Why governments are afraid of BlackBerrys

Started by Simon, Aug 01, 2010, 22:11:34

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Simon

The encryption of data on BlackBerry smartphones has put RIM on a collision course with some of the world's more controlling Governments.

Earlier this week, the UAE telecoms authority said BlackBerrys worked "beyond the jurisdiction" of national laws because data is stored beyond the country's borders.

"As a result of how Blackberry data is managed and stored, in their current form, certain Blackberry applications allow people to misuse the service, causing serious social, judicial and national security repercussions," the authority stated, raising concerns the UAE would ban the device.

http://www.pcpro.co.uk/news/security/359890/why-governments-are-afraid-of-blackberrys
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

gizmo71

What a load of absolute and utter poppycock. How is that any different from storing data on a web server in another country using HTTPS? If they can monitor other mobile data traffic (which could be HTTPS to another country) how is the BlackBerry any dfferent?
SimRacing.org.uk Director General | Team Shark Online Racing - on the podium since 1993
Up the Mariners!

Simon

The technicalities are over my head, but would it be the fact that BlackBerry phones encrypt data that's the alleged issue?
Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

pctech

Here is the problem.

If you look at a BlackBerry device it will have two data profiles, the standard one with details of an Access Point server on your mobile network that gives you web access and the other for an Access Point on Research In Moton's own network.

As far as I know they have servers in the UK and Canada so if you are in the UK you'll probably connect to the UK one but if you are elsewhere it'll be the Canadian one.

So your mail is encrypted on the device and sent over the radio network and then routed over one of your network's Internet connections.

At some point it then gets handed off to RIM's own backbone and then onto their server, if you have BlackBerry enterprise server on a corporate network it'll get forwarded to that but if you are just an individual sending to a normal mail account it will connect to the appropriate account and then send.

Now RIM say that even they cannot break the encryption used and were previously asked for the encryption keys by the Indian government but they refused.

Now I'm sure if they needed to the Canadian or UK governments could simply storm the data centres and the service would halt but because there are no RIM DCs in the UAE they cannot.

Also, like China, residents in those regions are subject to strict Internet filtering policies and irrespective of which of the two ISPs you use all traffic goes through a government controlled proxy that filters out what the government considers to be objectionable content and also stops you using VoIP or indeed any audio conferencing software.


gizmo71

Quote from: pctech on Aug 02, 2010, 03:10:19
So your mail is encrypted on the device and sent over the radio network and then routed over one of your network's Internet connections.

Yep, exactly the same as would happen if I used a 'normal web-phone' and logged onto my Yahoo!!!!!!!!! Mail account over HTTPS. The encryption is done on the browser (on the phone) and the only way to prevent it would be to prevent access to the server on an IP address basis. I don't see what's so different about the BlackBerry.
SimRacing.org.uk Director General | Team Shark Online Racing - on the podium since 1993
Up the Mariners!

Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Simon

Simon.
--
This post reflects my own views, opinions and experience, not those of IDNet.

pctech

Quote from: gizmo71 on Aug 02, 2010, 07:32:54
Yep, exactly the same as would happen if I used a 'normal web-phone' and logged onto my Yahoo!!!!!!!!! Mail account over HTTPS. The encryption is done on the browser (on the phone) and the only way to prevent it would be to prevent access to the server on an IP address basis. I don't see what's so different about the BlackBerry.

If one of these regimes shouted loudly enough Yahoo would roll over and allow server access whereas RIM have always told governments to take a walk.

It would seem the controls have recently been tightened somewhat.



Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

pctech

Pass but if it does it probably won't be for long now.

I expect it'll backfire because people won't want to do business in Dubai anymore as I bet the multi-billionaire business magnates will be up in arms about this.


Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

pctech

Yes

As part of my job I support an audio conferencing system and it just won't work in any of the Gulf states.

We tried disabling firewalls, AV and everything and then it became clear it was beyond the user's machine so I started looking into the regulatory structure long before it was discussed on any TV programmes and they ban any kind of audio conferencing or Skype to protect the income of the local state owneed telco which charges a fortune for international calls.

I bet BT is very jealous.


gizmo71

Quote from: pctech on Aug 02, 2010, 13:19:50
protect the income of the local state owneed telco which charges a fortune for international calls.

Not to mention pay for the vast army of spooks who sit listening for subversive phone calls to western imperialist heathens.
SimRacing.org.uk Director General | Team Shark Online Racing - on the podium since 1993
Up the Mariners!

pctech

Yep.

I would never want to visit or live in places such as that but then again our previous administration was looking at introducing similar measures at one point I seem to remember.


Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

pctech

My feelings on the subject are mixed as while I'm all for throwing every piece of technology at breaking up paedophile rings who do not have a place in society or on the Internet I am aware that such technology can also be abused for other purposes.


Technical Ben

Time to get a satellite phone for when your on holiday then?
Could you not just cheat and use a proxy?
On topic though, I thought the problem was, that those in the data centres could read your emails?  :dunno:
A friend use to joke about how he could read peoples Vodafone messages at work. Suffice to say his girlfriend did not get a phone with that company just in case. :D
I use to have a signature, then it all changed to chip and pin.

Glenn

RIM have just signed an agreement with India to give them access to the data.

http://www.theregister.co.uk/2010/08/03/rim_india_kuwait/
Glenn
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

Rik

Interesting move. Do we know what their deal with the UK is?
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

pctech

They have a site in the UK so I suspect they struck a deal with the UK Government.


Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

pctech


pctech


Rik

Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.