Deutsche Telekom Pulls An HP: Accused Of... >>
<< How A Big Record Label Could Make Itself...
 tdicon 
Yet Another Company Thinks It Can Stretch WiFi... >>
<< If You're Going To Claim That WiFi Violates...
 | 

Email

by Mike Masnick

Tue, May 27th 2008 10:26am


Filed Under:
blackberry, email, encryption, india, snooping

Companies:
rim


RIM Tells India That It Simply Cannot Snoop On Blackberry Email

from the so-sorry dept

A few months back, we noted that the Indian government was demanding that RIM let government officials snoop on emails sent via Blackberry devices, or they would be banned in India. I'm not sure why it took so long for RIM to point this out, but it finally has explained to the government the nature of its encryption scheme which means that RIM itself cannot decrypt messages sent via the network, since they're based on an encryption key set up by the end user. It's not clear how India is going to respond, though the article notes the two sides are "talking."
33 Comments | Leave a Comment
Get a free 1-year subscription to the Techdirt Crystal Ball when you sign up for VPN service from Private Internet Access.

If you liked this post, you may also be interested in...

Reader Comments (rss)

(Flattened / Threaded)

  • icon
    shanoboy (profile), May 27th, 2008 @ 10:43am

    duh!

    Rim should have gave India all the permissions they wanted to intercept traffic then when the Indian Gov't came back asking why they couldn't read it, just replied

    "Sorry we figured you guys were smart enough to figure that part out on your own!"

    No wonder tech support it so poor! It's all outsourced to INDIA!

    reply to this | link to this | view in chronology ]

    • icon
      JS Beckerist (profile), May 27th, 2008 @ 2:36pm

      Re: duh!

      I know you're mostly kidding, but seriously YOU try learning a second language. No, scrap that, the TECHNICAL side of a second language. Got that? Ok now, here's a book in that language of software you've never used. Read the whole thing yet? Alright now you're going to have 30 to 100 people a day calling you up, yelling at you for something you don't have ANYTHING to do with and saying that they want to speak to someone named Joe...

      ...not an easy job my friend. It's why they get paid the "big bucks" to do it, even though it's still peanuts compared to us over here.

      reply to this | link to this | view in chronology ]

  • identicon
    Ima Fish, May 27th, 2008 @ 10:43am

    Why can't RIM give India the same back doors that the FBI, CIA, and Homeland Security use.

    reply to this | link to this | view in chronology ]

    • identicon
      Duh, May 27th, 2008 @ 10:46am

      Re:

      Because they don't live in the delusional realm that you do.

      reply to this | link to this | view in chronology ]

      • identicon
        Ima Fish, May 27th, 2008 @ 11:13am

        Re: Re:

        If you honestly believe that RIM does not have a back door to access its own system you're infinitely more delusional than I am.

        reply to this | link to this | view in chronology ]

        • identicon
          TheTraveler, May 27th, 2008 @ 12:37pm

          Re: Re: Re:

          You should NEVER create a back door to your own system, that is just about the most unintelligent thing you could do to yourself. You might as well tie the noose your own neck! If RIM would have created a back door it would have been cracked LONG before now! So unless you know something the rest of us don’t about hacking then stop your idiocy! You’re about as useless as broken clock in a dark room being viewed by a blind person that doesn’t know how to tell time!!

          reply to this | link to this | view in chronology ]

        • identicon
          Jim, Jan 24th, 2009 @ 10:37pm

          Re: Re: Re:

          I know. There is no BACK DOOR. Believe me. I know.

          reply to this | link to this | view in chronology ]

    • identicon
      Evil Mike, May 27th, 2008 @ 11:09am

      Re:

      Everybody know the NSA does all the decrypting for the CIA and FBI and the Fatherland Security. duh.

      reply to this | link to this | view in chronology ]

    • identicon
      Jim, Jan 24th, 2009 @ 10:35pm

      Re: backdoor

      Because it does not exist. There is not way to "get into" the BlackBerry.

      I know.

      reply to this | link to this | view in chronology ]

  • identicon
    JB, May 27th, 2008 @ 11:05am

    Sender / Receiver

    The government could still see the sender and recipient of each message. This can be pretty useful even if they don't know what the message says, for example see all of the people regularly communicating with a known criminal.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, May 27th, 2008 @ 11:12am

      Re: Sender / Receiver

      All the better for implicating innocent persons who are unknowingly communicating with a criminal.

      What if the body of the message is "leave me alone you criminal?"

      reply to this | link to this | view in chronology ]

    • identicon
      Jim, Jan 24th, 2009 @ 10:39pm

      Re: Sender / Receiver

      Actually they can't. It is encrypted as well.

      reply to this | link to this | view in chronology ]

  • identicon
    Shohat, May 27th, 2008 @ 11:20am

    RIM has a way

    The smartest thing RIM could do is issue that statement publically, and supply India with the needed decryption tools in private.
    Win-Win.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, May 27th, 2008 @ 11:24am

    Encryption backdoor

    It is incredibly rare for (maybe never?) for mainstream encryption to have a purposeful backdoor. Why? Because backdoors are almost always found by hackers. When that happens the entire scheme is rendered useless and the company that made it has a very damaged reputation. So why create something at your own cost that you would never use and is a huge liability?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, May 27th, 2008 @ 11:49am

    Or walk into Mordor, for that matter.

    reply to this | link to this | view in chronology ]

  • identicon
    rishi, May 27th, 2008 @ 11:59am

    It is impractical to want access to all emails

    The Indian government wants access to all RIM mails on the premise that terrorists may use the network to send messages.

    Somebody should tell them about steganography.

    reply to this | link to this | view in chronology ]

  • identicon
    Scote, May 27th, 2008 @ 12:48pm

    RIM has said it has no backdoor to **enterprise** email. Not all RIM customers are enterprise customers.

    reply to this | link to this | view in chronology ]

    • identicon
      Jim, Jan 24th, 2009 @ 10:45pm

      Re:

      No. There is no back door. End of story. It does not exist. Stop your "conspiracy" thinking. Enterprise or ISP. There is no back door.

      reply to this | link to this | view in chronology ]

  • identicon
    Jake, May 27th, 2008 @ 1:11pm

    I can kind of see points on both sides here; it should not be done lightly or without strict judicial oversight, but occasionally communications interception is a necessary evil in order to protect life and property. I can understand the Indian government wanting to have the option.

    reply to this | link to this | view in chronology ]

  • identicon
    HK, May 27th, 2008 @ 1:37pm

    Jake, if that statement had an ounce of humour I would have thought you were being sarcastic.

    But you must be speaking out of your A$$, are you serious!

    Ever heard of Privacy!

    reply to this | link to this | view in chronology ]

    • identicon
      Jake, May 27th, 2008 @ 4:53pm

      Re:

      Yes, I have, and I value mine. The privacy of someone that my local law enforcement are really sure is going to stuff twenty pounds of dynamite up his jumper and set it off in a public place -sure enough that they don't mind giving sworn testimony to that effect and quite possibly getting fired if they're wrong- I'm somewhat less concerned about.

      reply to this | link to this | view in chronology ]

  • icon
    Derek Kerton (profile), May 27th, 2008 @ 1:42pm

    How They Set Up Encryption

    I remember my first Blackberry in 1999. The setup software asked me to generate my own encryption key. But it wasn't something low-grade like a 6-character password. They ask you to wiggle and move your mouse around the screen for about 10 seconds. Your random mouse movements generate the key, and the key is stored in your device.

    That, to me, seems like pretty good privacy.

    Of course, the key is also sent to RIM so they can decrypt your mail at their end (if you have Blackberry Internet Edition). One would assume that with the Blackberry Server Solution, the key is only stored on your device, and in your on-premise server, offering you end-to-end wireless security between your enterprise and your Blackberry. However, that does not encrypt the messages from your enterprise Exchange server to your co-correspondents and back.

    But my main point is that that mouse-move thing was pretty cool. Much better than your dog's name or your anniversary.

    reply to this | link to this | view in chronology ]

    • identicon
      Jim, Jan 24th, 2009 @ 10:42pm

      Re: How They Set Up Encryption

      Well to tell you the truth. NO. RIM does not have the key. If you understood how the system works you would know that the key is not needed and RIM does not have it.

      reply to this | link to this | view in chronology ]

  • identicon
    megacorp, May 27th, 2008 @ 1:43pm

    Microsoft did it, why wouldn't RIM?

    reply to this | link to this | view in chronology ]

  • identicon
    hwall, May 27th, 2008 @ 2:21pm

    India and RIM

    Sounds like India is trying to figure out how to do a RIM job.

    reply to this | link to this | view in chronology ]

  • identicon
    rishi, May 30th, 2008 @ 2:45am

    could you explain this

    The Indian government is using the argument that

    It is also learnt that the DoT has rejected RIM’s argument that it did not possess the encryption keys. Instead, the DoT has pointed out that since RIM’s BlackBerry service meets the provisions of US CALEA (Communications Assistance for Law Enforcement Act, 1994) regulations, all BlackBerry data traffic originating on Indian mobile networks can be tracked electronically by CALEA sleuths in the Federal Communications Commission.

    (DoT being the Indian Department of Telecom.)

    Is this argument valid?

    reply to this | link to this | view in chronology ]

  • identicon
    decrypt, Sep 22nd, 2008 @ 12:03pm

    Indian government cracked the code!

    Just in.... Indian government cracked the code! http://economictimes.indiatimes.com/News_by_Industry/At_last_govt_cracks_BlackBerry_code/ articleshow/3510719.cms

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Deutsche Telekom Pulls An HP: Accused Of... >>
<< How A Big Record Label Could Make Itself...
 tdicon 
Yet Another Company Thinks It Can Stretch WiFi... >>
<< If You're Going To Claim That WiFi Violates...
 | 
Follow Techdirt
New Gear From Techdirt

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories

Saturday

12:00 This Week In Techdirt History: September 25th - October 1st (0)
09:00 Only A Few Days Left To Get Your Techdirt Gear (And An Early Start On Christmas Shopping) (2)

Friday

19:39 'When Is A Chair Just A Chair?' And Other Annoying Copyright Questions (14)
15:54 Judge Says No Way To Attorneys General Looking To Block IANA Transition (22)
14:28 Government Agencies Apparently Not Interested In Following Congressional Directives On Overclassification (4)
12:55 Border Patrol Agent Caught Watching Porn On The Job Blames The Internet Filter For Not Stopping Him (21)
11:38 Facebook Video Metrics Crossed The Line From Merely Dubious To Just Plain Wrong (3)
10:37 CIA Took Three Years To Reject FOIA Request For Criteria For Rejecting FOIA Requests (10)
10:30 Daily Deal: The Ultimate Software Testing Bundle (0)
09:39 Intel Community To Institute Actual Whistleblower Award For 'Speaking Truth To Power' (35)
More arrow
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.