British intelligence agency called in to break BlackBerry encryption
Danny O'Brien
danny at spesh.com
Thu Sep 1 10:16:42 BST 2011
On Thu, Sep 1, 2011 at 1:00 AM, Marcus Williamson <marcus at connectotel.com>wrote:
>
> On Wed, 31 Aug 2011 18:25:47 +0100, you wrote:
>
> >Blackberry messages that go via a corporate server are encrypted
> >differently (the key is held by the corporate -- to the chagrin of India
> >and various Gulf states), but that wasn't the service that the kids on
> >the street were using.
>
> It's still not clear whether RIM gives access to the corporate server to
> security
> services of countries such as India and Saudi Arabia. Here's the RIM CEO
> blowing
> up when he was asked straight questions:
>
> http://news.bbc.co.uk/1/hi/programmes/click_online/9456798.stm
>
>
The protocol means that RIM doesn't have the keys for mail sent over
enterprise RIM systems (unless it's the pin-to-pin messages, which as
someone else mentioned, have the same key installed on every device. I think
medium-paranoid companies can change the key globally -- but it's still on
all of their extremely devices).
Of course, RIM *could* build a back door into their software (or their
devices) to bypass all of the enterprise protocol's carefully tended
security. But one whiff of that and all the businesses and governments that
were lary of using RIM in the first place because of their external
management of the BlackBerry infrastructure would run screaming.
Anyway, this is different from the consumer BB offering.
d.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.chiark.greenend.org.uk/pipermail/ukcrypto/attachments/20110901/bfbbf88d/attachment.htm>
More information about the ukcrypto
mailing list