One door closes and another door closes
|
|
|
UN telecoms chief sides with governments on data access
THE HEAD of telecommunications at the United Nations has said that Research in Motion (RIM) should give the world's law enforcement agencies access to its customers' data.
RIM has been locked in negotiations with several governments around the world that are demanding access to its users' communications that pass through its network.
The problem for RIM is that the firm seems to have at times maintained that it cannot access the content of its user's messages, saying that it simply cannot provide the information without re-engineering its infrastructure.
However, it has agreed to cooperate with some countries' spooks by providing logs and perhaps its customers' unencrypted messages.
Apparently its data traffic is encrypted in transit but not on its servers, because RIM reportedly has satisfied the demands of some countries by promising to site local servers within their borders, which their surveillance agencies apparently will be able to access whenever they present 'lawful demands'.
By first resisting surveillance and then accommodating certain governments' demands, it has both annoyed some national security agencies and confused its customers by putting out rather mixed messages.
Now the UN's telecommunications chief, Hamadoun Toure has said that officials fighting terrorism post "genuine requests" for information and that "there is a need for cooperation between governments and the private sector on security issues".
While that might be desirable, there's also the small matter of the rule of law to consider as well, and that's a principle that is observed with widely varying degrees of sincerity, honesty and due process in different countries. The UN, and even less one of its internal apparatchiks, has no power to direct RIM's response to demands made by foreign law enforcement and spy agencies. So we wonder why Mr Toure thought it appropriate for him to address RIM's recent troubles.
It seems that RIM has found itself in a Catch 22 situation. While political pressure has grown for RIM to disclose the contents of its users' messages and emails, doing so cannot help but severely dent the firm's previously excellent reputation for providing secure communications services.
Nevertheless, by not complying and then caving in to some demands it has also seen its market shares in some regions decline and its share price tumble as users have looked for alternatives and investors have gotten nervous.
It would be naive to think that RIM's encryption cannot eventually be broken by governments that have access to immense computational power, however many national surveillance organisations crave near real-time access to information and RIM has apparently already agreed to provide it to some of them.
The struggle between various governments and RIM has left observers wondering whether RIM could really make a stand for its customers' privacy. There are also legitimate concerns that RIM making unencrypted messages available to government law enforcement agencies and spooks could just make it a whole lot easier for them to monitor innocent people, suppress peaceful political dissidents and engage in commercial espionage.
It's hard to see how RIM can easily win in this double-bind situation in which it now finds itself. Its customers who care about their communications security might want to reconsider their alternatives. And we suspect that a market for third-party message routing through TOR, or something like it, and strong encryption software for Blackberrys and other smartphones might be about to really take off. µ
Share this:
Share
Sorry for that, Firefox gave me a Captcha error and now the rant is posted twice.
Moderator, could you please remove one of the two and this post as well ?
Thanks.
Sure, we all know just how high-tech terrorists are. They just love all those traceable devices that allow them to send operational data into the ether where they absolutely cannot control who listens in.
I'm sure the handler for the group that did the 9/11 attacks sent an SMS to Bin Laden when they boarded the planes.
And all we need to do now is triangulate the Blackberry GPS signals around the one antenna that exists there and we find him.
Oh wait, Bin Laden doesn't use a mobile phone ? And he forbids all mobile phones within twenty miles of his hideout so he cannot be found ? And his lieutenants don't use them either, so all their lackeys cannot SMS them ?
So what kind of terrorist uses mobile phones, only the terminally stupid ones ? The kind that trip over their own feet with a vial of nitroglycerin and end up only killing themselves ?
And we need government oversight of mobile comms because of that ?
Bollocks.
It's just another excuse for totalitarian regimes to run roughshod over personal freedoms, like they are doing more and more in such backwater countries as . . . the USA ?
Sure, we all know just how high-tech terrorists are. They just love all those traceable devices that allow them to send operational data into the ether where they absolutely cannot control who listens in.
I'm sure the handler for the group that did the 9/11 attacks sent an SMS to Bin Laden when they boarded the planes.
And all we need to do now is triangulate the Blackberry GPS signals around the one antenna that exists there and we find him.
Oh wait, Bin Laden doesn't use a mobile phone ? And he forbids all mobile phones within twenty miles of his hideout so he cannot be found ? And his lieutenants don't use them either, so all their lackeys cannot SMS them ?
So what kind of terrorist uses mobile phones, only the terminally stupid ones ? The kind that trip over their own feet with a vial of nitroglycerin and end up only killing themselves ?
And we need government oversight of mobile comms because of that ?
Bollocks.
It's just another excuse for totalitarian regimes to run roughshod over personal freedoms, like they are doing more and more in such backwater countries as . . . the USA ?
http://www.reuters.com/article/idUSTRE6822SR20100903
as a matter of fact that US and Israel are reading all messages.
RIM's only value is in maintaining a pretense that there's no backdoor. For all we know, the phones *do* send messages that encryption can't be broken on, per DaveK, but also send a version that RIM has a key for, so they can say both it's unbreakable *and* yet read all the messages. All you've got, DaveK, is misplaced trust of a commercial entity -- that's likely a spy agency front. And as I pointed out to "aeoran", you've no idea what code they *actually* use, are just assuming that they use the exampled code.
"It would be naive to think that RIM's encryption cannot eventually be broken by governments that have access to immense computational power"
No, it wouldn't at all. What would truly be naive (in the sense of being inexperienced or lacking a sophisticated understanding) would be thinking that there is enough computing power in the universe to exhaustively iterate a 128-bit key space, or that the complexity of breaking a key scales linearly rather than exponentially in the number of bits. It's not a problem that can be solved by throwing more computer power at it, and to think that it is is simply naive.
The problem with most customers is less about terrorism, but commercial espionage; I recall accusations that the NSA had provided information to Boeing regarding Airbus's bargaining positions. At this point, you might as well use easiest and most economic methods of transmitting messages, but layered under encryption.
Finally, a good sensible article on RIM debate. When RIM allowed SA access to "secure" messages, they lost all my business. Let one corrupt government have its way = let all of them have their way too! It saddens me as a Canadian to have one of our firms comply with a corrupt govt request, now they have to follow through with India, then who else knows! Bye RIM, I'm gonna short all the stock I can!