Apple and RIM have denied providing the Indian government with backdoor access to customers' data, after the release of a memo that appears to suggest that they and Nokia did a deal in exchange for access to the Indian smartphone market. The document purportedly comes from the Indian Directorate General of Military Intelligence …
Some say they do, some say they don't
but we will never know for sure. That's one side benefit of the proprietary, closed source software.
It is not that big corporations would do such horible thing to their paying customers, God forbid!
Open or closed is irrelevant
How long was the Carrier IQ package left capturing all sorts of information on an otherwise partly open source phone? Are you sure there's no other things like it out there?
What about on the server side for things like BBM, iMessage, Google Talk? Do you have the source for those to make sure there's no backdoors?
Finally, most communications - voice, SMS or unencrypted data - can be captured and decoded by the network itself.
You are missing the point
That may indeed be the position of the Symantec mothership. No reason not to believe them.
Is this however the position of their Indian branch?
"We would never develop or help distribute a backdoor program regarding anyone’s programs, mobile or otherwise. Ever."
That's a very unpatriotic attitude for an American company to take. Even if there was an ongoing war (on terror for example) that threatened the very fabric of the homeland's apple pie ?
Patriotism is for the mass. It win some votes.
Liberal economy, unregulated finances, cross-continental companies; how could it bother with patriotism?
They don't need to make a deal with the MMs, they just need to make a deal with the local distributor to preload a program that will upload all incoming/outgoing SMS/emails to some server. In many cases when you buy your phone new, you actually find the factory seal broken. The reason for that, the local shop already decided to load few programs for you and they have decided to jailbreak your phone for you*.
Backdoor will allow you into a system. A pre-loaded program that upload everything isn't a backdoor. So Symantec is right about not making a backdoor..... technically
* this is why I always demand for a phone with the factory seal unbroken. I see no reason to jailbreak my phone when I buy it without a contract!
"In many cases when you buy your phone new, you actually find the factory seal broken."
Umm, where are you buying your phones? When I buy a new product, I expect that, a new product, unopened.
The article is about India, even though I didn't buy a phone in India (never been there), I work with few Indians and that is how they tell me it is over there. The same thing apply in the middle east and Africa (where I am right now). Don't be surprised to buy a new phone then find out that it have already been jail-broken.
It is not just limited to phones, it applies to notebooks and PCs as well. I bought a new HP notebook from Dubai, I didn't think much of it when I noticed the box have already been opened. But I did get a bit pissed to find out that they did the setup for me ("user" + "user-pc") and they loaded few "outdated" programs for me (included VLC).
Sorry that my post wasn't clear regarding the location. But in some places, unless you demand for the factory seal to be unbroken, you can get a device that already have few extra programs on it.
P.S. many not most. There are still many shops that will sell their items with the factory seal intact.
"RIM told us that it "does not typically comment on rumors or speculation," and pointed out that it has no ability to provide its customers' encryption keys and doesn't do deals with specific countries"
Nooo, RIM Never does deals with specific countries....
They presumably do deals with all countries?
What they don't deny may be significant.
You have to watch out for tricksy wordings in denials issued by corporate spokesmen and read between the line sometimes; they are PR, not unambiguous statements of fact. For example, Symantec's supposedly "unequivocal" statement is really no such thing:
>"We would never develop or help distribute a backdoor program regarding anyone’s programs, mobile or otherwise. Ever."
That of course does not for one second say that they wouln't develop or help distribute an entirely legitimate lawful access program, does it? Because that's not quite the same thing as a "backdoor". None of those companies would usually deny for a second that they do co-operate with lawful access requests from governments and courts, so whatever they're denying here, it's not that, and if they regard the system discussed in the documents as lawful rather than backdoor, then I'm sure that's all the wriggle room they need to convince themselves that they can just issue denials.
As long as the company has presence in the country, the data is within reach of the government.
Rim, Nokia and Apple Providing Government Back Doors
The story is the same, private companies have to under contract provide support for surveillance and monitoring operations required by governments.
It had already happened in the recent past when hackers claimed that German officials had a backdoor trojan for spying on Skype, and don't forget the case of Carrier IQ, a huge story that has been hidden all too fast, maybe because the small company was under a Government commitment. The risks are many because of the interference of governments and the excessive attention paid in the name of security monitoring, which can easily spill over into censorship with serious repercussions. At stake there are the human rights that monitoring technologies contribute to violate.
At risk are not citizens but also the same companies. Infact in order to grab contracts and procuremenst they form dangerous relationships with governments. This means that the same companies are increasingly targets of hackers and hacktivist groups that might, as has happened, expose secrets and patents. A disaster for those who live and earn through technology.