RealTime IT News

Security Enhanced Android Being Developed by the NSA #LinuxCon

SAN DIEGO. It's no secret that Google's Android mobile operating system has had its share of security flaws. But what is less well-known is that the U.S. government's National Security Agency (NSA) is among the teams working to improve Android security.

Speaking at the LinuxCon North America 2012 conference, NSA developer Stephen Smalley detailed how the NSA is working to make Android more secure for everyone.

The NSA is no stranger to the world of Linux and open source security. In 2004, the NSA began to work on something known as SELinux (Security-Enhanced Linux). SELinux provides mandatory access control and granular application level controls to Linux. SELinux is now baked into Linux and is a key component of its overall enhanced security.

The NSA's SE (Security-Enhanced) Android project is an attempt to extend that same approach to Android phones. SE Android was launched by the NSA to address what they perceive as critical gaps in the security of Android.

Smalley stressed that with SE Android, the NSA is not seeking to create a government version or fork of Android.

"We're not looking to create a product of our own," Smalley said. "We have a focus on platform security issues that aren't addressed in the commercial sector and throughout the project, we're working with an eye toward mainline Android adoption."

Read the full story at eSecurityPlanet:
NSA: Building a More Secure Android

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of the IT Business Edge Network, the network for technology professionals Follow him on Twitter @TechJournalist.