46366889)

neither resistance nor prevention is the goal. The goal is to prevent un-noticeable tampering.
If you get your phone back from the lost and found at the local Chinese restaurant, you want to make sure they didn't copy the sim card so-to-speak.
This phone is designed for the sorts of people who build and defend against things like Stuxnet.

Cold disassembly? (3, Interesting)

Megan Woods (2920951) | about 9 months ago | (#46366221)

How would it go if it were chilled right down, liquid nitrogen or colder so the electronics stopped working and then disassembled. (I don't know if it's possible, just kicking the idea around.)

Re:Cold disassembly? (1)

gweihir (88907) | about 9 months ago | (#46366377)

No use speculating without somebody competent doing an analysis of the thing. It certainly is one of the possible techniques, but whether it helps or is needed is unclear.

Re:Cold disassembly? (1)

Sockatume (732728) | about 9 months ago | (#46366379)

Given that the battery's removable, I can think of a quicker way to stop the electronics working.

Re:Cold disassembly? (1)

BitZtream (692029) | about 9 months ago | (#46366687)

Battery gets too low? Dump the encryption key.

Temp gets too low? Dump the encryption key. Temp gets too high? Dump the encryption key.

Any one of the 20+ springs in the case that are monitored for contact with the case going offline? Dump the encryption key.

Too many G forces? Dump the encryption key.

Everything you're going to do to it, its going to have enough of a warning to be able to destroy itself, OR what you're doing to it is going to destroy it first.

Re: Cold disassembly? (0)

Anonymous Coward | about 9 months ago | (#46366715)

I see two attack vectors. Run the battery down and then open it.

Simply use an electromagnetic device of some sort that can read the variations in the EM emissions of the phone while its on, and copy the data stream. The NSA already does this with submarine cables.

This is going to be hot! (5, Funny)

nimid (774403) | about 9 months ago | (#46366227)

I see they're using the same battery technology they used in the Dreamliner then.

Solution (0)

Anonymous Coward | about 9 months ago | (#46366271)

Use a mini saw to delicately remove the covering or the screen instead of the screw.

ATM keypads (4, Interesting)

DoubleJ1024 (1287512) | about 9 months ago | (#46366307)

When I worked in the ATM industry we already had that feature built into the keypad (EPP). If you tried to extract the keys any number of ways (freeze spray, remove back cover, cut front cover, etc.) it would dump the memory and leave the attacker with nothing. All you have to do is contact one of the companies that built those EPP's and they can guide you into a LOW COST hardware method of dumping everything. You don't need to go with a fancy "custom coating" that might fail or have alternative issues. I would not buy this phone as it is over-priced, and I can do the same thing with a common android smartphone and a little software and hardware tweaking. Epoxy is your friend for keeping people out of things they don't need to see, as is encryption with delete upon failure to decrypt. What a joke, but they will sell a bunch of them to Gov. and "special" people.

Re:ATM keypads (1)

gweihir (88907) | about 9 months ago | (#46366393)

Don't depend on that when you have really expensive secrets, and that is what this phone is aimed at. With an ATM, I would expect the maximum loss if somebody attacks this successfully is around 10 Million USD/EUR. (I think the card-cloners that recently went around got 3.5 Million only.) Also remember that an ATM keypad affords a steel front-plate, excellent RF shielding, no access from behind and the ATM itself comes with a number of tamper detectors and usually has a direct line to the police or some security company.

Real Costs (-1)

Anonymous Coward | about 9 months ago | (#46366821)

That's really the point. cloners only got a few million dollars. Snowden's treason has cost at least 5 billion dollars already. Yes, we're replacing the capabilities he compromised.

Re:ATM keypads (1)

JoeMerchant (803320) | about 9 months ago | (#46367233)

If I were an average ATM attacker, I'd be more interested in the cash it contains than any data. You can pick up credit account info anywhere, Target, for instance.

Re:ATM keypads (1)

Capt James McCarthy (860294) | about 9 months ago | (#46367407)

I would not buy this phone as it is over-priced, and I can do the same thing with a common android smartphone and a little software and hardware tweaking.

You don't understand that spending tax dollars is way different then spending your own dollars.

Quick question (1)

Anonymous Coward | about 9 months ago | (#46366327)

Does it delete its own data when battery runs out?

Do not depend on this against a competent attacker (1)

gweihir (88907) | about 9 months ago | (#46366361)

They are basically claiming they have a HSM here. Now, HSMs are as expensive as they are for a reason (50'000 USD/EUR is quite standard). One is that attackers have to pay a lot to get their hands on one for analysis. Another is to have several layers of protection, several independent power sources, solid steel tamper barriers, etc. Still, they are designed to be secure when in a 19" rack in a secured data-center and when it becomes obvious fast that one has been removed.

I expect that a good hardware hacker can get into these phones with at most a few weeks of work and 3-4 devices to burn. After that opening one of these should be easy. And then there are the myriad ways of attacking this thing via software.

Re:Do not depend on this against a competent attac (1)

JoeMerchant (803320) | about 9 months ago | (#46367269)

Layers upon layers - there's the "common" model that goes out to all field personnel and is assumed to be compromised within a few months.

Then, there's high security model that is designed to look like the common model, but goes only to high value targets and might be redesigned and redeployed every time one gets lost.

Then, there's the higher security model that is designed to look like the high security model, but....

Is it any wonder that a toilet seat can cost $9,000?

Misleading Title (1)

Anonymous Coward | about 9 months ago | (#46366397)

The title says "Inside Boeing's New Self-Destructing Smartphone" which is somewhat misleading; as it only refers to a mainstream news article - not any technical information about the 'inside' of the device.

Re:Misleading Title (0)

Anonymous Coward | about 9 months ago | (#46366587)

That's correct.

Re:Misleading Title (2)

BitZtream (692029) | about 9 months ago | (#46366729)

And if it actually does what Boeing claims, you aren't going to find any articles telling you how it works; that, in and of itself is part of its security.

In the real world, people take advantage of security through obscurity. That doesn't mean they rely on it, but theres nothing wrong with throwing something in front of the attacker to slow them down even if its only temporary as long as thats not your only attempt at security.

Nothing is secure given enough time.

Re:Misleading Title (1)

minstrelmike (1602771) | about 9 months ago | (#46366937)

Actually, I suspect most of the folks who end up buying the phone will be buying them specifically to figure out how to break them.
It's a brilliant marketing scheme. Justin Bieber and Kim Jong Un will each buy one for security reasons and the other 70,000 Boeing ends up selling will all go to security researchers in China, Russia and Europe.

someone has to ask (3, Funny)

Anonymous Coward | about 9 months ago | (#46366405)

will it blend?

Self destructing phone, which battery joke to use? (1)

Overzeetop (214511) | about 9 months ago | (#46366449)

Not sure where to go with this one. Is the joke supposed to be "So, Boeing has teamed up with Sony to use their batteries in a new smart phone..." or "Leveraging the battery technology used in the 787 Dreamliner..."

What's the difference to an iPhone? (1)

gnasher719 (869701) | about 9 months ago | (#46366481)

The only difference seems to be that with this phone, if an attacker tries to get at the data you end up with a non-working phone and an attacker without data, while with an iPhone you end up with a working phone and an attacker without data. OK, this phone has also some more security claims, but of course they are not proven.

Re:What's the difference to an iPhone? (1)

BitZtream (692029) | about 9 months ago | (#46366743)

Put an iPhone in a faraday cage and the data won't be deleted. No way for the signal from Steven in the sky to tell it to delete the data. Disassemble the device, hot air the flash chips off the phone to you own custom boards ... boom, full access to all the data. (Actually, not entirely true for smarter users with encrypted data, but close enough for this discussion, since all 3 of those iPhone users who encrypt their data don't have anything that matters anyway.)

Re:What's the difference to an iPhone? (1)

JoeMerchant (803320) | about 9 months ago | (#46367293)

I tried the iOS encrypt home drive option once, bricked my new MacBookPro inside a week, had to reinstall iOS from scratch with special help from a tech named Jesus.

Re:What's the difference to an iPhone? (1)

X0563511 (793323) | about 9 months ago | (#46367375)

You do realize your Macbook is not an iPhone and does not run anything approaching the same operating system?

Re:What's the difference to an iPhone? (1)

gnasher719 (869701) | about 9 months ago | (#46367429)

You do realize your Macbook is not an iPhone and does not run anything approaching the same operating system?

The operating system is actually more than 85% identical :-) Still, I don't know how turning on a non-existing encryption option on iOS (it's not an option, you can't turn it off) would mess up his MacBook, and how messing up his MacBook would require him to re-install the OS on his iPhone.

Re:What's the difference to an iPhone? (1)

gnasher719 (869701) | about 9 months ago | (#46367391)

Put an iPhone in a faraday cage and the data won't be deleted. No way for the signal from Steven in the sky to tell it to delete the data. Disassemble the device, hot air the flash chips off the phone to you own custom boards ... boom, full access to all the data. (Actually, not entirely true for smarter users with encrypted data, but close enough for this discussion, since all 3 of those iPhone users who encrypt their data don't have anything that matters anyway.)

That's the point - you don't have full access to the data. You have no access to the data. You have access to an encrypted file system, where every single file is encrypted with a different random 256 bit key.

Relatedly?... (1)

whisper_jeff (680366) | about 9 months ago | (#46366487)

So, where's the added summary about the "related story" of how Google admits that Android's focus isn't on security and that malware writers should target their OS rather than Apple's or Microsoft's?

Or was that story only related when Slashdot was attempting to water down the discussion of Google's comments with a topic that actually had nothing what-so-ever to do with Google's comments?

Don't worry. I already know the answer to those questions.

It was nice when this site did a better job of disguising it's biases...

A similar "secured" cellular phone (1)

Anonymous Coward | about 9 months ago | (#46366555)

The Boeing "Black" will competete with the General Dynamics "Sectera Edge"...
http://www.gdc4s.com/sectera-edge-(sme-ped)-proddetail.html?taxonomyCat=141

What a waste of your time (-1)

Anonymous Coward | about 9 months ago | (#46366701)

Stupid americans. Wasting time in no-inventions.

ho8o (-1)

Anonymous Coward | about 9 months ago | (#46366705)

to decLine fOr dead. It is a dead

Larger security concern: (0)

Anonymous Coward | about 9 months ago | (#46366735)

It's running Android. No troll here. The problem isn't LOSING THE ACTUAL PHONE, but the software being susceptible to an attack, and Android doesn't exactly have a good track record in that aspect.

Well done, Slashdot! (1)

Buck Feta (3531099) | about 9 months ago | (#46366785)

I was going to say, I read about this at Ars a couple days ago, but then I saw this "article" links to an ABC news "article" - what's more, the "summary" is a direct quote of pretty much the entire ABC piece. But then I saw this "article" also links to the much superior Ars article. So, I say, bravo, Slashdot! Bravo.

Not For Spies (2)

jimbolauski (882977) | about 9 months ago | (#46366809)

The biggest issue with this phone is not weather it can be tampered with without the owners knowledge, but that anyone that has one of these phones will be instantly noticeable as a high value target. The only people that this device makes sense for are public figures, senators, congressmen, CEO's of large defense contractors, ... Everyone else will be better protected by following simple security precautions and not carrying around a large flag that says I'm worth the effort.

Re:Not For Spies (1)

JoeMerchant (803320) | about 9 months ago | (#46367311)

There's the low cost version that just looks like the secure one and is mandated for use by all contracted workers.

I had a Blackberry like that once.

Covering bad crypto (1)

EmperorOfCanada (1332175) | about 9 months ago | (#46367103)

This sounds not like it will protect your data but will keep crypto researchers from finding that the NSA has put a back door into the product. Quite simply if it comes from the US, Canada, Australia, or the UK the product is not to be trusted. Which is sad as I am a Canadian and would love to make crypto products but at this point wouldn't trust even a company that had US citizens working for it let along based in the US.

This might be the most solid argument against these spy agencies, whatever "attacks" they are preventing, and whatever manipulations they are doing do not possibly equal the damage they have and are doing to the tech industries in our countries. I am willing to bet that the damage done to Cisco, google, IBM, and others will easily total the financial damage done in 9/11. Plus in all likelihood the plans for the next 9/11 will work just fine as they fully know not to trust any US comm technology.

Why trust Boeing? (0)

Anonymous Coward | about 9 months ago | (#46367131)

Black box design
Buzzwords with "trusted"
Intended for gov agencies
_______________
NSA backdoor included

Why tamper-evident screws (1)

dogsnapper (3556095) | about 9 months ago | (#46367157)

'Any attempt to disassemble the device would trigger functions that would delete the data and software contained within the device and make the device inoperable,'

Wouldn't the fact that your phone is now a brick be enough to let you know that someone had tried to tamper with your phone?

FIPS-140 (2)

mindcandy (1252124) | about 9 months ago | (#46367165)

FIPS-140 (and 140-2) address exactly this. http://en.wikipedia.org/wiki/F... [wikipedia.org]

At FIPS-140 Level 4, the crypto keys are stored on a unit that actively monitors for attack by environmental, electromagnetic, and physical methods.The physical is usually handled by a mesh of gridwires over the die.

The problem, of course, is Boeing is in bed with the government for Billions (Trillions) of dollars worth of military hardware, so don't think they'd sell you an Android phone before having a friendly chat with their friends at [A-Z]{3}.

Using battery technology from the Boeing 787? (1)

schwit1 (797399) | about 9 months ago | (#46367237)

In that case it should be easy and in this case it will be a feature.

http://www.usatoday.com/story/... [usatoday.com]

Secured Insecurity. (0)

Anonymous Coward | about 9 months ago | (#46367275)

Anyone that is seriously interested in data or the internals of the device will have access to a high end precision laser/CNC machine that will remove the enclosure from around "safety" screws and other anti-tamper components, they will have purchased numerous devices and practiced and tested often enough to have a successful methodology. Once they have access to the internals, the same rules of security as applied to physical access to any computing devices applies.

The technology being offered will only generally thwart your bumbling thieves. Though, most governments are fairly bumbling, so, this might be just what the intelligence industry is looking for.

Seems risky (0)

Anonymous Coward | about 9 months ago | (#46367359)

Talk about next level DOS attacks. *click* ... 2,000 phones self destruct in panic

Hmm (0)

Anonymous Coward | about 9 months ago | (#46367397)

I wonder what would happen if you used liquid nitrogen like cold boot attacks? Would the protection still be responsive at temperatures that low?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?