1. pkcable's Avatar
    Folks,

    Just got my May issue of GCN, or Government Computer News, and they have a nice review of Tablets for government use. Here's the PlayBook section, they rate the Playbook ahead of the ipad, BTW....

    The GCN Lab reviews 9 of the top tablet computers for government -- Government Computer News

    Tiny RIM offers big performance

    The Research in Motion BlackBerry PlayBook has always marched to a slightly different tune than most tablets. When it first came out, a lot of native applications were left off the unit by design. Getting to your contacts and e-mail required you to pair or “bridge” the PlayBook to a BlackBerry phone. The advantage for a government user was that no data was kept on the PlayBook itself. When it got more than 15 feet from a phone, the range of the Bluetooth connection, it literally became a blank slate.

    However, this did not sit well with consumers outside of government, and quite a few people inside too, who saw it as a way to get people to use all RIM equipment. The backlash was big enough that RIM recently dropped the original design ideas and pushed out the free 2.0 version of their operating system, whose main function was to bring things such as contacts and e-mail tasks back onto the PlayBook without requiring any pairing with a BlackBerry phone.

    --------------------------------------------------------------------------------

    Research in Motion BlackBerry PlayBook

    Performance: A
    Features: B+
    Ease of Use: B+
    Value: A+
    Government Suitability: A-
    Price: $199 for 16G model tested, $299 for a 64G model
    Pros: Good performance; great battery life.
    Cons: Smaller screen than most tablets; no hardware security to protect data.

    Related coverage:

    Avoiding the strategy of going mobile for mobility’s sake



    --------------------------------------------------------------------------------

    However, because the device was not originally designed to hold secure data, the new OS really treats protecting confidential data as an afterthought, and there is no biometric senor or encryption chip in the hardware.

    We think the move to the 2.0 OS is a smart play for RIM overall in marketing its tablet to those outside the circle of BlackBerry phone users. But within the government community, it makes the PlayBook a little bit less suitable because of its lack of hardware-based security to protect all the new data.

    That said, we really loved the new messaging center. From one pane, you can tie in all your e-mail and social networking accounts. It’s as if your Yahoo, Gmail, Facebook and LinkedIn mail turns into one big e-mail server. You can then choose which of these individual e-mails you want to have synced to your PlayBook and keep your business and personal e-mails separate. And there are also calendar and contacts natively on the PlayBook now. You still can’t quite do as much with it as you can with some other tablets, especially those running full versions of Windows, but we’d be surprised if you couldn’t find an application to fit any given need.

    The 7-inch LCD has a native resolution of 1024 by 600. And it looks amazing, better than almost every tablet in the review other than the new iPad. And the smaller screen translates into weight savings too, with the entire unit coming in at .9 pounds, barely heavier than a wallet.

    Perhaps partially because the unit is small, the battery life is extraordinary. It was able to run a movie on the screen in a loop for six hours and 49 minutes. Normal use would of course get you even more time with your tablet, but almost seven hours is impressive when constantly working.

    In terms of ease of use, the PlayBook is a bit harder to get used to than others. The OS relies on a lot of finger swiping back and forth across the screen, and it’s sometimes a little confusing to figure out whether you’ve actually closed or just paused a program. Also, the smaller screen is a bit of a disadvantage here, too, because you just can’t fit as much information onto a display that size, which is notable given that the touchscreen is the heart of any tablet.

    The PlayBook excels in value to A+ levels. A 16G model can be found for only $199, and you only pay $299 for a 64G unit. That’s a good value any way you look at it.

    The PlayBook with the new 2.0 operating system is a perfect tablet for anyone who needs functionality on the road but doesn’t want to lug around a full-size tablet. For that, it’s a good choice, and a BlackBerry phone is no longer required. The great price is just icing on the cake. — John Breeden II

    Source: GCN (The GCN Lab reviews 9 of the top tablet computers for government -- Government Computer News)
    05-22-12 09:15 AM
  2. bbaleno's Avatar
    "However, because the device was not originally designed to hold secure data, the new OS really treats protecting confidential data as an afterthought"

    Um NO!. it has always had security. this guy even though its a positive review is clueless.

    He thinks the native apps were and add on after the fact. when in reality they were working on them, but they wern't ready for prime time yet.
    05-22-12 09:29 AM
  3. Sith_Apprentice's Avatar
    Well RIMs biggest customer, the FedGov/DoD is unable to use the tablets because it doesnt support CAC authentication. Security was an afterthought in that case, and I believe that is what the author is referencing (among others) with the physical hardware security.
    05-22-12 09:56 AM
  4. bbaleno's Avatar
    I though they just allowed the playbook to be used in the government. did they have to do something to make that happen. what other tablets support CAC authentication. I had to look CAC authentication.
    05-22-12 10:02 AM
  5. Sith_Apprentice's Avatar
    The Playbook is allowed in DoD only via Bridge, and on OS 1.x. OS 2.x and Fusion are not yet approved.
    05-22-12 10:39 AM
  6. kill_9's Avatar
    I though they just allowed the playbook to be used in the government. did they have to do something to make that happen. what other tablets support CAC authentication. I had to look CAC authentication.
    The US Government has already approved the BlackBerry PlayBook. However, the lack of CAC authentication on the tablet is a red herring if government workers are mandated to only store sensitive data on the microSD card of the smartphone and allow acces only via BlackBerry Bridge. With the cryptographic software module already on the tablet it should be easy enough to add a TrueCrypt-like encrypted storage container within the existing file system.
    05-22-12 11:01 AM
  7. lnichols's Avatar
    Well RIMs biggest customer, the FedGov/DoD is unable to use the tablets because it doesnt support CAC authentication. Security was an afterthought in that case, and I believe that is what the author is referencing (among others) with the physical hardware security.
    They have a FIPS approved BlueTooth smart card reader that they could make talk to the Playbook. The whole premise that security is an afterthought because it doesn't have a dedicated encryption chip is just wrong. It has a FIPS approved cryptographic kernel which can encrypt data using the built in processor.
    05-22-12 02:29 PM
  8. Sith_Apprentice's Avatar
    They have a FIPS approved BlueTooth smart card reader that they could make talk to the Playbook. The whole premise that security is an afterthought because it doesn't have a dedicated encryption chip is just wrong. It has a FIPS approved cryptographic kernel which can encrypt data using the built in processor.
    RIM has been asked for this feature for OVER a year now. They always say it is coming. It hasn't yet. It was supposed to be in 2.0.1 but was not released with the OS update. 2.1 is not looking promising either.
    05-23-12 08:29 AM
  9. lnichols's Avatar
    RIM has been asked for this feature for OVER a year now. They always say it is coming. It hasn't yet. It was supposed to be in 2.0.1 but was not released with the OS update. 2.1 is not looking promising either.
    Yeah unfortunately I think a lot of things are low on the priority list because they have moved everything to getting BB10 out the door, or maybe this will be part of BBM because it is part of the current BBOS phones capabilities. I mean they still haven't even gotten the bookmarks to where you can move them around in the browser yet which people have been wanting since day one of release. I think/hope this is because the browser in 10 will finally ditch the crappy Air and go Cascades. RIM is definitely taking way too much time getting BB10 to market, and getting Playbook done IMHO. BB10 needs to be able to do everything BBOS could do out of the gate, and more, including the security side and peripherals.
    kbz1960 likes this.
    05-23-12 09:37 AM
  10. kraski's Avatar
    I though they just allowed the playbook to be used in the government. did they have to do something to make that happen. what other tablets support CAC authentication. I had to look CAC authentication.
    What's allowed in the FBI is not necessarily allowed in the DoD, which is not necessarily allowed in the CIA, which is not necessarily allowed.... You get the point. There are lots of government fiefdoms and what is approved for one doesn't guarantee approval for another.
    05-23-12 10:25 AM
  11. samab's Avatar
    Well RIMs biggest customer, the FedGov/DoD is unable to use the tablets because it doesnt support CAC authentication. Security was an afterthought in that case, and I believe that is what the author is referencing (among others) with the physical hardware security.
    RIM is putting too much forethought into security and making a lot of delays --- which leads to outsiders to conclude security is an afterthought.

    As for the lack of TPM chip, no ARM-based tablets have TPM chips because ARM has been trying to use hypervisor with trustzone to boot up a second OS ---a secured OS kernel that is certified. That's how android does with mobile payments and netflix --- they use a hypervisor with trustzone to boot up a second OS that locks up certain piece of hardware (while you punch in the PIN code for your mobile payment or while you watch a netflix movie).

    The term used by ARM for the second secure os is “trusted execution environment”.

    Rival Smart Card Companies Plan JV to Jump-Start ARM 'TrustZone' Products | NFC Times – Near Field Communication and all contactless technology.

    What RIM wants to do is --- architectural purity --- and that is causing big big delays. QNX is already a certified secure kernel and there is no need to use trustzone to jump to a second OS.

    Can hypervisors Stand the Test of Real Time? | Articles | ECN Magazine

    Too much forethought into architectural purity --- one OS, zero hypervisor and not using trustzone --- that is causing all kinds of delays.
    05-23-12 11:08 AM
  12. Stewartj1's Avatar
    Thanks OP, this is a really interesting thread.
    05-23-12 01:38 PM
  13. Sith_Apprentice's Avatar
    RIM is putting too much forethought into security and making a lot of delays --- which leads to outsiders to conclude security is an afterthought.

    As for the lack of TPM chip, no ARM-based tablets have TPM chips because ARM has been trying to use hypervisor with trustzone to boot up a second OS ---a secured OS kernel that is certified. That's how android does with mobile payments and netflix --- they use a hypervisor with trustzone to boot up a second OS that locks up certain piece of hardware (while you punch in the PIN code for your mobile payment or while you watch a netflix movie).

    The term used by ARM for the second secure os is “trusted execution environment”.

    Rival Smart Card Companies Plan JV to Jump-Start ARM 'TrustZone' Products | NFC Times – Near Field Communication and all contactless technology.

    What RIM wants to do is --- architectural purity --- and that is causing big big delays. QNX is already a certified secure kernel and there is no need to use trustzone to jump to a second OS.

    Can hypervisors Stand the Test of Real Time? | Articles | ECN Magazine

    Too much forethought into architectural purity --- one OS, zero hypervisor and not using trustzone --- that is causing all kinds of delays.
    The issue with this is that the on board chip would not be able to be used as single point. Mobile devices are not allowed in many areas within the DoD and the DoD CAC is used for entry into those areas, as well as access to systems. Having an on device authentication AND a CAC and having to synchronize certificates etc is difficult.

    A separate device, capable of secure communication to a host that reads the same card would be ideal. I beta tested the Giesecke & Devrient microSD cards prior to their release. It was a great concept, having a secure card like that where certs can be written but it wasnt practical for manageability. The same would go for an on board chip IMO. I dont want users to have to sync their devices to a PC to write to the on board memory for certificates. And what happens if they lock their device by incorrect PIN attempts? Now they are locked out of it completely or worse, they have 3 attempts before the secure area is wiped.
    05-23-12 01:47 PM
  14. samab's Avatar
    These difficulties are the reasons why RIM decided that the first thing NFC would be doing is opening doors to physical buildings --- which was immediately being laughed at by internet bloggers.

    The geek in Mike Lazaridis wanted architectural purity and the pieces he bought can do that. The problem is that RIM went on to make other disastrous choices --- like not buying TAT at the same time as QNX (so RIM has to do UI twice), not killing java earlier (so RIM has to do "native email" three times, once in the aborted java player, the second time in AIR and then the third time in native codes).

    RIM is in a situation where they can't license from existing players because all the existing solutions are hypervisor+trustzone (which are already been certified). So now RIM has to write all the codes themselves and then having them certified.
    05-23-12 02:30 PM
LINK TO POST COPIED TO CLIPBOARD