back to article India backs off RIM, starts on local operators

India's government has given up pestering RIM and is now asking the country's network operators to provide lawful intercept capability, despite their inability to do so. Having demanded that Research In Motion provide access to BlackBerry communications, and seen several deadlines pass without the issue resolved, the Wall …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Joke

    Operators should...

    Route all enquiries by the Goverment about incterception to a call centre miles away where noone understands their accent.

    1. Karnka

      Most operators already....

      Route all enquiries <snip> to a call centre miles away where noone understands their accent.

  2. Rich 2 Silver badge
    WTF?

    Bonkers!

    So what are they doing to demand next? That all ISPs must intercept all types of SSL communications? May as well get on the case and start banning HTTPS, IMAPS, all forms of PGP, etc etc etc right now, because that simply isn't going to hapen, regardless of how hard they try.

    They are clealry not living in the real world.

    1. Anonymous Coward
      Terminator

      They clearly live in a real world

      However in their real world an IT person is not supposed to say NO as an answer to a question.

    2. Anonymous Coward
      Anonymous Coward

      Intercept of SSL is easy

      SSL intercept is easy as many companies are already doing by routing traffic through a BlueCoat i.e. man in the middle attack. Could be done very easy by ISP's

      1. Anonymous Coward
        Thumb Down

        Don't think so

        If both client and server have their own keys (determined before-hand) then MITM won't work.

  3. dave 46

    Give them the traffic

    The encrypted traffic - there ya go boss, intercepted 100%

    1. Anonymous Coward
      Big Brother

      Sure...

      And then they just get a nice sized GPU enabled cluster to do a brute force break of the key.

      Problem solved.

      Oh wait. This is India, not the NSA.

  4. Matthew 25

    Why not

    Why not provide the govt with the encrypted emails - still encrypted. It won't do them any good but at least you have provided what was requested.

  5. Neil Barnes Silver badge
    Stop

    If you have nothing to hide, you have nothing to fear

    But we want the right and ability to read it anyway, just on the offchance?

    Hmmm.

  6. Anonymous Coward
    Anonymous Coward

    Madness

    Perhaps half the problem here is a cultural one - I know in my dealings with India you quite often get people unable to accept a no. They seem to think it means you do not want to do it, rather than you cannot do it.

    Anon, cos some of those guys are probably looking at this site

    1. Denarius
      FAIL

      Madness/Cultural issue ?

      @AC and there was I thinking it was common PHB ignorance, coz I see it from yank managers, WASP/materialist often. Seems the suits from any big org think that techs say no for the fun of it, not because of physics, resources, technical feasibility and other such trivia. We all get this; the PHB who thinks yelling/nagging/insulting us at 02:00 local time will make the problem go away.

    2. iRadiate
      Grenade

      @AC (Madness)

      You can't have dealt with many indians then. You may even have made a valid point but what's the fact that they may be looking at this site got to do with your anonymity ?

      Scared they might stick a fatwa on your arse ?

      That's the other brown guys you're thinking off.

      Clearly there are no limits to your ignorance.

      Regards

      an indian

      1. Oninoshiko
        FAIL

        @iRadiate

        well, it could be because (s)he has to still deal with them in the morning, and if they read it and realize it's him/her they will be harder to deal with then normal.

        oh, no, you must be right, (s)he ignorently must confusing indians with Iranians.

  7. blahdiblah
    FAIL

    hmm..

    It can be argued in either way, but had this been the U.S. government questioning under a security threat 'bending over' would have been mandatory (with bonkers and why not a rudimentary suggestion) eh? It is called the power of polite persuasion..

  8. Anonymous Coward
    Flame

    yawn

    screw RIM, it's only those manager bozo's who use BB anyway.

    i think part of the problem has to do with RIM being a Canadian company. canada didn't exactly do it's credibility any favours when they deliberately botched the Kanishka bombing investigation.

    say what you want, when it comes to matters of national security, india has as much right as any other western (read white) nation to do all it can to protect it's citizens. now if RIM cannot appreciate this, they are free to leave.

    1. Oninoshiko
      FAIL

      encryption, yeah, I nos it.

      India can demand anything they want, It doesn't mean the RIM has the ability to provide it. They might as well be asking you to provide the keys.

      RIM is incapible of providing the keys because they do not have them. Every western nation understands that you cannot ask someone for something they don't have, if you (and india) do not understand that you (and they) are free to be mocked by those of us who live in the real world.

      1. Anonymous Coward
        FAIL

        mock all you want son..

        "As you know in Canada, when the police or security agencies present evidence to a judge and obtain a warrant, they are able to intercept telephone calls and other forms of communication,"

        those are words from Peter Van Loan, google him in your "real" world to know who he is.

        the issue is that the indian agencies want real time access and not access after getting a court order. their argument is that they need to prevent terrorist attacks *before* they happen and people are killed.

        btw, it's "incapable". i'm assuming you know how to spell in your "real" world?

        1. Oninoshiko
          Headmaster

          ohh... "son" I see what you did there!

          Yes, they can intercept anything they want, and they end up with an encrypted bitstream. Your point?

          RIM only has the keys to the bitstreams going to servers they own. Which India has been given the rights to access. They do not have the user-configured keys. India is telling RIM to provide keys they do not possess.

          As long as we're picking nits, your period should be inside the quotes, and you need to capialize the first letter of each sentence.

    2. Anonymous Coward
      Thumb Down

      yawn

      and wtf does RIM NOW have to do with the screw-ups that were our security services 26 years ago?

  9. Anonymous Coward
    Stop

    SSL Intercept

    Regarding SSL intercept, Blue Coat requires the installation of a client side root certificate in order for the client to trust the emulated certificate from the SSL proxy server.

    If this is the case then surely if this was being done at the ISP level there would have to be some collusion with certificate authorities and/or OS developers to get around the certificate trust issue? Either way you skin it the SSL proxy has to make itself part of the SSL certificate chain and doing this without alerting the user could be difficult. It's easy on an enterprise network where end ponts are under your control and managed by policies but how would this work on a distributed public network where the end points are out of your control?

  10. Anonymous Coward
    Stop

    SSL Intercept

    @Anonymous Coward - SSL Intercept requires a client side root certificate to be installed on the client device for the intercepting server that is emulating the original SSL handshake. My understanding is that Blue Coat SSL Proxy admins must install these client side root Certs on their users machines to make the process completely transparent. If a Government wanted to do this then surely they would need the compliance of OS developers to ensure the necessary root CA's were pushed to the client machine? Otherwise they are gonna get a security warning relating to an invalid trust with the server certificate?!

    I think it would be difficult for SSL to be intercepted completely seamlessly by an ISP alone without any client side interaction to trust the emulated cert produced by the intercepting server.

This topic is closed for new posts.

Other stories you might like