India claims RIM data deal, again
Canadians remain silent
Indian government sources are again claiming that RIM will provide lawful intercept of all BlackBerry communications, despite the technical impossibility of doing so.
A "senior home ministry official" is quoted, by Indian daily Mint, claiming that RIM has "in principle agreed to provide us recorded data from their servers". The official goes on to explain that very soon the Indian security forces will have access to BES-secured communications.
Which is, of course, bollocks. As even the Guardian now realises - communication between a corporate BlackBerry Enterprise Server and a BlackBerry are encrypted with a key that is only shared between those two devices. Intercepting the communications is easy, reading the intercepted communications is next to impossible.
"Now they have assured us that they will discuss the issue first among themselves and find a way to meet our demands. Later, they would be providing live access to BES" the unnamed official told Mint, apparently promising that RIM would deliver the impossible by the end of December.
But that's what the Canadian company has to do, if it's going to avoid a ban on BlackBerry use in India. Other governments, it seems, have been bought off with access to RIM's own BES - providing access to communications, including web traffic, from users who don't run their own BES. But India is adamant that it wants access to all communications, which RIM can't provide without compromising the security of its product. ®
RIM have in fact not stayed silent - got this yesterday
Its probably wrong of me to just cut and paste from the article but basically they're saying its cobblers.
Access to BES server
From what I am aware off yes, it is true that the encryption is end to end on the blackberry but....there it is possible to access the data and read it. How?
When the messages are received on the BES it is decrypted and then re-encrypted before it is sent out to its destination. At this point when the BES decrypts the message it can be offloaded in realtime and read. This is one reason why various governments including India are requiring the BES to be located in the home county and RIM doesn't allow it.
Now RIM would have to create some tools to read the data in realtime but this is just a technical and workable problem which the Indian government is asking for, so this theory of not being able to read because of the end to end encryption is simply not true or as the writer so eloquently put it bullocks.
If it were me
I'd be saying the same as RIM "Yes we'll provide you with access to records held on BES servers"
Later followed by a way to access a list of all BlackBerry's associated with a BES server, and then followed by "Oh you wanted the data? Sorry, it's encrypted!"
Probably a good way to exit the Indian Market though