SAN FRANCISCO--Of all the multitudes of phones launching amid the grandeur of Barcelona this week, Motorola Solutions quietly broke champagne over one device from the back corner of a convention center here.
The Motorola AME 2000, originally announced a few weeks back, is not a phone for the average consumer. That makes sense, given that its public bow was at the RSA Conference 2013 this week, an annual confab of security nerds, experts, researchers, enterprise security vendors, and government representatives.
Motorola Solutions focuses on government and enterprise devices, and remains independent from the Google-owned Motorola Mobility. Its booth at RSA was not front and center, but in the last row up against the east wall of the show floor. The booth was barely wider than a lectern, and was more easily identified by its floor number -- 114 -- than by any Motorola Solutions signage.
Motorola Solutions representative Silvia Grabacki introduced the phone with a slight accent. Based on the Motorola Atrix HD, the security-enhanced AME 2000 -- which stands for Assured Mobile Environment -- has been stripped of all AT&T branding, she said.
Related stories:RSA sees 'big data' as key to corporate security (podcast)Why 'data breach' isn't a dirty word anymoreWhy the security industry never actually makes us secureResearcher to demo smartphone attack at RSAResearchers find flaw in key generation with popular cryptographyIt easily could run you $2,000, too. This is no off-the-shelf Android device, explained Gary Schluckbier, the senior director at Motorola who led the team that developed the souped-up device.
"We've enhanced the hardware along with management policies. It's several layers of security that are built from the ground up, all the way from the hardware through the stack," he said during a phone call from his office near Washington, D.C.
Not surprisingly, encryption plays a big part of the AME 2000's security appeal. "We utilize two layers of encryption instead of the one in a [standard] VPN. They operate in two different processors, the phone itself and in our hardware-encrypted chip," Schluckbier explained. Simple software app encryption, he said, is simply not enough protection for U.S. federal government use.
That hardware-encrypted chip is an unusual security feature that Motorola calls the CRYPTR micro. It looks like a microSD card, and it has the same form factor, but it's actually a hardware security module that provides tamper protection for tokens, keys, and certificates. It meets FIPS 140-2 Level 3 and National Security Administration Suite B encryption standards, and can perform high-assurance cryptographic operations.
The CRYPTR micro (on right) provides the phone with high-end encryption, including physical security mechanisms; a hardware-based random number generator for secure key creation; full NSA Suite B support; and FIPS 140-2 Level 3 validated for U.S. federal government uses.(Credit:Seth Rosenblatt/CNET)
Basically, if you're a high-security clearance government official, this is the kind of protection you want on your communications device. What makes the CRYPTR micro interesting is that implementing it makes upgrading an off-the-shelf device to U.S. federal government standards relatively cheap, obviating the expensive alternative of creating an entirely new gadget from scratch.
Another benefit of the AME 2000 is that it runs Android, which cuts down on having to create or teach users how to operate an entirely new operating system. The phone comes with several default app alternatives, including a secure dialer and a secure SMS app that use AES 256 and Suite B-level encryption. Like commercially available secure apps, these do require both the caller and the recipient to be using AME 2000 phones for the communications to be encrypted.
"We recommend that high security does not go to a low-security device," Schluckbier said dryly.
In the press release detailing the AME 2000, Motorola Solutions notes that the phone also implements security recommendations from the Security Enhanced Android project to harden the operating system against having its processes hijacked by malicious apps.
The AME 2000 can perform "normal" phone functions, but you can also choose to use voice or SMS over a secure connection.(Credit:Seth Rosenblatt/CNET)
So, how much is an AME 2000 going to set you back? And can private consumers even purchase one?
Schluckbier refused to cite a starting price point for the AME 2000. But he did provide some clues. "We don't normally sell them on a one-off basis," he added, which leaves the door open for sales to smaller businesses or even consumers.
That doesn't mean that they're going to be affordable for the vast majority of consumers, justifiably paranoid concerns about government eavesdropping notwithstanding. The cost of the phone, Schluckbier said, depends on how many phones are being bought by the purchasing organization. He did say that a starting price could be in the range of "two to two-and-half times" the cost of an unlocked phone, "although it totally depends on the kinds of security they have on the phones."
One buyer has already been lined up, and it may be the only buyer Motorola needs to make the AME 2000 a hit: the U.S. Department of Defense.
