• duncesplayed@lemmy.one
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      edit-2
      7 months ago

      Why the quotes?

      If you ever see quotation marks in a headline, it simply means they’re attributing the word/phrase to a particular source. In this case, they’re saying that the word “security” was used verbatim in the intranet document. Scare quotes are never used in journalism, so they’re not implying anything by putting the word in quotation marks. They’re simply saying that they’re not paraphrasing.

    • bloodfart@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      7 months ago

      Their security concern is that iPhones won’t let a third party app take control of phone capabilities at a very low level. They want to use an in-house app to stop people from recording audio or video based I assume from the article on geofencing.

      The way you’d do that with iPhones is most likely through mdm.

      It’s not that iPhones aren’t secure, it’s that the rok military can’t control them with its spyware.

      Reading between the lines, it’s not like no one knows that. It’s a good opportunity to gently suggest people working in high security positions (who make higher grade salaries on average!) ditch their iPhones for Samsung models. No need to run a mdm shop and you juice a national company.

      • onlinepersona@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        7 months ago

        It’s not that iPhones aren’t secure, it’s that the rok military can’t control them with its spyware.

        How is MDM not classified as spyware when the military wants to have the same or deeper level of control?

        Reading between the lines, it’s not like no one knows that. It’s a good opportunity to gently suggest people working in high security positions (who make higher grade salaries on average!) ditch their iPhones for Samsung models. No need to run a mdm shop and you juice a national company.

        Well, it makes sense, doesn’t it? Relying on closed source stuff from other nations, especially nations known for spying (after Snowden there’s no denying that), isn’t exactly secure.

        Anti Commercial-AI license

        • bloodfart@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          7 months ago

          I guess a person could claim mdm is spyware, but by extension group policy and maybe even selinux would fall in the same category.

          It’s worth keeping in mind that the distinction is made in comparison to actual software separate from the os that is being used to keep tabs on the device location and gate access to hardware. Possibly one of the most literal types of spyware I’ve ever seen.

          We should also recognize that Samsung isn’t shipping fully open stock roms and the open or closed source nature of software coming from a company headquartered in an ally’s territory doesn’t matter near as much as their military presence on rok soil.

  • Xatolos@reddthat.com
    link
    fedilink
    arrow-up
    14
    arrow-down
    2
    ·
    7 months ago

    Seems everyone jumped to conclusions about this article.

    Yes, iPhones are blocked because they lack security. This is military, so they aren’t worried about basic malware. They are worried about government level security issues (Pegasus, etc…). And let’s be blunt, on this level, Apple keeps showing that they lack security in the real world situations. Yet the latest of a long list of iPhones being targeted and hacked.

    Now, where people seem to be badly jumping to conclusions is that the article points out that “many” devices will be banned, so no, I doubt the latest Samsung Galaxy phone will be allowed. They are most likely going to require people use a Samsung Tactical Edition smartphone. These are designed for military usage and prevent phones from being secretly turned on for recording private conversations by hacks like Pegasus. These phones have been around for a few years now, and have likely been thoroughly tested and approved now.

    This isn’t some knee-jerk patriotic requirement, but a real understanding of what is and isn’t a secure device, combined with the fact that Korea has to deal with a more and more aggressive China. They need real security for real world military.

  • bloodfart@lemmy.ml
    link
    fedilink
    arrow-up
    9
    ·
    7 months ago

    SEOUL - South Korea’s military is considering a comprehensive ban on iPhones in military buildings due to increasing concerns about possible leaks of sensitive information through voice recordings, according to multiple sources on April 23.

    The sources, a group of ranking officers who wished to speak on condition of anonymity, said that the Air Force headquarters released an internal announcement on the military’s intranet server on April 11, instructing a complete prohibition on any device capable of voice recording and which does not permit third-party apps to control inherent functions, effective June 1, with iPhones cited as items subject to the ban.

    According to the document, the decision to ban iPhones in the military came from joint meetings held by the headquarters of the army, navy and air force, located at Gyeryongdae in South Chungcheong province.

    The document was quoted as stating: “It’s inevitable to block any kind of voice recording, not just formal communications including meetings, office conversations, business announcements and complaints from and consultations with the public, but also informal communications such as private phone calls (within military buildings).”

    According to the document, “there has been an ongoing review regarding the potential extension of this ban to all subordinate units”, with the army headquarters having conducted a trial of the ban since April. If the ban is extended, it will likely go beyond the Gyeryongdae area to include all other units across the nation.

    The devices set to be prohibited include all types of smartwatches and wearable devices as well.

    Currently, about 10,000 personnel, including some 6,000 officers, are estimated to be on duty at the Gyeryongdae defence centre alone. For security reasons, the exact number is not disclosed to the public.

    The specific type of security threat they’re talking about is the threat of “our in-house software can’t control iphones”.

    I may be misremembering, but under ios I think that goal is accomplished with mdm instead of an app?

  • kingthrillgore@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    7 months ago

    I mean even the President doesn’t use an iPhone, he probably still uses one of those General Dynamics bricks.

  • Lysergid@lemmy.ml
    link
    fedilink
    arrow-up
    5
    arrow-down
    27
    ·
    7 months ago

    Lol. Android phones definitely have no security concerns. Any internet/Bluetooth capable device can be potentially compromised. Just use Nokia 3310

    • UraniumBlazer@lemm.ee
      link
      fedilink
      English
      arrow-up
      16
      arrow-down
      1
      ·
      7 months ago

      They do have security/privacy concerns if you have google installed. However, with vanilla AOSP and vetted applications whose source code can be screened, you have a much much secure device than IPhones.

      • Lysergid@lemmy.ml
        link
        fedilink
        arrow-up
        2
        arrow-down
        8
        ·
        7 months ago

        I’ll tell it again. You’ll have security concerns on any Internet/Bluetooth capable device. There is no software without vulnerabilities. There is software in which vulnerabilities were not found, yet. Also, the biggest attack vector is human

        • UraniumBlazer@lemm.ee
          link
          fedilink
          English
          arrow-up
          8
          ·
          7 months ago

          What? Sure, no software is completely hacker proof. But u can have more and less secure devices.

          That being said, the rest of ur comment just looks like a word salad to me.

        • istanbullu@lemmy.ml
          link
          fedilink
          arrow-up
          4
          ·
          7 months ago

          this is not an argument for apple’s closed source ecosystem. at least you can improve android. you can’t imrpove apple.

    • bitfucker@programming.dev
      link
      fedilink
      arrow-up
      13
      ·
      7 months ago

      Korea has the capabilities to make an android phone (Samsung). I’m pretty sure they can make Android with vetted source code and hardware. iPhone is just trust me bro™

      • Lysergid@lemmy.ml
        link
        fedilink
        arrow-up
        3
        arrow-down
        8
        ·
        7 months ago

        Any software is “trust me bro” or you personally read through all source code of all software you are using? Question is can you make accountable bunch of folks from github or legal entity?

        • bitfucker@programming.dev
          link
          fedilink
          arrow-up
          9
          arrow-down
          1
          ·
          7 months ago

          No, I do not since I am an individual which has no need for such high security/trust. A military of a certain nation certainly could (and probably should tbh). But I could if I wanted to, and I can’t say the same for iOS. The difference with open source is that I can choose if I trust them or see it for myself instead.

        • istanbullu@lemmy.ml
          link
          fedilink
          arrow-up
          6
          ·
          7 months ago

          Korea can ask Samsung, a local company, to make a secure phone. No need to open the doors to American spies.

      • Lysergid@lemmy.ml
        link
        fedilink
        arrow-up
        2
        arrow-down
        2
        ·
        7 months ago

        I don’t know. Maybe read article. It says „Korean military”. According to them stock Android with 3rd party security app is acceptable and has no security concerns. Article itself highlights that 3rd party security apps are inferior and security holes in Android OS are basically neglected by Korean military since they will be addressed in updates at some point.

        OS does not matter when approach to security so superficial. Judging by this article Korean military has less robust security practices than some banks.

        Everyone here talking about some hypothetical Android based custom OS built for Korean military which does not exist and it is not what Korean military doing. They are allowing stock Android OS with „security app”. Not surprised they are not building custom OS because it is economically idiotic idea. You need army of cyber security experts familiar with Android OS architecture that will review whole OS code and customize for military. Then you need to pen-test it and keep on doing it on each upstream OS update or fork it and maintain internally. Which is another can of worms coz you’ll need to make sure internal fork works fine with up-to-date versions of apps. Otherwise you just have dumb smartphone with higher risk of vulnerabilities in outdated apps. At this point as I said, just force sensitive staff to use dumb phone or internal landline.

        And don’t tell me “but Samsung is Korean they can do it for Korean military”. It doesn’t not change the fact that it will cost astronomical amount of money and time. Can Samsung do it? Probably yes. Will Korean military be able to offer enough money to probably the only local company that can do it which also has revenue of approx. 20% of Korea’s GDP. I doubt.

        • Xatolos@reddthat.com
          link
          fedilink
          arrow-up
          4
          ·
          7 months ago

          You mean the Samsung “Tactical Edition” smartphones?

          They’ve been around for years. They were originally built for the Korean military. And it didn’t cost them an “astronomical” amount of money.

    • istanbullu@lemmy.ml
      link
      fedilink
      arrow-up
      7
      arrow-down
      1
      ·
      7 months ago

      Android can be modified to be more secure. You can’t do that with Apple stuff.