Leaked Memo Confirms Apple, Nokia & RIM Gave Indian Gov't Backdoors

from the though,-that-should-have-been-known-already dept

Way back in the beginning of 2008, we wrote about how the Indian government was demanding that various mobile suppliers provide backdoors so it could intercept emails and text messages. In 2010, we wrote about further demands to spy on Gmail and Skype. Finally, at the end of 2010, the fact that various providers were providing backdoors to the Indian government was effectively revealed when the government complained that RIM's backdoor didn't really reveal everything. So, I'm not entirely sure why people are surprised that a leaked memo has revealed that at least Apple, Nokia and RIM all provided the Indian government with backdoors, and those are being used regularly in a surveillance dragnet.

Where it gets potentially more interesting is the report that the government then used such access to intercept emails from US government officials, including the "US-China Economic and Security Review Commission" -- "a U.S. government body with a mandate to monitor, investigate and report to Congress on 'the national security implications of the bilateral trade and economic relationship' between the U.S. and China." Kinda says something when the US commission on security issues can't even secure their own email from snooping foreign governments, huh?


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Difster, Jan 9th, 2012 @ 8:17pm

    Volunteering

    The Indian government may have demanded it and got it, but American cell phone companies putting in CarrierIQ voluntarily.

    But I trust our government. They'll only use it for good; really, they will. They just want to stop terrorists.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Aerilus, Jan 9th, 2012 @ 8:32pm

    Re: Volunteering

    terrorist is such a general term, whose to say that protest don't inspire terror, free speech is certainly terrifying

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Donnicton, Jan 9th, 2012 @ 8:45pm

    Huh. If an American company is(knowingly or not) providing backdoors into US Government devices at the behest of a foreign power, wouldn't that be treason?

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Jan 9th, 2012 @ 9:22pm

    Jail the infidel! Pointing out US fails is illegal isn't it? Careful Mike!

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Jan 9th, 2012 @ 10:17pm

    Surveillance from other countries

    This is why demending on creation of preinstalled hidden surveillance tools is bad for everyone.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Pixelation, Jan 9th, 2012 @ 10:18pm

    Future headline

    Leaked Memo Confirms Apple, Nokia & RIM Gave US Gov't Backdoors.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Jan 9th, 2012 @ 11:05pm

    Only Playing At Security

    See, most parts of the US government are only playing at computer security. They do not really mean it. Snooping by foreign governments or any company is quite all right. So they use pathetically insecure stuff like Windows and mobile phones. Real computer security is too much like hard work for the poor darlings.

    For those few members of the US government who are actually serious about computer security, there is Security-Enhanced Linux from the Central Security Service of the National Security Agency. Google is your friend.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Jan 10th, 2012 @ 12:25am

    Response to: Anonymous Coward on Jan 9th, 2012 @ 9:22pm

    I thought American wasn't a doctrine of Faith. Shows what I know.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    anonymous, Jan 10th, 2012 @ 12:42am

    i wonder what China thinks about this? does anyone think they are crapping themselves in case they are put on to the US black list again?

     

    reply to this | link to this | view in thread ]

  10.  
    icon
    Violated (profile), Jan 10th, 2012 @ 12:54am

    The 4th

    I for one would not want to use any device for which I am "spied upon"

    At least in the United States you have the 4th amendment namely "protection from unreasonable search and seizure" which grants your privacy and anonymity. Then again these who do the spying would say that is one law and we can name another.

    The funny part about India is that it would be the vast innocent majority who are being watched. The real terrorists are the ones who have good reason to come hard encrypted to avoid all monitoring.

    Still even the most secure system is flawed by the dumb users who do not follow security protocol.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Jan 10th, 2012 @ 2:47am

    Somehow a thousand voices are saying "I told you so" and people don't understand why giving government tools to censor or spy others is a bad idea for everyone, those tools get used by other to harm the very people who wanted them.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Scooters (profile), Jan 10th, 2012 @ 3:23am

    "Kinda says something when the US commission on security issues can't even secure their own email from snooping foreign governments, huh?"
    This makes the assumption all governments weren't given the same access to the back door.

    Kinda says something new, but that's just my opinion.

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    Ninja (profile), Jan 10th, 2012 @ 3:35am

    Re:

    Must be an awful experience when you taste a bit of your own medicine, eh, US?

    Treason or plain stupidity?

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    Ninja (profile), Jan 10th, 2012 @ 3:44am

    Re: The 4th

    That. Even with the backdoors you can still encrypt your data using other means, depending on the backdoor. Or use foregin equipment ;)

    ut I'd say more than half of the security issues and virus infections out there are due to the dumb piece behind the keyboard.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    John Doe, Jan 10th, 2012 @ 4:49am

    Re: The 4th

    Are you new here? We no longer have the 4th amendment. It has effectively been repealed. The US is spying on anyone and everyone at will with no consequence. Now they can even use the US Army against a US citizen on US soil. We cringe when the Chinese or others do this, but soon we will have our own Tiananmen square.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    Some Other AC (profile), Jan 10th, 2012 @ 5:54am

    Re: Re: The 4th

    As an IT professional for a large corporation, I picked up a saying when working with internal users and external customers.
    PICNIC
    Problem In Chair, Not In Computer!
    Does not matter if Linux(users are generally smarter, but not always), Mac(users think they are invincible), or Windows(mostly clueless with a decent batch that have common sense).

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Jan 10th, 2012 @ 6:08am

    Re: Only Playing At Security

    You still have to be proactive with security. Just installing SE Linux won't save you from being hacked. Security is work and people are naturally lazy so there will always be security issues.

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    princefeliz (profile), Jan 10th, 2012 @ 6:31am

    Leaked Memo

    They all sell out to any Government. Period.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Michael, Jan 10th, 2012 @ 6:35am

    Re: Future headline

    They already have.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Jan 10th, 2012 @ 6:56am

    When you authorize bad security, you get bad security. No surprise there. Kinda makes you wonder why the government officials didn't have encrypted communications though, outside the control of any cell provider...

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, Jan 10th, 2012 @ 7:02am

    He said "Rim's backdoor"....rim is the backdoor...lmao

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    Gwiz (profile), Jan 10th, 2012 @ 8:41am

    Re: Re: Re: The 4th

    PICNIC
    Problem In Chair, Not In Computer!


    Hehe. When I was a programmer/analyst and first line support for a 60+ engineering department in the 90's I used a couple of similar lines:

    - The problem is somewhere between the chair and keyboard.

    - That appears to be an eye-dee-ten-tee error. (ID10T)

    - Take two reboots and call me in the morning.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Adam, Jan 10th, 2012 @ 8:47am

    Backdoors have keys, of course. How long will it be before someone leaks the key or a hacker, now knowing it's there finds it, and these back doors start getting used for nefarious purposes (not that I think government spying is legitimate). I find it hard to imagine too, that these back doors are individualized to devices; I suspect that means that listeners do so from a provider's domain and get everyone on line.

     

    reply to this | link to this | view in thread ]

  24.  
    icon
    DH's Love Child (profile), Jan 10th, 2012 @ 8:59am

    Re: Re: Volunteering

    terrorist is such a general term, whose to say that protest don't inspire terror, free speech is certainly terrifying

    Well, I'm terrified of the TSA. Does that count?

     

    reply to this | link to this | view in thread ]

  25.  
    icon
    weneedhelp (profile), Jan 10th, 2012 @ 9:18am

    Re: Volunteering

    These countries just want to catch up to the US:
    https://www.youtube.com/watch?v=qy3eOCkLVaw

    Who needs CarrierIQ when you get all data from the source.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Freedom, Jan 10th, 2012 @ 12:04pm

    Open Source...

    One of the reasons I like Android is because you can get a build of the OS that is entirely open source and if wanted even compile it yourself. Is that 100% foolproof, heck no, but it is better than a 100% closed eco system that Apple, RIM, and Microsoft use where you can't see ANYTHING under the hood.

    In a perfect world, all the hardware and software would be open source. The thought of hardware back doors makes me sad, but I'm sure they exist as well, if nothing else as a way to piggyback in a monitoring app or something like that.

    Freedom

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Beckley, Jan 10th, 2012 @ 12:44pm

    I think the amount that governments, local and foreign, are tapping the ol' email wires is one of the underreported phenomenons in media. It's just so hard to know what's being shown to whom.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Jan 10th, 2012 @ 2:55pm

    Re: Re: Re: The 4th

    PICNIC, yep I used that too a lot, but I stop once I realized I was in a chair too.

    I saw countless sys admins complain about how people shared their passwords, or didn't change them often enough or couldn't remember the 20 characters long passwords, or forgot to use encryption or hit the wrong button, but it was rare to see someone actually think about the why people did those things and think of a better way that was more natural on how people behaved, you see on that front programmers are no better than the RIAA or the MPAA, the problem is often in the chair for certain, but not always.

     

    reply to this | link to this | view in thread ]

  29.  
    icon
    Overcast (profile), Jan 17th, 2012 @ 7:18am

    Yeah - and who believe the hype about "secure software that can't be hacked".

    We ALL know we can trust government employees - they would never do things like hack into computers using open back-doors or mail out anthrax, of course.

     

    reply to this | link to this | view in thread ]

  30.  
    icon
    Overcast (profile), Jan 17th, 2012 @ 7:20am

    To add:

    Yeah - here's who you are trusting your stuff with - potentially.

    http://en.wikipedia.org/wiki/2001_anthrax_attacks

    "Bruce Edwards Ivins, became a focus of investigation around April 4, 2005. Ivins was a scientist who worked at the government's biodefense labs at Fort Detrick in Frederick, Maryland. On April 11, 2007, Ivins was put under periodic surveillance and an FBI document stated that "Bruce Edwards Ivins is an extremely sensitive suspect in the 2001 anthrax attacks". On July 27, 2008, Ivins killed himself with an overdose of acetaminophen."

    Yep - trustworthy indeed. I wonder if some of these guys are on the take and expose secrets against various politicians for pay from competitors?

     

    reply to this | link to this | view in thread ]

  31.  
    icon
    terrybbarton (profile), Mar 19th, 2012 @ 12:57pm

    Simple Fix

    To stop secret things from going on in your phone such as this, is exactly why there should be phones that ship with BOTH software AND hardware that is entirely open. Ideally including a DRM free, open source app store. Then the snooping and malicious acts would at least have to be done by a service provider/carrier or at the other end.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This