I found myself nodding my head reading Jon Oltsik’s Apple and Google Make the Department of Defense Jump Through Hoops for Mobile Device Security, a story that broke Thursday. Summary: US spies and soldiers, just like everyone else, want to carry iPhones and Androids. The Department of Defense (DoD) wants them to be secure. But DoD is frustrated because they’re having trouble getting Apple and Google to prioritize their needs.
It turns out that I have personal experience with this little logjam. But first, some background.
DISA · That stands for Defense Information Systems Agency, which provides systems and coordination, and sets standards, across many of the organizations in America’s huge military and intelligence community.
For much of my life I was employed by “Enterprise” technology companies, where the revenue comes from a relatively small number of large contracts with big companies and organizations. Some of the very largest contracts tend to come from governments, and in particular from military services and intelligence agencies.
So senior management at this kind of company gets dollar signs in their eyes when defense business comes over the horizon. Anyone with significant responsibility at DISA is treated as an emissary from heaven.
It’s actually a little bit nauseating; the DoD community is such a huge customer that an accretion of companies have built up around it whose specialty, whose core competence, is selling to DoD. If you have to be in that business you pretty soon learn that things work better if you go into partnership with one of these guys. I’ve been in those kind of deals and found the whole ecosystem off-putting; corrupt, and corrupting. Not in the sense of bribes-to-pay, but in the sense that focusing on DoD’s needs tends to damage your ability to address anyone else’s.
But I Digress · Back at OSCON I met this real interesting guy from DISA who specializes in all things Open Source. Not surprisingly, he and I had a lot of common interests; in particular we had fun kicking around what kind of things you’d do to customize Android for DoD customers. I thought, and think, that for those guys the open-source nature of Android is a big win; first, they can see what’s inside, and second, if a hardware maker wants to cook up a custom version with security voodoo extending right down into the kernel, nobody’s going to be in their way.
It turns out, though, that just like it says in Oltsik’s piece, I’ve not been able to offer much practical help to my DISA contact, nor to any of several other DoD types who’ve been in touch. I haven’t been able to arrange behind-the-scenes briefings for generals or rewrite Android Market legals. The team had Gingerbread to bake and hardware to bring up and events to stage, and are just really busy. I bet that the relationship with Apple is about the same.
I was briefly shocked, with my experience of DISA-worship in the Enterprise-IT sector. But think about it: the total DoD head-count is estimated at around 2.5 million. If you pick demographics that you might want to pitch mobile devices to, here are a few that are similar or larger in size:
Euro-zone business travelers
World of Warcraft players
Indian cricket fans
This whole consumer-device business is oddly pure.
What Might Work · Here’s a recommendation for the people I know in the larger DoD community: Take the ball and run with it yourselves. Pull together a working group or equivalent and figure out what it is you need in a mobile device. Your best bet is to figure out how to layer what you need on a stock builds from Tier-1 builders, but if you have to have something custom-built, so be it.
I’d be totally unsurprised to see some incoming AOSP contributions from these folks before too long.