RIM Works Out Deal In Saudi Arabia, Causing Many To Wonder If They Can Trust Their BlackBerry

from the well,-you-never-could-before... dept

With last week’s news that the United Arab Emirates and Saudi Arabia were going to block access for BlackBerry users over the inability to spy on RIM’s servers, the news over the weekend that Saudi Arabia is testing three local servers that would alleviate the need for a ban has many wondering how secure their BlackBerry communications really are.

Of course, the more pertinent question may be how secure BlackBerry communications have ever been. One of the big complaints from the UAE and Saudi Arabia (and others) is that they believe RIM already lets certain governments access content flowing across their network. And, of course, no one seems willing to come out with a straight answer one way or the other on whether or not that’s an accurate statement. However, as the NY Times article above makes clear, whether or not governments really do have access to RIM’s network probably isn’t as meaningful as some believe, since there are multiple different potential points of access for anyone wishing to monitor messages. About the only thing that is clear is that if you’re communicating online, it’s probably best to assume that, sooner or later, someone other than the intended recipients will probably see it.

Filed Under: , , ,
Companies: rim

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “RIM Works Out Deal In Saudi Arabia, Causing Many To Wonder If They Can Trust Their BlackBerry”

Subscribe: RSS Leave a comment
Lawrence D'Oliveiro says:

Mass Surveillance = Mass Distraction

If governments like India, Saudi and Emirates want to do indiscriminate eavesdropping on their citizens, never mind the privacy concerns, they’re doing security wrong. They’re setting themselves up to try to drink from a firehose of data that will be impossible to use to discern any useful patterns.

This is the problem that Western agencies had with the Underwear Bomber. They couldn’t “connect the dots”, because they had collected too many dots. Stick to targeted policing based on specific information received, and you’ll have a much better success rate.

BearGriz72 (profile) says:

Said it before and I will say it again...

Never Depend Solely on Somebody Else for Your Security, there are many tools that can be used on almost any platform. I use TrueCrypt, PGP, & TOR for various purposes. Depending on the circumstances even ROT-5/13/18/47 can be useful (especially when combined with other tools), there are even “Online Encryption Tools” that can be used cross platform.

Now as others have pointed out “You are depending on the crypto people who designed and wrote the proofs for the algorithms you are using” but if you are using/layering multiple methods and not depending on a single service/tool it greatly reduces the chances of any one person being able to crack it.

cc (profile) says:

Re: Said it before and I will say it again...

This pretty much sums up my take on the subject.

I’ll add that the algorithms are usually pretty safe in themselves since they aren’t too hard to analyse rigorously — as long as no-one cracks them, that is.

It’s the implementation that may lack in many instances, which can contain bugs and sometimes even backdoors that are usually much easier to exploit than weaknesses in the encryption scheme.

I guess the best option is to use open source tools whose code is available so we can check for ourselves it doesn’t contain any “proprietary magic” compiled into the executables.

But, yes: layering trumps all.

lfroen (profile) says:

Re: Said it before and I will say it again...

Here’s another novel concept for you: keep your mouth shut. People like you are ridiculous, they for some reason think that if some stuff is encrypted in $algorithm, government can’t read it. Wrong.
You see, genius, wast amount of population does not encrypt their messages. It doesn’t matter whether it’s good thing or not. It is a fact. So, your “secured” PGP’ed talk is very distinct. It’s like writing “I have stuff to hide” on your back.
Another fact of life for you: when some man-in-black will come to ask you “a few questions” you can’t say “I won’t tell you”. You will tell. That’s why those 3-letter agencies exists – make people talk. Right-to-remain-silent you say? Yea, right.

abc gum says:

Re: Re: Re:2 Said it before and I will say it again...

“No, you will say “here is encryption keys” and “I have used this-and-that encryption software”.”

After waterboarding?

“When you meet people that _really_ want your email – your game is up, no matter whether it was real conspiracy or home porno.”

… and then you are stoned to death – woohoo

Berenerd (profile) says:

Re: Re: Said it before and I will say it again...

Who pissed in your government issued cheerios this morning?

I work for a company that encrypts *ALL* its email no matter what it is. I encrypt my email at home just out of habit. Just because the majority does it does not mean its because they have nothing to hide. I have seen my roommates email passwords to people for their ebay accounts and such. if I were them I would encrypt that. You are just being Mr. Tinfoil Hatt today.

lfroen (profile) says:

Re: Re: Re: Said it before and I will say it again...

>> Just because the majority does it does not mean its because they have nothing to hide

Yes it does. Tell, me mister privacy, why don’t you encrypt your phone calls? Government can listen to them! Ah, I see – you rely on wiretapping laws to protect you. And with email it somehow different?
You can play with your toys all day long, nobody really want to read your email – (skip gmail robots). And when “people” will need your mail – you will give them encryption keys.

lfroen (profile) says:

Re: Re: Re: Said it before and I will say it again...

Uh – no. Irrelevant issue. IIRC colonists stated their demands publicly, than waged propaganda _and_ war. Conspiracy is only small part it.
Back to original question: just pass (really) confidential info personally. Or by mail (you know, one with envelope). Those kind of communication is match harder to intercept without being noticed.

Anonymous Coward says:

Re: Re: Re:2 Said it before and I will say it again...

Or use strong encryption and covert ways the most effective one being steganography.

“just pass (really) confidential info personally”

Well I like to see a company issuing new passwords to its offshore workers in person once a week, or people trying to contact relatives out of state to send them something private.

I don’t think you live in the real world.

Anonymous Coward says:

It’s OK if they spy. We will just write an app to secure our conversations and text. Encrypted phone calls to avoid government ears. Absolutely!! Spy on me and I will hide from you. Sounds like good public relations. Once again we love and trust our governments! NOT.
We will write an app that will say one thing while encrypting the real conversation. That way the censors (polite word) will get to hear something and we get freedom.
Monitoring all of our phone and text messages just slows down an already extremely overloaded network.
How many terrorists have they actually caught from monitoring our calls. When you look in someone else’s window you are called a creep, a peeping tom, a voyeur and lots of other nasty names and you can go to jail.
How come governments can do the same thing but worse by listening to our private phone calls? I call them creeps of the highest order.
So I have to restrict myself to landlines only. At least they have to put an actual order to monitor landlines but cell traffic is wide open to all of the hundreds of security agencies monitoring your life.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...