The Register® — Biting the hand that feeds IT

Feeds

Indian gov denied BlackBerry snoop

Subcontinental spooks blackballed by RIM

By Lewis Page, 27th May 2008
  • print
  • alert

Cloud storage: Lower cost and increase uptime

Research In Motion (RIM), the Canadian company behind the BlackBerry handheld, has refused to give the Indian government special access to its encrypted email services. Indian authorities have previously evinced concern that terrorists or criminals might use BlackBerries to communicate free from government interception.

According to the Times of India, the company said in a statement:

The BlackBerry security architecture for enterprise customers is purposefully designed to exclude the capability for RIM or any third party to read encrypted information under any circumstances. We regret any concern prompted by incorrect speculation or rumours and wish to assure customers that RIM is committed to continue serving security-conscious business in the Indian market.

Previous reports have suggested that the Indian government had sought only the ability to read information sent between consumer BlackBerry users, rather than enterprise platforms. There had been media talk of a "master key" to be given to Indian officials.

Regarding the assertion that third parties are completely unable to read BlackBerry messages, this contradicts the view taken by the French government. France recently banned the use of BlackBerries by its top officials. French security types had apparently noted that BlackBerry's secure traffic passed through servers in Britain and the US, and felt that there was at least some chance of interception by the likes of GCHQ and the NSA.

India currently has a little over 100,000 BlackBerry users. The security/intercept issue became public when Tata teleservices was asked to delay its BlackBerry launch date until the Indian Department of Telecoms had intercept methods in place. ®

SaaS data loss: The problem you didn’t know you had

COMMENTS

House Rules Send Corrections
All Reader Comments (14)
Latest Comments
David Pollard

@Steve

Quite: the logic was flawed and people didn't realise. A chum 'tested' my line before I had time to stop him. (Welcome to the club, mate.)

The example I gave was in support of @Daniel's scenario, above; from a time when telecomms equipment was rather less sophisticated.

A number of people (for some of whom prophylactic paranoia might have been beneficial if used appropriately) *did* indeed seem to think that a standard line test would show if their line was being tapped. Whether or not the potential results of the 'vogue', as I called it, were used I don't know. Nevertheless it would have been technically simple, at that time, to conduct a 'self-administered trawl', similar to that which @Daniel describes, from which a database of potential suspects could have easily been assembled.

0
0
Jethro

please, please, please rtfm

@ Anonymous Coward

Posted Tuesday 27th May 2008 13:31 GMT

"The BlackBerry security architecture for enterprise customers is purposefully designed to exclude the capability for RIM or any third party to read encrypted information under any circumstances"

So how do they process spam!."

BlackBerry's infrastructure for enterprise customers doesn't filter spam. Your getting confused between enterprise and RIM's other offerings. With enterprise the encryption secures traffic from the handset to the customers server not just to the relay (see: http://na.blackberry.com/eng/ataglance/security/bes_diag_large.jpg). The encryption for prosumer (internet customers) works from handset to relay. Beyond this security is specified by the integrated account (POP, IMAP or OWA).

This doesn't mean the RIM relay can't store enterprise encrypted messages it routes for later cracking although as stated you'd need some serious computing power (NSA style) and if these kind of boys are after you I'd probably be inclined to not send e-mail at all for sensitive communication.

Or for the paranoid what's to say the BES software doesn't automatically send a copy of users keys back to the relay so copies of encrypted messages can be decrypted stored and forwarded to your black helicopter agency of choice.

I refer all interested parties to:

http://na.blackberry.com/eng/ataglance/security/certifications.jsp

0
0
Steve

@David Pollard

Sounds like a BT test number. People think it can show if they're being tapped? That's more a reflection on what 'recreational substances' can do to your brain :)

0
0

More from The Register

1,000 O2 staff chose redundancy over Capita
Betrayal, or just decent terms?
48
breaking news
Pttow! Ofcom kicks hams out of MoD bands
Geet off my land, you, you ... 'secondary user'
30
breaking news
Now you can use your phone instead of your wallet at the ATM, too
Blimey, these little paper towels out of the vending machine are really expensive
47
breaking news
UK.gov's £530m bumpkin broadband rollout: 'Train crash waiting to happen'
Whitehall whispers of damning watchdog report next month
30
breaking news
Microsoft Office 365 on iPhone NOW: No, we're not making this up
Word, Excel, Powerpoint for your pocket-stroker
82
breaking news
MySpace zaps millions of teens' tearful rants, causes wave of angst
'Your crappy redesign SUCKS, I wanna read my blogs' screech users
53
Vodafone Oz launches '100 Mbps' 4G service
Nice speed if you can get it
7
Google launches broadband balloons, radio astronomy frets
A careless Loon could blind the square kilometre array
43
EU signs off on eCall emergency-phone-in-every-car plan
GPS and a mobe in every car - do you suppose the NSA would fancy that?
100
breaking news
Who's the daddy of Virgin Media now? That would be Liberty Global
$24bn ISP gobble completes
21