Blackberries , encryption and other mobile phones
tony.naggs at googlemail.com
Mon Aug 2 13:17:45 BST 2010
Well that is quite a few questions bundled together, so I will try to
unpick them a little...
RIM (Research in Motion) Blackberry email uses a proprietary system to
"push" notifications of new email to phones.
Larger businesses using RIM will typically license and run their own
Blackberry Enterprise Server email service, sitting on a computer next
to their mail servers. (Or possibly on the same computer these days?)
The business manages their own security configuration, such as whether
encryption is used, pay RIM handsomely and are responsible for
conforming to local laws such as responding to search warrants. (E.g.
where an employee is suspected of doing something illegal, such as
drug dealing, where the police believe there may be evidence in the
Smaller businesses pay RIM to use their regional servers. For their
Blackberry users they forward emails to RIM, and the email arrival &
content is notified to the user over an encrypted connection. Like any
other communications provider RIM must conform to local rules on
providing law enforcement access to the content of the communications.
As UAE, India and Saudi Arabia appear unhappy with the kind of
cooperation of RIM must surely be giving in other territories the
inference is that these countries actually want blanket access to all
email. (They would most likely say that this is justified by the local
threat of terrorism.)
I am not sure how email works on the newer Blackberry devices being
sold to consumers, I thought they use the standard Internet protocols
that other phones use. These are very often not encrypted, but the
actual security will depend on combinations of configuration of the
device and the remote access email service offered by your ISP.
I hope that clarifies things somewhat.
On 2 August 2010 08:44, Mary Hawking <maryhawking at tigers.demon.co.uk> wrote:
> According to Radio 4 Today this morning, the UAE is banning some functions
> of Blackberries because they are encrypted, the servers are outside the UAE
> and Blackberry has refused to allow access to the encrypted messages and
> calls and regard this as a security threat.
> The piece also said that they are not banning iPhones and, by implication,
> other mobiles: does this mean that the traffic on these is available to the
> UAE security forces, at any rate, when used within their territory?
> I'm about to change from an ancient Nokia and have been considering
> Blackberry, iPhone and Android (not necessarily in that order): what are the
> security models of each, and do they depend on the handset or the network?
> I.e. if I continue with O2 and get a Blackberry, does the handling of the
> messages depend on the device (Blackberry) or the network supplier (O2), and
> would it be different if I got an iPhone (or one of the Android phones) but
> still stayed with O2?
> Mary Hawking
> non-techie GP
> Mary Hawking
More information about the ukcrypto