Feeds

Clinton barrels in to BlackBerry brouhaha

As Lebanon considers its options

Security for virtualized datacentres

US Secretary of State Hillary Clinton reckons there is a "right to free use and access" that could be infringed by countries banning BlackBerrys.

The US government steps into the argument as concern over the difficulties of intercepting BlackBerry communications continues to spread, with Lebanon being the latest country to voice an opinion on the matter, and the Saudi Arabia ban due to come into effect today.

"We know that there is a legitimate security concern, but there's also a legitimate right of free use and access," the Secretary said, as reported by the Wall Street Journal. "So I think we will be pursuing both technical and expert discussions as we go."

Canada's government has also been expressing concern - RIM is a Canadian company and most of the servers under discussion are located in Canada.

Not that it's always clear what exactly is under discussion.

The consensus is that security forces have a very hard time breaking RIM's encryption, and that the company therefore provides access to messages in response to legitimate requests from law enforcement.

RIM doesn't exactly deny this in its statement: "Any claims that we provide, or have ever provided, something unique to the government of one country that we have not offered to the governments of all countries, are unfounded."

Compare with the comment from the UAE's US ambassador: "It is regrettable that after several years of discussions, BlackBerry is still not compliant with UAE regulatory requirements even as it complies with similar policies in other countries."

Companies running their own Enterprise severs can expect a secure connection from their mail server to RIM's servers, and a secure connection from there back to the user's handset, with little risk of interception. But that's not important, as local security services can just turn up and inspect the Enterprise server.

More difficult, for the security people, is a BlackBerry configured to collect email from the user's personal accounts. In that configuration the email server, and RIM's server, may be in a different country (or even different countries), leaving the security forces with no alternative but to call for a ban.

In the UK, for example, the Reg understands that RIM has servers in Slough*, to which the security forces can demand access if necessary (not that they would need to, but the potential exists). Large enterprises may run local servers too, which would equally be subject to local laws, but non-enterprise users in countries without nearby servers will find their email routed through Canada, and beyond the range of their own security forces.

Alternatives do exist: the on-handset email client can be replaced with something like AstraSync, which connect to a local email server using Exchange ActiveSync or similar. Or RIM's servers could be replicated in the local country - but enforcing that kind of solution takes time, and needs RIM's approval.

Governments have long complained about encryption preventing them providing security. If the US Government had gotten its way back in the early 90s we'd all be using Clipper Chips by now, and transportation of the written RSA formula would be as illegal as smuggling guns. ®

* O2 was an early supporter of RIM, and is based in Slough: we can't imagine any other reason why RIM would want to go there.

Protecting against web application threats using SSL

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Turnbull: NBN won't turn your town into Silicon Valley
'People have been brainwashed to believe that their world will be changed forever if they get FTTP'
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.