Sunday, April 08, 2012

RIM reportedly gives Indian government access to full range of BlackBerry messages

The Toronto Star is reporting that RIM has agreed to provide the Indian Government with access to the full range of Blackberry communications (RIM gives India access to BlackBerry messages - thestar.com). The article this is based on (http://indiatoday.intoday.in/story/govt-to-tap-blackberry-messenger-security-privacy/1/183403.html) suggests that the Indian Government has been given some sort of backdoor into Blackberry Enterprise Servers, which is something that RIM has staunchly refused to do until now.


If this is true, the era in which Blackberry was the ultra-secure communications platform is over.


This also shows that what was once Blackberry's main strength is also its greatest weakness. Blackberry is a system and RIM controls everything, from the device to the servers. If they compromise one aspect of it, the whole system is compromised. On my Android phone, on the other hand, I can configure just about anything, including what VPN to use and what communications apps to run.

3 comments:

Wynn Fenwick, GCIA,GCIH,GAWN said...

Mr Fraser,

Its a sad statement when you only think you control how apps communicate and your private communications. Application security testers are painting a bleak picture of mobile application security. Check out OWASP and the findings their members are turning up. Applications that find authenticaton or encryption too hard often just revert to cleartext. Recently a certificate authority was issued a "wildcard certificate" for a zone much larger that the requestor should have been allowed. This allowed the person with that certificate to decrypt encrypted communications which persons believe are private. That you even know about the deal RIM made is testament to its systems security. Evidently governments that make deals have not found more economical ways to achieve their goals, and haven't been able to subvert the controls surreptitiously. The only thing worse than intercepted private communications is the when the participants are not aware that their communications are being monitored, and act with a false sense of privacy.


And in that respect, in disclosing the situation, perhaps RIM should be noted as assisting Indian privacy rather that damned for being dragged into the politics of communications privacy.

Finally the assertion that a disintegrated system like Android, with the worse device security record, the least capable cryptographic intrinsics and no central authority for security accountability, is invalid. In the history of computer security, there is no evidence that an integrated system is any more or less secure than a disintegrated one. In fact, the complex interrelationships orphan security as another tragedy of the commons. Google, carriers, handset providers, and users all think the other guys are "doing security". Their understanding is inhibited by security marketecture obfuscation rather than solid design integration and testing.
I'm sure its easy to pile on to RIM, but I assure you, its much harder to complete factual research on security assurance. I hope your readers don't believe what you claim. They will be the victims.

Wynn Fenwick

David Fraser said...

Thanks for your comment. I can't say I agree with all your conclusions and I also think you are reading too much into my brief posting. I did not say that an integrated system is less secure. In fact, it can be more secure as the entire continuum is under common control. That was RIM's strength.

It is also the weakness as a government can more readily say you can't sell your devices in our country unless you do something.

With an open system, the user can choose the components to use. Also, both the system and all of the pieces are open to scrutiny in a way that is not possible with a closed system.

Wynn said...

Thanks for your reply.

Within the open systems you imply, the components the user chooses are less likely to be as secure as the ones that a government requires the cooperation of the "ultra-secure communications platform" to change it's policy. When the vendor has to be asked, rather than simply just have vulnerable hardware and software subverted, then the nation state runs the risk that the vendor will disclose the demand and their response.

Regarding your suggestion of choice leading to perhaps more security: I don't see FIPS-140-2 level 3 or CC EAL4+ certified components available on the Google App Store. So asserting that choice = higher security isn't evident to me. Not that these are the sole criteria for assurance. But begging a disagreeable vendor for rights to do things that the vendor has no interest in pursuing on its own, is a risk of embarrassment for that Nation's policymakers. In other platforms this may not be necessary.

That the policy was also disclosed, rather than opaquely wrapped in an NDA dungeon, is commendable. It won't help them sell phones.

Wynn