Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Android Security Software United States Technology

Two Android Apps Used In Combat By US Troops Contained Severe Vulnerabilities (zdnet.com) 54

According to a Navy Inspector General report, U.S. military troops used two Android apps that contained severe vulnerabilities in live combat scenarios. "The two apps are named KILSWITCH (Kinetic Integrated Low-Cost Software Integrated Tactical Combat Handheld) and APASS (Android Precision Assault Strike Suite)," reports ZDNet. From the report: Both apps work by showing satellite imagery of surroundings, including objectives, mission goals, nearby enemy and friendly forces. The two apps work as a modern-day replacement for radios and paper maps and allow troops to use a real-time messaging client to coordinate with other military branches, and even call in air-strike support with a few simple screen taps, according to a DARPA press release and accompanying YouTube video. The apps have been under development since 2012 and starting 2015, they have been made generally available to all U.S. troops via a public app store managed by the National Geospatial-Intelligence Agency. But according to a Navy Inspector General report from March that was made public today, both apps contained vulnerabilities that could have allowed enemy forces access to troops' information.

The heavily redacted report doesn't detail the nature of the two vulnerabilities, but it does point out that the Navy had failed to control the distribution of these two applications, and later failed to act in warning troops of the danger they were in for almost a year. The report says that the two apps, KILSWITCH and APASS, were never meant or approved to be deployed in live combat zones. But the two apps, because of their flashy features and easier to use interface, became wildly popular among U.S. troops, but also other military branches, including foreign allied forces.

This discussion has been archived. No new comments can be posted.

Two Android Apps Used In Combat By US Troops Contained Severe Vulnerabilities

Comments Filter:
  • Who the hell uses cell phone gadget programs (apps) in a life-critical situation? And why are troops in combat carrying cell phones at all? Both are ridiculous security risks, cell phones shouldn't be allowed to be carried at all.

    • by AHuxley ( 892839 )
      From the user end?
      The average IQ of the new troops is at that level that they can only understand the "apps" and GUI they have used for years.
      One device lets US troops enjoy images, music and video clips too. Less battery packs and different tech to carry around.
      The amount of weight US troops have to carry is getting too much given new politically correct relaxed fitness levels.
      The new troops cant carry much so wight is saved by using one consumer GUI to do a lot more.
      Teaching a new US mil only GUI wa
  • by PPH ( 736903 ) on Thursday December 20, 2018 @10:40PM (#57840062)

    ... Angry Kurds.

    • by Anonymous Coward
      Be-jewed is quite popular too.
  • The NSA and GCHQ did not say this would be a bad idea as bad people use the "internet" looking for anything US "mil"?
    Want a new network for the US mil, build your own encrypted and secret network.
    Let the spies use the "internet".
    Don't let other nations spies and criminals find anything about your mil on the "internet".
  • by AndyKron ( 937105 ) on Thursday December 20, 2018 @11:27PM (#57840182)
    They get their software from a public app store? Do they get targeted ads during combat?
  • by Anonymous Coward
    Details are lacking, but I feel sure they are talking about Android devices being used on the secure military network, not on the public internet. If the secure battlefield network is penetrated, you're likely hosed anyway.
  • by Anonymous Coward

    Seems like the developers spent far more time coming up with cute acronyms for the app name than they did applying any military spec validation process. What was the DoD thinking signing off on these?

  • The solution being to encrypt the end-to-end communications channel.
    • by Anonymous Coward
      If they're accessing military satellite data, this isn't on the internet. It's on the very secure military secret network used for battlefield operations. So, yeh, solved.

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...