Fruity Plurality
Isn't the plural of "Blackberry" "Blackberries" rather than "Blackberrys"?
BlackBerry users residing in, or visiting, Saudi Arabia should ensure that they can get to their messages another way, as the government is asking operators to block RIM’s email service from Friday. Other countries, notably the neighbouring UAE, have threatened to cut off the BlackBerry's email service, which provides messages …
are taking the mickey!
First they try and push a bodge job of an update onto the phones, which could also open them up to more security threats.
Then they expect RIM to go to them with a deal?
Get on your knees UAE and start kissing that ass because your high horse has bolted and you don't have a leg to stand on!
Those who bought BBs did it because of the security, not because they wanted a shiny toy. If the iPhone were really secure, the UAE would be banning them as well.
In fact, all this sabre-rattling is actually *good* PR for RIM. It means that the berries are actually so secure, those eeeevil snoopin' governments are unable to snoop into your stuff. That says a lot about the Blackberry security model!
RIM purchased a small company about a year ago called Alt-N and seem to be working on giving Alt-N users access to the RIM services - so it's likely that Blackberry users will be able to run there own servers at some point in the near future... and presumably in any country they wish.
"I believe they'll have trouble pulling the trigger to shut down BlackBerry," Reuters was told. "Most governments in the world rely on BlackBerry." A gauntlet thrown unless it was said by a competitor.
The really misleading statement is that RTM has agreements with "over one hundred governments" which has been put numerically at 172.
This is hardly secure communications, IMHO, and only bolsters the case for users implementing their own system independent encryption.
Various news sources are currently quoting various officials including the Indian Special Secretary of Internal Security as wanting full and complete access to RIM servers' encrypted traffic. RIM has replied that they cannot release customers' keys. Looks like you might want to prepare yourself.
RIM'll say no, but being Canadians, probably politely and I'd not be surprized if some visits and calls from the US consulate in Toronto have gone to Waterloo, Ontario. The one thing RIM sells that's their distinguishing feature is security. Their credibility is based upon this.
>> "Most governments in the world rely on BlackBerry."
Why would *any* government "rely on" a proprietary product from a foreign producer? "Use", yes but "rely on"? If so, I expect to see lots of Security Heads rolling...
I once helped to develop an industrial chemical process whose ingredients frightened me (and I'm the chemist). The only thing that freaked the business analysts though was that one component had a single supplier. So the process was never used.
"Push email, long the killer feature for BlackBerrys, is standard smartphone fare these days,"
Fuck no. Push e-mail is a moronic idea. Especially when you have some person who has their e-mail hosted on a third-party source and all of a sudden it stops working and the fault -- surprise, surprise! -- is on RIM. And now you have to go and push RIM to convince them, yes, it is their fault, and to fix the problem. Which is not an easy task.
... But doesnt ActiveSync (used by iPhones and Droids in an enterprise environment) use https (TLS) to send/receive email. Am I missing something that TLS can now be decrypted by these governments? And if so isnt that a bigger issue? (And the BES servers send/receive email via the SSL model, so its also on the same secure layers surely?)
So the only difference is ActiveSync is device->interenet->OWA and BES is device->RIM->BES->Exchange (via matching MAPI.dll version - oh dont get me started on that one!)
Been a while since I delved into the security mechanisms of both systems even though I have to manage them here at work (BES and OWA/ActiveSync/ISA)
Yes exchange activesync is a secure alternative to RIM,, with exchange activesync there are no 3rd parties involved, the connection is secured by a certificate on the exchange server and transmitted by SSL via HTTPS. pretty straight forward, no third parties involved, the carrier cant decrypt the communication.
So we can assume that, at least for the Saudis, RIM is secure given that the House of Saud has got more money to throw at this sort of problem than the NSA.
And also - that the Cousins are not offering to help the Saudis in this since we can assume that the NSA probably don't need to crack the RIM security since they have access to the decrypted stream via an arrangement.
Probably the easiest way to check this would be to email some pictures of the kids bath-time via a Blackberry and wait for a knock on the door in the UK?