Canadian minister exposes RIM's encryption lie

Discussion in 'Politics & Society' started by nrj, Sep 25, 2010.

  1. nrj

    nrj Stars and Ambassadors Stars and Ambassadors

    Nov 16, 2009
    Likes Received:
    Canadian trade minister Peter Van Loan yesterday exposed BlackBerry smartphone maker Research In Motion's (RIM) deception that it does not possess access to BlackBerry's encrypted data.

    Indian trade and commerce minister Anand Sharma and Canada's international trade minister Peter Van Loan met in Ottawa yesterday to discuss the ongoing security concerns related to BlackBerry's service issues in India.

    "We have discussed it together towards a resolution of the issue that will allow BlackBerry service to continue, to respect very important privacy rights of legitimate users, but also to respect legitimate lawful access in the same fashion as we have here in Canada," Van Loan said at a joint news conference.

    Loan said that in Canada, law enforcement agencies can intercept telephone calls, emails and text messages sent by BlackBerry smartphones after obtaining a warrant from the judge.

    "My understanding is that India is seeking the same thing, and we believe RIM can arrive at a resolution on that basis," Loan said.

    His statement however blows the veil of secrecy and web of deception in the Ontario-based RIM's claims to regulators in certain countries for years.

    Responding to Indian demand of providing access to BlackBerry's emails and messenger services in order to comply with the country's telecommunication regulations, RIM has always maintained that it cannot compromise on its security architecture.

    In a press release put out in July, RIM said that messages and emails sent via the Blackberry are encrypted and its servers in Canada and the UK have a very high encryption level, making it extremely difficult to decode. Also, all messages over its Canadian and UK servers are encrypted and, therefore, cannot be accessed by intelligence agencies.

    According to RIM, BlackBerry security is based on a system that allows customers to create their own key and the company neither has a master key nor any "back door" to enable RIM or any third party to gain access to crucial corporate data or BlackBerry's security architecture, which is designed in such a way that not even RIM or any third party can read encrypted information under any circumstances.

    The company had repeatedly emphasised that it has not provided anything unique to the government of any country and cannot accommodate any request for a copy of a customer's encryption key, despite the government of India having proof that RIM has acquiesced to certain countries like the US, China, Canada, Russia and some European nations.

    But if RIM does not possess the encryption key as it has always maintained, then how does it allow access to its services including its corporate email services to the Canadian law enforcement agencies after obtaining a court order? commmentators ask.

    RIM has refused to disclose details of the outcome of talks it has had with regulators in more than 175 countries where it operates, but the secretive company keeps on saying that its security features are ''widely accepted by customers and governments.''

    Having said that that it neither has a master key nor any "back door" to BlackBerry's security architecture, computer security experts in Asia are asking if that were really so, how has RIM provided certain countries its encryption keys, while claiming that it protects the privacy of its customers in these countries.

    Although the Canadian minister said that according to his understanding India is seeking a similar pact that RIM has agreed to with Canada, Indian law enforcement agencies are very clear that they are definitely not seeking the same pact.

    Instead, they say India wants real-time monitoring of all BlackBerry services since it cannot wait for terrorists to mount a challenge before seeking a court warrant for accessing BlackBerry services.

    India has made it clear to RIM that its security agencies need real time information, not deferred one, with one telecom official going as for as to state: ''We do not care if the solution is to set up a server or tweak the programme... . There is a rule for networks to enable interception and we would like them to implement this rule. If they cannot, they will have to switch off.''

    RIM agreed last month to offer the government a temporary solution to allow monitoring of BlackBerry data in order to avert a 31 August deadline that would have led to its ban in the country.

    In August, India withdrew a threat to ban BlackBerry service for at least two months till October to review RIM's latest proposals of providing access to corporate email and instant messaging.

    India's concerns are that wanton use of BlackBerry smartphones could undermine India's security as terrorists could potentially take advantage of the encryption in smartphones.

    The government's fears have been corroborated by the smart use of mobile phones in the 2008 Mumbai terror attacks that left over 160 dead.


Share This Page