[Updated] Air Force Special Operations Command using Russian encryption software on made-in-China iPADs

Even if they might be called to face Chinese and Russia almost everywhere between Middle East and Asia (or even perform missions inside China or Russia in a less likely WWIII scenario), the Air Force Special Operations Command (AFSOC) planes will fly those special operations relying on products developed and sold by some of more dangerous U.S. adversaries.

In fact, the AFSOC in January decided to buy about 2,800 made-in-China Apple iPAD2 tablets to transition from printed documents to electronic devices capable of maintaining and updating the required publications. In other words, instead of using cumbersome booklets difficult to update, flight crews will be able to browse through hundreds navigation and approach charts, and technical manuals in PDF format.

Unfortunately, even if the use of iPADs offers a cost-effective solution to deliver documents and updates in a near-instantaneous standardized manner, the software that will have to secure the data inside the device “even if the device gets lost or stole” is developed and updated in Russia.

According to a Nextgov article by Bob Brewin, GoodReader is a Russian software that supports most common document file formats and also allows the user to view and save web pages, and download, listen to or view photos, audio and videos. But, above all, it can also encrypt files using Apple data protection APIs that will continue to protect the files “even if an attacker jailbreaks your device and uses various hacking techniques to access encrypted files.”

So, after the concerns about the integrity of the iPAD’s hardware supply chain in China, now someone is complaining that special ops crews will soon have to rely on Russian-developed encryption software.

Most probably the source code will be inspected and tested to ensure that it does not contain malicious code.

However not only malware built in the software can be used against AFSOC planes using: what if a licit update operation is used to inject wrong data in the navigation charts used by the U.S. aircrews? In certain conditions, a wrong airport elevation or a lower MEA (Minimum Enroute Altitude) could jeopardise the safety of the flight even if the crew can rely on many other navigation instruments working properly. And what about a Zero-Day attack launched to exploit an unknown vulnerability of the software?

Having said that, the risk of wrong data injection (in this case for human error) or of software glitch exposing the device to hackers attacks also affect domestic software.

Update Feb. 21, 2012 13.50GMT

Looks like the AFSOC has canceled its planned purchase of iPAD2 tablets. Security concerns behind this choice?

About David Cenciotti
David Cenciotti is a journalist based in Rome, Italy. He is the Founder and Editor of “The Aviationist”, one of the world’s most famous and read military aviation blogs. Since 1996, he has written for major worldwide magazines, including Air Forces Monthly, Combat Aircraft, and many others, covering aviation, defense, war, industry, intelligence, crime and cyberwar. He has reported from the U.S., Europe, Australia and Syria, and flown several combat planes with different air forces. He is a former 2nd Lt. of the Italian Air Force, a private pilot and a graduate in Computer Engineering. He has written five books and contributed to many more ones.


  1. Apple has several mechanisms in place to prevent a malicious software update, the most important of which is a signing check that occurs between the tablet and their servers when an update is downloaded. It’s almost impossible to load a completely bogus software update.

    • Thanks Sam.
      Malicious code built in the software would be easily detected. IMO it’s much more difficult to detect a licit input of wrong data.
      Anyway, such concerns apply to each program used on board not developed by domestic companies…

  2. Slightly on-topic:
    The Royal Netherlands Airforce is using iPads for quite some time in their F-16’s above Afghanistan.

    According to this article (http://translate.google.nl/translate?sl=nl&tl=en&js=n&prev=_t&hl=nl&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fwww.ipadclub.nl%2F21160%2Fnederlandse-luchtmacht-en-klm-gebruiken-ook-ipad-in-vliegtuigen%2F) they use special maps on the iPad as an additional navigation tool.

    This is especially useful in the event the fighter pilot is being sent to an area of which the pilot don’t have a paper map of in his/her cockpit.

    Unfortunately the article doesn’t state which app is being used on the iPads of the RNLAF.

  3. GoodReader would not be used for approach plates…the NGA has developed an app, as has Jeppesen for that purpose, which is far more efficient at recalling the data and much more manageable–these are not PDFs. The AF has an app approval process whereby additional evaluations are made on top of what Apple levy’s or any other non-iOS app store for that matter.

    Additionally, the devices will be locked down, non-configurable by the aircrew and monitored with an AF provided MDM solution as well as a MRM solution which is FIPS 140-2 certified.

    By the way, aircrew currently carry the data on unencrypted, non-password protected DVDs, so IF the data was even worth protection what’s more at risk at being compromised a DVD or an iPad with a PIN code, that can be remotely wiped if lost? Even without the MDM or MRM solution some people are forgetting that the iPad itself is natively AES 256-bit encrypted…overkill for housing unclassified data.

Comments are closed.