Leaked Memo Confirms Apple, Nokia & RIM Gave Indian Gov't Backdoors
from the though,-that-should-have-been-known-already dept
Way back in the beginning of 2008, we wrote about how the Indian government was demanding that various mobile suppliers provide backdoors so it could intercept emails and text messages. In 2010, we wrote about further demands to spy on Gmail and Skype. Finally, at the end of 2010, the fact that various providers were providing backdoors to the Indian government was effectively revealed when the government complained that RIM’s backdoor didn’t really reveal everything. So, I’m not entirely sure why people are surprised that a leaked memo has revealed that at least Apple, Nokia and RIM all provided the Indian government with backdoors, and those are being used regularly in a surveillance dragnet.
Where it gets potentially more interesting is the report that the government then used such access to intercept emails from US government officials, including the “US-China Economic and Security Review Commission” — “a U.S. government body with a mandate to monitor, investigate and report to Congress on ‘the national security implications of the bilateral trade and economic relationship’ between the U.S. and China.” Kinda says something when the US commission on security issues can’t even secure their own email from snooping foreign governments, huh?
Filed Under: backdoors, emails, india, privacy, security
Companies: apple, nokia, rim
Comments on “Leaked Memo Confirms Apple, Nokia & RIM Gave Indian Gov't Backdoors”
Volunteering
The Indian government may have demanded it and got it, but American cell phone companies putting in CarrierIQ voluntarily.
But I trust our government. They’ll only use it for good; really, they will. They just want to stop terrorists.
Re: Volunteering
terrorist is such a general term, whose to say that protest don’t inspire terror, free speech is certainly terrifying
Re: Re: Volunteering
terrorist is such a general term, whose to say that protest don’t inspire terror, free speech is certainly terrifying
Well, I’m terrified of the TSA. Does that count?
Re: Volunteering
These countries just want to catch up to the US:
https://www.youtube.com/watch?v=qy3eOCkLVaw
Who needs CarrierIQ when you get all data from the source.
Huh. If an American company is(knowingly or not) providing backdoors into US Government devices at the behest of a foreign power, wouldn’t that be treason?
Re: Re:
Must be an awful experience when you taste a bit of your own medicine, eh, US?
Treason or plain stupidity?
Jail the infidel! Pointing out US fails is illegal isn’t it? Careful Mike!
Re: Response to: Anonymous Coward on Jan 9th, 2012 @ 9:22pm
I thought American wasn’t a doctrine of Faith. Shows what I know.
Surveillance from other countries
This is why demending on creation of preinstalled hidden surveillance tools is bad for everyone.
Future headline
Leaked Memo Confirms Apple, Nokia & RIM Gave US Gov’t Backdoors.
Re: Future headline
They already have.
Only Playing At Security
See, most parts of the US government are only playing at computer security. They do not really mean it. Snooping by foreign governments or any company is quite all right. So they use pathetically insecure stuff like Windows and mobile phones. Real computer security is too much like hard work for the poor darlings.
For those few members of the US government who are actually serious about computer security, there is Security-Enhanced Linux from the Central Security Service of the National Security Agency. Google is your friend.
Re: Only Playing At Security
You still have to be proactive with security. Just installing SE Linux won’t save you from being hacked. Security is work and people are naturally lazy so there will always be security issues.
i wonder what China thinks about this? does anyone think they are crapping themselves in case they are put on to the US black list again?
The 4th
I for one would not want to use any device for which I am “spied upon”
At least in the United States you have the 4th amendment namely “protection from unreasonable search and seizure” which grants your privacy and anonymity. Then again these who do the spying would say that is one law and we can name another.
The funny part about India is that it would be the vast innocent majority who are being watched. The real terrorists are the ones who have good reason to come hard encrypted to avoid all monitoring.
Still even the most secure system is flawed by the dumb users who do not follow security protocol.
Re: The 4th
That. Even with the backdoors you can still encrypt your data using other means, depending on the backdoor. Or use foregin equipment 😉
ut I’d say more than half of the security issues and virus infections out there are due to the dumb piece behind the keyboard.
Re: Re: The 4th
As an IT professional for a large corporation, I picked up a saying when working with internal users and external customers.
PICNIC
Problem In Chair, Not In Computer!
Does not matter if Linux(users are generally smarter, but not always), Mac(users think they are invincible), or Windows(mostly clueless with a decent batch that have common sense).
Re: Re: Re: The 4th
PICNIC
Problem In Chair, Not In Computer!
Hehe. When I was a programmer/analyst and first line support for a 60+ engineering department in the 90’s I used a couple of similar lines:
– The problem is somewhere between the chair and keyboard.
– That appears to be an eye-dee-ten-tee error. (ID10T)
– Take two reboots and call me in the morning.
Re: Re: Re: The 4th
PICNIC, yep I used that too a lot, but I stop once I realized I was in a chair too.
I saw countless sys admins complain about how people shared their passwords, or didn’t change them often enough or couldn’t remember the 20 characters long passwords, or forgot to use encryption or hit the wrong button, but it was rare to see someone actually think about the why people did those things and think of a better way that was more natural on how people behaved, you see on that front programmers are no better than the RIAA or the MPAA, the problem is often in the chair for certain, but not always.
Re: The 4th
Are you new here? We no longer have the 4th amendment. It has effectively been repealed. The US is spying on anyone and everyone at will with no consequence. Now they can even use the US Army against a US citizen on US soil. We cringe when the Chinese or others do this, but soon we will have our own Tiananmen square.
Somehow a thousand voices are saying “I told you so” and people don’t understand why giving government tools to censor or spy others is a bad idea for everyone, those tools get used by other to harm the very people who wanted them.
“Kinda says something when the US commission on security issues can’t even secure their own email from snooping foreign governments, huh?”
This makes the assumption all governments weren’t given the same access to the back door.
Kinda says something new, but that’s just my opinion.
Leaked Memo
They all sell out to any Government. Period.
When you authorize bad security, you get bad security. No surprise there. Kinda makes you wonder why the government officials didn’t have encrypted communications though, outside the control of any cell provider…
He said “Rim’s backdoor”….rim is the backdoor…lmao
Backdoors have keys, of course. How long will it be before someone leaks the key or a hacker, now knowing it’s there finds it, and these back doors start getting used for nefarious purposes (not that I think government spying is legitimate). I find it hard to imagine too, that these back doors are individualized to devices; I suspect that means that listeners do so from a provider’s domain and get everyone on line.
Open Source...
One of the reasons I like Android is because you can get a build of the OS that is entirely open source and if wanted even compile it yourself. Is that 100% foolproof, heck no, but it is better than a 100% closed eco system that Apple, RIM, and Microsoft use where you can’t see ANYTHING under the hood.
In a perfect world, all the hardware and software would be open source. The thought of hardware back doors makes me sad, but I’m sure they exist as well, if nothing else as a way to piggyback in a monitoring app or something like that.
Freedom
I think the amount that governments, local and foreign, are tapping the ol’ email wires is one of the underreported phenomenons in media. It’s just so hard to know what’s being shown to whom.
Yeah – and who believe the hype about “secure software that can’t be hacked”.
We ALL know we can trust government employees – they would never do things like hack into computers using open back-doors or mail out anthrax, of course.
To add:
Yeah – here’s who you are trusting your stuff with – potentially.
http://en.wikipedia.org/wiki/2001_anthrax_attacks
“Bruce Edwards Ivins, became a focus of investigation around April 4, 2005. Ivins was a scientist who worked at the government’s biodefense labs at Fort Detrick in Frederick, Maryland. On April 11, 2007, Ivins was put under periodic surveillance and an FBI document stated that “Bruce Edwards Ivins is an extremely sensitive suspect in the 2001 anthrax attacks”. On July 27, 2008, Ivins killed himself with an overdose of acetaminophen.”
Yep – trustworthy indeed. I wonder if some of these guys are on the take and expose secrets against various politicians for pay from competitors?
Simple Fix
To stop secret things from going on in your phone such as this, is exactly why there should be phones that ship with BOTH software AND hardware that is entirely open. Ideally including a DRM free, open source app store. Then the snooping and malicious acts would at least have to be done by a service provider/carrier or at the other end.