RIM can’t let India spy on BlackBerry email

By on Jan 27, 2011 at 12:43 PM
mobile January 27, 2011

Research In Motion confirmed on Thursday that it will not give the Indian government access to email sent to and from BlackBerry smartphones in its country. The refusal to comply with India’s request is less a moral stance and more an issue of technology, according to RIM. “There is no possibility of us providing any kind of a solution,” RIM VP Robert Crow said to reporters. “There is no solution. There are no keys to be handed.” India demanded access to email and all other BlackBerry services last year as part of larger efforts to monitor security threats within the country. RIM gave the Indian government access to its BlackBerry Messenger service earlier this month, but complex email encryption will apparently not allow the company to provide similar access to its email services.

Read

Tags:
, , , , , , , , ,
33 Comments

Related Articles

  • User

    Why is RIM being singled out in these countries?

    • Hooper

      Great question. Is Active Sync SSL that insecure?

      • Anonymous

        Yes

    • serpentor

      Because when you use a BB the data goes through RIM’s servers.

      • Geust

        not nesseserly if you connect to BES.. they you completely private

      • Steve Hillshire

        Nope.

    • QNX Please

      Because they are the only ones who offer encrypted email and messaging services for smartphones.

  • HAHA

    RIM is falling fast but at least they didn’t give in to these countries. I’m glad they held their ground. You don’t want us? Fine!

  • Xtremehairman

    just take ur servers and leave…if them people are that afraid they should all go back to sending letters through the mail and talking on a land line…screw em

    • Mike

      There are more then million VPN serving India. I don’t think India give a damn about BlackBerry service. India has more terrorism issues then USA and Indian government must go anything to protect there citizens. If BlackBerry has nothing to hide, then like all other providers they should also give access to their network, or get f**k out of that country.

      • Anonymous

        It has nothing to do with RIM. The BES servers belong to the companies that pay for them. RIM does not monitor the traffic that is passed through the internal BES servers of a company.

      • malware

        That is a pretty naive comment WillieLee considering ALL traffic goes through Rims network, INCLUDING enterprise BES. Rim offers an encrypted cert to ensure traffic is encrypted between Rim and the corporations enterprise BES server but still all traffic goes through Rims network. (ie; Carrier > Rim > BIS or BES).. Now the next time your use your bb and send unencrypted traffic(http,imap,pop3) through BIS or BES you should ask yourself, what are they doing with my data?

      • Anonymous

        Time to put down the bong malware. Handling traffic doesn’t mean they are decrypting it and storing it. They wouldn’t be able to sell BES to a company if they were monitoring their communications.

      • malware

        No bong required. you just need to have expertise in decrypting traffic, using CA keys in keystores to decrypt any traffic. Pretty normal stuff when you run proxy servers for large corporations. I am very familiar with BES and the commitments that RIM makes when setting up the encryption keys between a corporation and a BES server. The question isn’t really if they are but rather can they. And what about all of the traffic us corporate users send via BIS (Internet browser, imap, pop3).. No BES with that and here you see this topic is one where RIM is giving access to portions of t their network to India.

      • Anonymous

        The current discussion is about BES access in India. They have the same arrangement with BIS as they do with every country. They will provide access to BIS is there is a legal request to do so. They don’t possess the keys to decrypt BES traffic. Only the company that is hosting the server has that access. If you think you can crack it, then you are really wasting your time posting on message boards as there are people that would pay you millions to work for them.

      • malware

        Its not just about BES. If you read the response from RIM they already gave access to BIS. You seriously don’t see a problem with this? I don’t care what government it is, why should anyone have access to data, encrypted or not. If it makes you feel comfortable that all of your non BES traffic is sourcing from a network that has been given access to by that company then more power to you. As for me I prefer my PC and my phone to establish end-point to end-point communication, not where someone can easily man-in-the-middle.

  • http://DonnyGamble.com Donny Gamble

    India will catch sooner or later it is just a matter of time

  • rawrrrmonster

    i cant imagine anyone threatening India… thats where all the tech support comes from…. I guess you could think that terrorists are gonna bomb the tech support companies there to deprive us of help but who uses tech support anyways?

  • serpentor

    So, my question is why RIM doesn’t also encrypt BBM also?

    • dmallor

      VERY VERY good question serpentor.. And an even bigger question. What about all of the other data that people send through RIM servers that is not encrypted.. Ie; all browser traffic not using SSL, all tweets, Imap, pop3, etc.. Even gmail servers only use encryption for the login events then hand off to cookies.. Just what data does rim have access to and who else has been given access to that data. The fact that Blackberries are the only devices that do this and require to proxy all of their traffic just scares the crap out of me.

      • Geust

        All blackberry data is encrypted and compressed before exiting your phone.. (this helps with battery life) … now this data can be decrypted.. by rim.. the part that cannot me decrypted is corporate secure emails…

    • Burninator

      It does. It’s just not encrypted on the same level as email.

  • Burninator

    I still can’t believe India can’t crack BlackBerry’s encryption. Clearly the US, China, GB, Australia and even Canada have done it, so why can’t a country filled with incredibly smart computer programmers figure it out? I understand little countries like the UAE, Qatar and others lacking the technological capabilities, but India? It’s just very weird.

    • H.D.

      Even if it is thought to be done here in India, Govt does not have enough will to do it and politics/ red-taping is a major problem which will not at all allow building required infrastructure… the security of such facility will be compromised because of these moron politicians.. each & every one of them a corrupt bas****
      Also money is the major problem.. suppose a 10 million budget is allocated.. more than half of it will go to the politicians’ pocket and budget for that infra will go on increasing..
      Don’t you know what happened in CWG last year… and you know the major problem.. there is no end to it..

    • http://twitter.com/taylortbb Taylor Byrnes

      I think the lesson there is that the US, Canada, Australia, etc have not cracked RIM’s encryption. It’s just that encryption technology is not restricted in the same way. Laws surrounding encryption vary widely, from making it completely illegal to protections of its use.

  • Dextosenergy

    How is this story any different the the UAE story…it’s not.

    • Peterh

      Maybe because the people who orchestrated that attack on Mumbai used Blackberry devices cause they knew their information was secure? Just saying.

      • Anonymous

        Too bad they didn’t use BlackBerry devices to orchestrate their attack. The only time they used the BlackBerry was when the communications were cut off to the hotel and they used the BB to access the web and check out the news. Their attacks were planned using email(not on the BB) and satellite phones. RIM’s devices had nothing to do with the planning of the attacks.

  • max

    “Honey I’m bringing home Hungry Howies. Let’s hope no one spies on this”

  • Anonymous

    Why bother attacking RIM (even where BES is involved)
    If you want to intercept email go get the unencrypted SMTP traffic when the mail server (Exchange, Gmail, Hotmail or any other) sends it across the internet

  • Rkalantri

    Zack you missed a curical point!
    RIM HAS GIVEN ACCESS to Blackberry Messenger and Blackberry public email services to India. Only Blackberry ENTERPRISE email service which accounts to less than 5% of total blackberry users in India. Since BB enterpeise service the key is with the enterprise and not BB they were not able to give access. (or so claimed by BB)
    I hope BGR does more research before putting up articles.

    • malware

      And for those “BIS” users that believe their IMAP or POP3 is secure because they chose to use SSL or TLS, don’t forget that this traffic “sources” from RIMS network, not your phone(www.blackberry.com/go/vzw). Now if you go test a Droid or a Iphone, the traffic sources from the “carriers” IP network.

  • awin217

    thanks a lot Pakistan.!

blog comments powered by Disqus