Android and the U.S. military: Is open-source secure enough?

That the U.S. government is developing a modified version of Google's Android mobile operating system for military use is raising eyebrows. The openness of the platform makes it relatively easy for hackers to share information and identify vulnerabilities in the software.

For over a decade, Research In Motion has held the crown as the most secure wireless device on the planet. By virtue of a design that uniquely incorporates strategically located network operations centres that ensure end-to-end encryption, the company's BlackBerry devices and services became the singular choice of businesses, governments, law enforcement and military agencies that had previously avoided wireless due to security concerns. As competitors trumped RIM with newer, sleeker handhelds that offered touchscreens, apps and more than a small dose of consumer-friendly industrial design, the BlackBerry's robustness was always a perfect fallback.

No more.

A CNN report last week that the U.S. government is developing a modified version of Google's Android mobile operating system for deployment to the military is raising eyebrows. Android has been a growing target for virus and malware writers as its market share, now over 50% in North America, has grown. Its open source roots make it relatively easy for hackers to share information and identify vulnerabilities in the software. Security company Symantec last year chided Google for following a less rigorous app certification model than its mobile competitors. Apple's fairly rigid app certification process for its iTunes App Store, for example, has resulted in reduced vulnerability to such attacks.

BlackBerry devices had remained outside the line of fire by virtue of their decidedly closed, secure architecture, and a less extensive app landscape. The U.S. government move, which coincides with a similar decision by global energy services giant Halliburton to gradually replace its field-deployed BlackBerry devices with iPhones over the next two years, represents a major shift in thinking among customers who previously wouldn't consider anything without a RIM logo. The U.S. government's move, in particular, dismisses RIM's formerly unassailable reputation in exchange for an open source, openly vulnerable platform that planners claim they can make secure. In doing so, the risks and rewards they face could set the tone for the broader mobile industry for years to come:

Rewards

• App friendliness. The tools and resources available to Android developers are generationally more advanced than those available from RIM. Unlike the BlackBerry model, where the vendor is the primary source for tools and expertise, Android developers benefit from a vibrant community of support, where development processes are constantly being evolved.
• Talent. Better tools plus a larger market means a broader pool of developers — which makes it easier for government and military planners to tap into skills as they need them. That deeper well of talent ensures higher quality, too — as it's harder to find top guns in smaller development communities.
• Speed. Google's full court press to grow Android has resulted in a rapid evolution of the product. The company has the resources to partner with government and military developers to quickly customize the platform to their unique needs. RIM's been an active partner to governments around the world, as well, but significant delays in bringing updated versions of its core operating systems to market cast doubt over its custom-build capabilities.
• Cost. Commoditized hardware, cheap or free software and a huge amount of community-based support can all keep a lid on cost, as it's always less expensive to use what's out there rather than customize it from scratch.

Risks

• Platform openness. Android was designed from the ground up to be open and accessible. This can be both a blessing and a curse. While vulnerabilities are more quickly known within the development community, that knowledge is also available to hackers who can — and often do — exploit these openings with new malicious code. Easy connections to third party applications and services also open up new avenues for vulnerability. In highly secure environments like the military and government, the verdict is still out on whether these are acceptable tradeoffs.
• Fracturing. If you want a BlackBerry, you're only buying it from RIM. Same goes for the Apple-only iPhone. Android devices, on the other hand, are available from dozens of vendors, with significant variations in screen size and orientation, processor power and system architecture. Variety may be the spice of life, but it can drive up development costs and timelines and make it harder to support large numbers of deployed devices.
• Hardware vulnerability. The U.S. government and military initiatives plan on using off-the-shelf devices on which they'll load a modified version of the Android operating system. This approach can reduce overall security because it's harder to extensively test and secure the resulting wider range of hardware-software combinations. It can also drive increased support costs.

The U.S. government's move into open source for its mobile users won't directly affect anyone's bottom line anytime soon, as initial orders for such devices will barely number in the hundreds through 2012. But the fact that they've even begun the process marks a major change in thinking — and one that could force a similarly major change in RIM's strategy now that its vaunted security is no longer enough to retain its most security-conscious customers.

Carmi Levy is a London, Ont.-based independent technology analyst and journalist. carmilevy@yahoo.ca