ÜberTech


Should the U.S. Air Force Kill a 21,000 iPad Deployment Over a PDF Reader?

Should the U.S. Air Force Kill a 21,000 iPad Deployment Over a PDF Reader?

Summary: The Cold War ain't over.The U.S. Air Force Special Operations Command has cancelled a planned deployment of nearly 3,000 iPad2 tablets after a magazine raised questions about its planned use of a popular Russian PDF reader software.

SHARE:
TOPICS: ÜberTech, iPad, Mobility
5

The Cold War ain't over.

The U.S. Air Force Special Operations Command has cancelled a planned deployment of nearly 3,000 iPad2 tablets after a magazine raised questions about its planned use of a popular Russian PDF reader software. That appears to put at risk another broader deployment of up to 18,000 iPads by the Air Force that would've relied on the same software.

Widely considered the best mobile PDF reader around, GoodReader - not to be confused with the mobile device management software made by Good Technology - is popular with consumers as well as businesses, schools and others doing large-scale iPad deployments. This includes airlines such as Alaska Airlines and Delta Airlines that plan to use GoodReader+iPad as "electronic flight bags" to replace bulky, non-searchable paper charts and manuals.

GoodReader has one feature widely desired by those with security needs: the ability to read files that are protected by encryption. It's one reason why the Pentagon is using GoodReader for its iPad test deployments.

The hangup, of course, is that GoodReader is made by a Moscow-based firm, Good.iware and its Russian chief developer, Yuri Selukoff.

Past and present military officials interviewed by NextGov "question why AFSOC, which operates a fleet of specialized gunships and surveillance aircraft, would allow its pilots to rely on software developed in Russia. They also questioned the command's vetting process for Good.iWare, which one active-duty official pointed out has a website that lacks basic contact information."

"I would not use encryption software developed in Russia ," said Michael McCarthy, director of the U.S. Army's smartphone project, Connecting Soldiers to Digital Applications. "I don't want to put users at risk." McCarthy said he was concerned about the integrity of the supply chain with GoodReader.

"Ha, someone's still living in 1970, aren't they?" GoodReader's Selukoff replied to an e-mail from NextGov when asked about security concerns. When asked potential for malicious code in GoodReader, Selukoff replied, "What is this offensive and insulting assumption based on? Are there any actual facts or complaints that such thing has ever happened?"

"I am not affiliated with any government institution, neither Russian, nor any other," he added. "GoodReader doesn't have any malicious code built into it. Having said that, I am open to any security/penetration tests that anyone would be willing to perform on the app."

Don't touch my Source Code, Bro

While there's no word yet, I have to believe that the separate Air Force iPad deployment, which would've used GoodReader as a document reader for cargo plane pilots for up to 18,000 iPads, is also in big danger of outright cancellation, too.

Here's what I think: I actually agree that GoodReader, as it would've been deployed, would've created a potential security risk. But I think that is true of every mobile app that the Air Force would've deployed. Supply chains are global. Development is outsourced or done by a rotating cast of young guns. Popular Web stores are attacked or probed hundreds of times a day by hackers. The net net is that an app can be compromised any of a hundred ways these days.

But I don't think the Air Force needs to do as retired Air Force brigadier general Bernie Skoch suggested to NextGov, which is to scan every line of source code of every mission-critical app to make sure there is nothing malicious. That's laborious, especially if you want to scan every update.

So what are the solutions? Well, if this is mainly a political/appearance issue, then the Air Force could go with one of the many excellent non-Russian-made choices such as PDFexpert or PDF Reader Pro.

If it wants to stick with an encryption-capable reader, choose instead Adobe Reader, which was released for iOS last fall. Adobe Reader not only supports 256-bit AES encryption but, unlike the $4.99 GoodReader, is free.

And if the Air Force is really serious about security, it could also install strong anti-malware software and Mobile Device Management (MDM) software like Afaria on its iPads. The latest MDM software can remotely lock and wipe lost tablets, encrypt data in motion and at rest, force the use and renewal of strong passwords, oversee software updates and patches, and other features. These would all create an extra layer of protection at a deep, hooked-into-the-iOS level.

Bottom line: Let's not throw the baby out with the bath water. There are many better steps that the Air Force can explore rather than bowing to paranoia and political pressure and squashing these iPad deployments altogether.

Topics: ÜberTech, iPad, Mobility

Eric Lai

About Eric Lai

I have tracked technology for more than 15 years, as an award-winning journalist and now as in-house thought leader on the mobile enterprise for SAP. Follow me here at ÜberMobile as well as my even less-filtered musings on Twitter @ericylai

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • Yes, and iPad has many other limitations, too

    iPad is always a bad choice. It's much more expensive than a Windows netbook or laptop, and offers much less functionality and features.

    Unlike some organisations, fortunately the military has checks in place to prevent executives trying to be "down with the kids" making foolish decisions.
    Tim Acheson
  • RE: Should the U.S. Air Force Kill a 21,000 iPad Deployment Over a PDF Reader?

    Yes they should...If the Air Force waits a little longer they can get a full on PC in tablet form and use real software written in the US. This would be more patriotic and keep that money in the US.
    javajolt
    • RE: Should the U.S. Air Force Kill a 21,000 iPad Deployment Over a PDF Reader?

      @javajolt

      So you believe that Windows 8 tablets will be made in the US?
      gribittmep
  • RE: Should the U.S. Air Force Kill a 21,000 iPad Deployment Over a PDF Reader?

    @javajolt Or how about a compromise and having the Air Force hire U.S.-based, in-house developers to custom-write an PDF reader for iPad? Make it encryption-capable, and add other proprietary features that would be useful for its pilots. The Air Force would've spent at least six figures to license GoodReader as it was, anyway.
    ericylai@...
  • YES - the U.S. Air Force SHOULD KILL A 21,000 iPad Deployment!

    Of course they should kill it. These are my tax dollars by the way, and I don't think they should waste money on something that won't profit us here in the US. As a taxpayer, I want to see our money spent on a product that will do exactly what they want it to do and need it to do, without risking our security any more than it already is. I know all the "Apple Fans" want to see it go through, but they just have face the fact that the iPad is not the answer to all of life's challenges. Also, I disagree with the writer's bottom line - in this day and age of all kinds of wars going on, it's not "bowing to paranoia and political pressure" to cancel the Apple order, it's called wisdom - something this writer has very little of. Why should we bow to Apple and buy all of their products and waste tax payers dollars? My taxes are high enough and I don't appreciate the government spending it on stupid, non-productive items like the iPad. Get serious! I'm glad they cancelled it!
    Gadget Girl