Feeds

India claims access to BlackBerry comms

Long way from resolution, with only weeks to go

3 Big data security analytics techniques

The Indian government is claiming that RIM has offered it access to instant messaging conversations within hours of a request, though access to email remains unresolved with time running out.

India told Reuters that RIM has offered to provide transcripts of instant messaging sessions, with real-time interception available by the end of the year. But RIM still has to sort out lawful intercept to BlackBerry email by the end of October or face a nationwide ban, while BlackBerry users in UAE are looking at a ban starting at the end of this week unless RIM manages the impossible, and quickly.

The UAE will instruct network operators to block BlackBerry communications, including web browsing, email and messaging, from next Monday (11 October) unless it gets lawful access to all communications before then. Apparently this is affecting sales of BlackBerrys in the region.

Messaging services are routed through RIM's servers, so can be intercepted, as can email services hosted by the company. But where a company has set up its own BlackBerry Enterprise Server (BES) the encryption key is only shared between that server and the handset, so interception is all but impossible for RIM or anyone else.

Still, reality cuts little slack with politicians who are more concerned with listening in on criminals than understanding the intricacies of modern cryptography - as evidenced by the various calls insisting that RIM should be forced to hand over the mythical "master key" that would allow government's lawful intercept.

Last month RIM's CEO suggested that governments set up national registers and ask their citizens to submit encryption keys, pointing out that any government that wishes to eavesdrop on its citizens should make the request of those citizens, not an out-of-country supplier of IT kit.

It's a suggestion of which other governments might like to take note. The Obama administration is already making noises about requiring facilities for lawful intercept to be provided by every company involved in communications within the USA - but then it's much easier to bully IT companies than an entire electorate. ®

Top three mobile application threats

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.