RIM In Trouble For Not Violating Privacy

sufijazz writes "The US government is not alone in wanting to snoop on everything citizens do over email/phone. The Indian government wants that right too. RIM is stating they have no means to decrypt, no master key, and no back door to allow the government to access email." The article notes that 114,000 BlackBerries are in use on the Indian subcontinent. The government is concerned about attacks by militants and sees the BlackBerry as a security risk.

can't work even if they wanted it to

[gmack]

And there's the downside of governments trying to fight modern technology.

I bet if Blackberry did as they asked then people would start loading custom firmware on their phones to work around it.

Re:can't work even if they wanted it to

[Ren+Hoak]

The BlackBerry has really lost its monopoly on the messaging device. If they were forced to comply with this, I would expect them to lose market share while people flocked to any of the myriad other devices that provide convenient messaging services.

Re:can't work even if they wanted it to

And there's the downside of governments trying to fight modern technology.

I reject your implicit assertion that there is an upside.

Re:can't work even if they wanted it to

[unlametheweak]

It doesn't matter; allowing governments to spy on people does not stop terrorism, social injustice, crime, political unrest, famine or war. It's an irrational reaction to a problem. Deal with the cause not the effect. But I don't really think politicians are that stupid; I think they know this, but want the excuse to be in the best example of Orwellian arguments to tyranny, however subtly and slowly it creeps upon us.

Re:can't work even if they wanted it to

The BlackBerry has really lost its monopoly on the messaging device.

Blackberry never had a monopoly on the messaging device.

What Blackberry does have is the best mobile messaging platform, by far. Great management tools, great encryption, great integration with existing IT infrastructure.

Re:can't work even if they wanted it to

[smclean]

Or just use encryption. To me, that's what is so baffling about the government privacy crackdowns. If anyone who was even remotely well informed wanted to communicate in private, they'd use strong encryption. I guess once someone uses encryption, they get an Indian military intelligence unit parked outside their door.

Re:can't work even if they wanted it to

Your post so full of it. Let's see:

1. "lost monopoly" - was it ever a monopoly?
2. "people flocked" - you mean, everybody will just give up using BB just because a govt is trying to snoop on them? Have you stopped using your phones here in US - govt is spying on your calls for years now.
3. "myriad other devices for convenient messaging services" - which on? BB is best there is out there when it comes to messaging. iPhone does not even come anywhere near, and its a moot point anyways - its not available in India.

Re:can't work even if they wanted it to

[metlin]

Well, to play the devil's advocate, terrorism in India is a much more realistic threat than terrorism in the US is (a democracy surrounded by Pakistan, an Islamic dictatorship and China, an aggressive communist state).

Not that that gives the government the right to do what they are trying to do, but just that do not attribute to malice what can be attributed to idiocy, or desperation.

Just last week, there were several bomb blasts that killed over 80 people and injured hundreds more.

I don't necessarily think they are trying to fight modern technology, as much as try to prevent the bad guys from using it to their benefit. I do not necessarily agree with the way they are going about it, but I can certainly see where they are coming from.

Unlike the US where the state seems to use one incident as the bugaboo for massive invasion of privacy, countries like India and Israel face terrorism on a daily basis, and for them, this is a real, hard problem that needs to be addressed.

This is also a debate that has been going on for a long time, and it is too early to make a call.

Re:can't work even if they wanted it to

Or just use encryption. To me, that's what is so baffling about the government privacy crackdowns. If anyone who was even remotely well informed wanted to communicate in private, they'd use strong encryption. I guess once someone uses encryption, they get an Indian military intelligence unit parked outside their door.

Yes, but blackberries make it easy to communicate securely. You don't have the hassle of a PKI infrastructure with S/MIME certificates, or using PGP.

Incidentally, blackberries support PGP and S/MIME on top of their existing security.

Re:can't work even if they wanted it to

[Torvaun]

Don't forget that Bangladesh had a military coup a little over a year ago, and 2 ex-prime ministers, among others, are now in jail on corruption charges. For India, this is the equivalent of being a drug dealer, and seeing your pot-growing neighbor get raided by a SWAT team. Damn right the government there is going to be worried about militia groups.

Re:can't work even if they wanted it to

[sm62704]

do not attribute to malice what can be attributed to idiocy, or desperation

I believe Hanlon's razor is dull and rusty and Hanlon was probably using his razor to shave his own malice. Not that I ever heard off Hanlon before looking the quote up.

I subscribe to the credo "Never attribute to stupidity that which can be adequately explained by malice". Call it mcgrew's razor if you wish, it cuts the opposite way as Hanlon's. Malice itself is usually stupid, and anger is almost always counterproductive in our world.

But it matters little whether the person you are making excuses for is stupid or evil, the result is the same, and the cure is often the same as well. Why do you think they say "wow, that smarts" when they are in pain?

Re:can't work even if they wanted it to

[Tikkun]

You can't fight murder by banning knives, you can't fight hate by burning books and you can't fight conspiracy by banning privacy. Giving up your rights does not make you in any way safer.

Deal with the problem, not with the tools.

Re:can't work even if they wanted it to

Blackberry has been available in India for the last 3 years without the government or DOT raising a single issue about terrorists.

Its just when Tata Teleservices offered to provide the service that this suddenly became a 'terrorism' issue. Airtel and Hutch now Vodaphone have been providing blackberry since 2004.

This is not about terrorism but corporate politics and influence peddling which is the way of business in India. RIM just has to pay some money to the right people and this will die a natural death or ask Airtel/Vodaphone to stop their lobbying against Tata Tele.

Terrorism is fast becoming a favoured excuse and people should be a tad more skeptical before jumping to conclusions about threats that may not exist. Terrorists have many ways of communicating without resorting to blackberry. You can't stop technology because it can be abused.

Re:can't work even if they wanted it to

[Foobar+of+Borg]

So it can't be upside-down?

No, just an up-side, a down-side, a charm-side, a strange-side, a top-side and a bottom-side.

Re:can't work even if they wanted it to

[thePowerOfGrayskull]

As far as I know, the others don't use secure/private networks. That's a vital factor in the blackberry's success with businesses.

Re:can't work even if they wanted it to

[Bloke+down+the+pub]

Except these are Indians, so they wouldn't be able to make it work.

Re:can't work even if they wanted it to

[dgatwood]

The others support SSL-encrypted IMAP and SMTP. I just don't see the appeal of the way BB does this stuff....

Re:can't work even if they wanted it to

[Drokaten]

Why do you think they say "wow, that smarts" when they are in pain?

As Douglas Adams once wrote "Humans have the habit of continually stating and restating the very, very obvious."

Re:can't work even if they wanted it to

[vux984]

They ARE using encryption. That's how the blackberries work in 'enterprise' mode.

Its end to end encryption from the device to the enterprise messaging infrastructure. The encryption is essentially implemented and managed by the enterprise IT people not RIM, that's why rim has no 'access'; RIM just helps transport the data from device to enterprise and back, and designed their device and software to support enterprises that wanted to implement encryption.

Re:can't work even if they wanted it to

[lena_10326]

It's an irrational reaction to a problem. Deal with the cause not the effect.

What do you do when 50 years of diplomacy doesn't work or when adversary won't be satisfied unless you're dead?

Solving terrorism is not as easy as just dealing with it. Somewhere in that someone has to fill the gaps between desiring to solve it, finding the cause, and eliminating the cause. The best minds and entire nations have been working on it for decades, yet it still persists. At some point, desperation kicks in and all the remaining options, although Orwellian, will be tried.

I don't think terrorism will ever be solved. It's an unrealistic goal so what needs to be decided is what level of freedom do we need and what cost of life is going to be acceptable to maintain our freedom.

Re:can't work even if they wanted it to

[mazarin5]

Any government's biggest enemy is ubiquitous communication amongst its populous. Apply this to blackberries, phones, radio, email, and the Internet in general.

Re:can't work even if they wanted it to

[vux984]

Yes, but blackberries make it easy to communicate securely. You don't have the hassle of a PKI infrastructure with S/MIME certificates, or using PGP.

Actually you do have that infrastructure, and its managed by the IT people running the messaging server. That the point. Its all there, and its managed by the enterprises not RIM. That's why enterprises trust it... because they managed their own pki infrastructure, not RIM.

RIM made their devices support using it easily and out of the box, but they wouldn't have sold any if they hadn't, given who their original target market was.

The "problem" now is that I can setup an Exchange server in 'country X' and sell Blackberry hosted accounts on it to criminals or whoever, with end to end encryption to my server. And there is nothing the local government can do about it. They can't snoop on the data because its encrypted, and they can't even issue a warrant to the account host to get the data, because its in 'country X'.

I can snoop of course, because its my infrastructure, and I do have the keys. But my business and reputation is staked on not snooping, that's WHY I have customers.

Re:can't work even if they wanted it to

[gurubert]

What Blackberry does have is the best mobile messaging platform, by far. Great management tools, great encryption, great integration with existing IT infrastructure. Great integration into MS Exchange maybe. But try to integrate BlackBerries into an IMAP/SMTP shop.

Re:can't work even if they wanted it to

[Amouth]

Where i work we use exchange for mail and WM5-6 phones - and use SSL connections between the phones and the exchange front end for data transfer - it has push e-mail and works quite well... on top of that there is no middle man/software service for it.

while some may say BB is better.. we have people here who had BB's at other places.. they like what we have and i have heard no complaints

Re:can't work even if they wanted it to

[cayenne8]

"Well, to play the devil's advocate, terrorism in India is a much more realistic threat than terrorism in the US is (a democracy surrounded by Pakistan, an Islamic dictatorship and China, an aggressive communist state)."

Hey...now there is a great reason to outsource all of our IT (with associated privacy info) over to India. If it doesn't go down due to domestic terrorism, nuclear war...it can get pinched and stolen by China easier...

Man..our US corporations have really thought this out well...

Re:can't work even if they wanted it to

[l8f57]

And yet in North America (or Canada at least) they want to fight murder by banning guns.

Re:can't work even if they wanted it to

[cHiphead]

Blackberry is just a middleman to suck licensing $$ out of Exchange users. Exchange's RPC over HTTPs negates the need for a blackberry enterprise server in a microsoft centric shop.

Cheers.

Re:can't work even if they wanted it to

[Mattcelt]

...and depending on the governments, they have varying amounts of spin.

Re:can't work even if they wanted it to

[saforrest]

And yet in North America (or Canada at least) they want to fight murder by banning guns.

That's because they (myself included) believe that knives, books, and privacy have inherent value that exceed the virtue of banning them for the purposes of controlling murder, hate speech, and conspiracies, and further believe that guns do not have such value for most private civilians.

You could argue this by saying, I guess, that declaring that something must have value to be permitted is meaningless, since any dictator who wanted to ban books would just declare that books lack value (and indeed they do). I suppose this notion of "value" has to be defined by popular consensus, so if you can get enough people to say guns have inherent value (e.g. to overthrow the government through a "well-regulated militia") then go ahead. Such a popular consensus in favour of guns does not exist in Canada, so they ought to be banned.

Re:can't work even if they wanted it to

[Drgnkght]

I'm not sure what you mean by this. Blackberries do support IMAP/SMTP (even with SSL). I have one. It supports it just fine. What were you trying to have it do that wasn't working?

Re:can't work even if they wanted it to

[Sperbels]

You can't fight murder by banning knives, you can't fight hate by burning books and you can't fight conspiracy by banning privacy. Giving up your rights does not make you in any way safer. That's not true. Hitler's Germany was very safe...unless you were jewish...handicapped...or critical of the government...or...

Re:can't work even if they wanted it to

It really doesn't compare. You've clearly not tried to use both for any serious length of time.

Re:can't work even if they wanted it to

Whereas if you set up webmail over https in 'country X'... ?

Re:can't work even if they wanted it to

[cHiphead]

You've clearly not had to manage an IT budget for a medium sized corporation that wants to trim IT licensing costs to remain competitive. Not only is it a licensing cost, you need a separate set of knowledge to effectively manage BES on top of Exchange, so more hours spent training inhouse or more money spent directly on outside consultants.

I've managed both for serious lengths of time, at several different clients.

Cheers.

Don't AC on my parade.

Re:can't work even if they wanted it to

[torkus]

Except there is a lot you can do on BES that a plain 'ol BB can't do by itself. THB, BES licensing isn't that expensive - especially compared to MS licensing. Heck, T-Mobile gave me 500 free BES CALS as part of a promotion with RIM just for buying blackberries (which we got at a steep, steep discount as well).

In a small cost-centric shop you don't need a BES. In a medium size enterprise where security, accountability, monitoring, and support are more of a focus the BES is extremely handy if used vaugely correctly.

Re:can't work even if they wanted it to

[torkus]

Agreed. Furthermore, does anyone thing that there won't be (or isn't already) a secondary encrption program for blackberries? Stupid terrorists and criminals generally make themselves know without invasive spying on everyone for no reason. Smart ones easily circumvent said spying.

C'mon, if all this spying really did some good don't you think someone, somewhere along the way would stand up, show proof, and say "here people look! See? It's serious". Politicians LIVE for that one nugget of actual evidence in a world of wishy-washy interpreted opinions and comments taken out of context.

Re:can't work even if they wanted it to

Don't mix up Pakistan with the local warlords in Pakistan. The government of Pakistan is not very friendly to terrorists. However, it is also powerless to stop terrorism, as the people behind it are tribal warlords whom people hold their allegiances towards.

"Government" in those areas mean very little. "Government" is present for the people in those areas to deal with the rest of the world, or perhaps, for the rest of the world to feel comfortable dealing with them. Such government has very little influence over local affairs.

And if China was actually aggressive, Japan would be its first target. As such, China wields a lot of influence over SE Asia, and as such, is the subject of other people's irrational fears and insecurities. However, while China and India may have the occasional dispute, they're hardly sworn enemies. It's more of a competitive relationship.

Re:can't work even if they wanted it to

[torkus]

Welcome to free society. Please take a number and someone will be with you shortly to handle your complaint. /sarcasm

Besides, you can use almost anything for a bad purpose of you try. We should also monitor sunlight...because it could be reflected in a pattern such that it communicates naughty words or terrorist threats.

Re:can't work even if they wanted it to

[sm62704]

But I refer to the meaning of the word "smart". If you do something that causes pain, you are less likely to repeat that action. In other words, pain makes you smart.

Re:can't work even if they wanted it to

[torkus]

But if I'm not going to intentionally or maliciously kill someone with my gun, why shouldn't I have it? Better, why should it be illegal to have it if I want to - it's not like the law forces a gun into every child's hands and requires they carry it.

Ban guns - then criminals will be the ONLY ones with guns.

Re:can't work even if they wanted it to

[vux984]

Welcome to free society. Please take a number and someone will be with you shortly to handle your complaint. /sarcasm

What did I say that sounded like a complaint??

Re:can't work even if they wanted it to

[vux984]

Whereas if you set up webmail over https in 'country X'... ?

Exactly the same scenario and that's my point. There is nothing special about blackberry.

The end to end encryption it supports is managed by the end users and this is no different than any other solution where that applies, including https webmail.

Blackberries are more user friendly for easy messaging between 'pda/cellphones' than webmail though.

Re:can't work even if they wanted it to

[torkus]

I was referring to those who are crying because the encryption works, is secure, and has no back door (aka gov't).

Re:can't work even if they wanted it to

The opposite of Hanlon's Razor is (according to me) Hanlon's Bane, which will surely find favour among Hanlon's enemies...

'Never admit to malice that can be adequately excused as incompetence.'

Re:can't work even if they wanted it to

The others support SSL-encrypted IMAP and SMTP. I just don't see the appeal of the way BB does this stuff....

What? You didn't drink the kool-aid? Seriously, I used to wonder the same thing, but the blackberry is a far better platform.

You're right, lots of mobile devices can do POP/IMAP/SMTP with SSL. So, you've got your mobile device, and you want to see if you've got email. You click the "check email" function, or it runs in the background all the time, checking every five minutes for new mail. That's called "pull" email, and it means you run up a considerable data bill, even when you're not sending email. There was some poor guy bought an iphone immediately when it came out, activated it with AT&T, then took his shiny new iPhone to Europe on a trip. The default for the iPhone is to check for new email every 5-10 minutes, even if the phone is not "on". So this poor sucker gets a huge international roaming data bill even if he didn't send/receive a single email.

By comparison, the blackberry is "push" email. There is no need to check for new messages. If your email account gets a new message, the server pushes it to your device. Unless you are sending/receiving a message, your data usage is zero. If the guy had a blackberry instead of the iphone, his international data bill would have been zero. Lots of people & companies like that, especially those of us who live in countries with ridiculously high data rates (like Canada - we are in the dark ages when it comes to mobile phones & services).

Does your nokia/treo/ericsson sync your todo list, calendar and address book in real time with your desktop?

In a large company with 50,000 employees, a blackberry can look up email addresses in active directory or notes.

RIM also realized the limitations of the handheld form factor. Even with a big screen handheld, you don't want or need the full html-ized email that most people send these days - it's not going to display well. So, why send all this data that doesn't display well? When the email arrives at the blackberry server, the server strips out most of the html fluff (which can reduce the size by 50%-90%), then compresses the message with a conventional compression algorithm, then encrypts the message with AES, then sends it to the blackberry device. That reduces the data bill even further. Beancounters like that.

Since big attachments aren't going to display well on a small handheld screen, the blackberry server compresses & modifies the attachment to a form that will display well on a small screen. Does your nokia/treo/ericsson do that?

What about device security? Does your nokia/treo/ericsson store the pop/imap email securely on the device in encrypted form? Nope. Blackberries can do that.

Does your nokia/treo/ericsson support PGP and S/MIME for extreme paranoia? No, but blackberries do.

RIM provides full documentation and a developer kit to build your own applications. You don't have to beg apple please pretty please can I write an application and put it on my own phone.

What if you lose your blackberry with all your important company secrets on it? The blackberry server can remotely lock the handheld, or even wipe the entire thing with a single command. Does your nokia/treo/ericsson do that?

Some companies are required by law (like investment banks) to track all communications that staff have with clients. Does your nokia/treo/ericsson do that? Blackberries can track every phone call, email, SMS, IM and PIN message.

Can you prevent your staff from installing software on a nokia/treo/ericsson? You can with blackberries.

Can you prevent your staff from using the internet, bluetooth, memory cards, cameras, GPS, or long-distance calls with a nokia/treo/ericsson? You can with blackberries.

Don't get me wrong, blackberries aren't needed by everyone. But they are very handy, and the best mobile messaging platform, by far.

Re:can't work even if they wanted it to

Let's play your game for a moment.

Let's say homosexuality has no inherant value, since there is no way to produce offspring this way.

What 'value' does homosexuality bring?

Are you saying that anything without 'value' to you should also be banned?

There are many things that are 'banned' but still readily obtainable.

Re:can't work even if they wanted it to

[hypergreatthing]

But it's sorta dumb. You can't stop people by reading their messages. Anyone could easily know that you're reading your messages and purposely send fake ones to divert your attention and resources. Isn't that what's been happening with the US's counter terrorism? It's stupid to depend on technology for security.

Re:can't work even if they wanted it to

Well, to play the devil's advocate, terrorism in India is a much more realistic threat than terrorism in the US is (a democracy surrounded by Pakistan, an Islamic dictatorship and China, an aggressive communist state).

Not that that gives the government the right to do what they are trying to do, but just that do not attribute to malice what can be attributed to idiocy, or desperation.

Just last week, there were several bomb blasts that killed over 80 people and injured hundreds more.

I don't necessarily think they are trying to fight modern technology, as much as try to prevent the bad guys from using it to their benefit. I do not necessarily agree with the way they are going about it, but I can certainly see where they are coming from.

Unlike the US where the state seems to use one incident as the bugaboo for massive invasion of privacy, countries like India and Israel face terrorism on a daily basis, and for them, this is a real, hard problem that needs to be addressed.

This is also a debate that has been going on for a long time, and it is too early to make a call. When the government strops being the "people's government", throughout history, 'things change'.
While some governments can apply the shackles to technology, someone or some group will create an effective workaround, however temporary that might turn out to be.
Someday, I might want to move to Monaco, or possibly Sweden, where individuals have rights that are supported by the government - ironically benevolent monarchies.

Re:can't work even if they wanted it to

[painandgreed]

OK, Canada may consider guns to have no value to the private citizen, or at least parts of Canada because I've heard lots of bitching from Canada on gun boards. Anyway, you might want to verify that your goal, reducing murders, is actually affected by the banning of guns. Typically, this is not the case. When gun bans go into effect, after the initial period where there is intensive police activity, you usually see the same murder rates as before the ban. Gun murders do go down, but the total number of murders does not. So unless you actually consider dying by gun rather than some other device, there's no reason to ban guns because nothing shows that this actually affects the number of murders committed. The only trends I've seen that actually change from previously existing trends from before such bans is an increase of crime and police brutality. If it could actually be shown that there is a consistent percentage drop of murders in the majority of areas where gun bands go into effect, there might be a case to ban guns. As it is, gun bans just exist to make some neurotics feel good about themselves.

Re:can't work even if they wanted it to

[Sloppy]

Yes, but blackberries make it easy to communicate securely. You don't have the hassle of a PKI infrastructure with S/MIME certificates, or using PGP.

If that's true (i.e. they made it so "friendly" that the user never has to think about whether or not the key they have for someone is correct) then it's probably vulnerable to MitM.

People bitch about PGP or other PKIs being "hard," but I've never heard of anyone describing a "not hard" system that actually could work reliably.

Re:can't work even if they wanted it to

[dgatwood]

I get the whole push-pull thing, but I think it's an artificial limitation forced by the telcos. Instead of working around it, we should be pushing for unlimited international data plans. That way, you not only get the advantage of no huge surprise bills, but also get the benefit of data for non-mail purposes.

Re:can't work even if they wanted it to

[BoberFett]

Does terrorism need to be solved? Of all the causes of death in the world, terrorism is pretty low on the totem pole. And when you look at the cost of fighting different causes of death, terrorism is way overblown.

How many people have died in the US due to terrorism compared to what we've spent on it?

How many people have died due to heart disease and cancer compared to what we've spent on them?

People's fears of scary muslims behind every corner are the stuff of Saturday morning cartoons.

Re:can't work even if they wanted it to

[Original+Replica]

"And there's the downside of governments trying to fight modern technology. I bet if Blackberry did as they asked then people would start loading custom firmware on their phones to work around it."

Maybe some few people would feel the need to have Big Brother proof texting, but the terrorist could just use something as simple as a one time pad. People that really really want to communicate in secret will be able to do so, and broad government snooping program only achieve two things: encourage the badguys (tm) to be more careful, and trample all over the privacy rights of the goodguys (tm). I'm sure this will only ever actually be used to bust a few minor pot dealers and truant teens.

Re:can't work even if they wanted it to

That's why you should help write a GPL J2ME voice encryption client.

Re:can't work even if they wanted it to

but just that do not attribute to malice what can be attributed to idiocy, or desperation.

No, you miserable, goddamned, cowardly lickspittle.

The correct formula reads, "Do not attribute to idiocy or desperation what can be attributed to a profit motive or to political power-grabbing".

As someone said, "Terrorism, money-laundering, kidnapping and kiddie porn are the Four Horsemen of the information age."

Just appeal to any one of them and all opposition is automatically and immediately consigned to the categories of "terrorist, narcotics trafficker, terrorist again or pederast".

Fuck that shit -- using stupid, unproven labels is just the way of weasels and cowards to stifle freedom of discussion and to impose the tyranny of the tremulous upon the formerly free.

Re:can't work even if they wanted it to

[EdIII]

I don't really agree with everything you said, but the Troll modifier was completely unwarranted. If I could I would give you an Insightful to offset it, but alas, no mod points. To answer your question about what level of freedom we need...

"Abso-fucking-lute-total-complete-unfettered-pure-grade-A-can-lick-the-chrome-off-a-bumper-freedom."

Personally, I will accept ZERO losses of freedom for even real gains in security. Not perceived gains mind you, REAL tangible gains.

You are correct in that solving terrorism is not an easy thing to do. Solving Islamic fundamentalist terrorism is easier to solve than just plain old "terrorism" though. I know some may want to give me a Troll modifier for what I say next, but think about what I am saying for a second....

I am PERFECTLY willing to go and KILL absolutely every one and everything affecting my freedom. Just point the direction. If a politician says to me that I have to lose freedom, privacy, and anonymity due to some enemy out there, I will respond with this question, "Can we just go kill them instead?".

The problem with being evolved and having limits is that there are others out there not willing to play by the rules of your game. Sometimes you have to fight for your freedoms, to fight for peace, as crazy and sad as that sounds.

If the entire Middle East has to become a huge field of glass to save the world for the rest of us, then so be it. Human history is littered with far more brutal events than something like that happening anyways.

I know how bad that sounds, but I just refuse to live with a high-colonic-super-duty-surveillance system shoved up my ass to deliver questionable gains in security in return for unquestionable losses of my freedom. Whatever happened to fighting for your freedom? I thought that was the American Way right?

Re:can't work even if they wanted it to

[DarkOx]

Dones anyone know how the BB actually communicates with RIM. With Exchange Active Sync the device actually PULLs. "Push" is fake. Your WM5-6 phones make and HTTP request to Exhange. Exchange simple does not write back a response until [something happens, new mail forexample], if 15min goes by and there are no events the connection times-out and the device imediately opens a new one, lather rinse repeate.

Re:can't work even if they wanted it to

I agree with what you're saying but...

How many people have died in the US due to terrorism compared to what we've spent on it?

US companies profit from the war on terrorism.

How many people have died due to heart disease and cancer compared to what we've spent on them?

US companies profit from causing heart disease & cancer. Fast food is big business, as is tobacco. One of the largest tobacco companies also owns one of the world's largest suppliers of medical equipment for respite care.

People's fears of scary muslims behind every corner are the stuff of Saturday morning cartoons.

True but taking away people's privacy to keep them safe doesn't seem to upset people as much as taking away their right to smoke, eat junk or carry guns and if you dare to think differently then you're just un-American and not a patriot.

The war on terror is big business. The governments, news media, weapons manufacturers, tech industry and all those companies in-between try to keep everyone in a constant state of fear so they can make more money and ensure future profits. Its no different to Microsoft's OS/Office lock-in except they use fear of the unknown/getting blown up to keep the ignorant people in line.

Re:can't work even if they wanted it to

[Dan541]

But then how would telco's make money?

Have you ever wondered why phone calls and SMS is so cheap?

It's because phone companies have found other avenue's of profit and now use cheap phone calls as a marketing tool instead of a profit tool.

Re:can't work even if they wanted it to

[Dan541]

Cancer doesn't give the government power, Terrorism does.

Re:can't work even if they wanted it to

[petermgreen]

the main flaw in https is in certificate creation. You are trusting the root CAs and anyone they delegate certificate creation power not to help your attacker. If the attacker can get a cert for your domain and can intercept the network traffic then they can do a mitm attack.

also iirc IE has a bug that makes mitm attacks pretty easy (iirc it defaults to assuming a cert that doesn't say otherwise can be used to sign other certs).

Re:can't work even if they wanted it to

[lena_10326]

I don't really agree with everything you said, but the Troll modifier was completely unwarranted.

I know. Jesus H. Christ. WTF. The idiots mod'ding on here are getting rather out of hand. My post was so NOT troll.

Anyway. Back to business and on to your your reply.

Personally, I will accept ZERO losses of freedom for even real gains in security. Not perceived gains mind you, REAL tangible gains.

It's too late. In 2008, you can be stopped, required to show your 'papers' (driver's license), questioned and interrogated, threatened with guns, shot, arrested, and taken into custody without committing any crime. How? By police. There are so many laws on the books that at any given moment in time you are guilty of something, even if it's a matter of interpretation and you eventually get off, it can still happen causing you grief, humiliation, financial loss, and wasted time. The depressing part is it's worsening by the month.

I am PERFECTLY willing to go and KILL absolutely every one and everything affecting my freedom. Just point the direction. If a politician says to me that I have to lose freedom, privacy, and anonymity due to some enemy out there, I will respond with this question, "Can we just go kill them instead?".

My stance would not be so aggressive. I would draw the line at our borders. Inside our borders, yes, but outside no. I don't feel invading other countries to root out 'tarrists' and thus create new 'tarrists' is a wise plan of action, nor is losing our moral ground.

Whatever happened to fighting for your freedom? I thought that was the American Way right?

We all have different definitions of fighting though.

Re:can't work even if they wanted it to

[matresstester]

Bingo! That's the only good explanation on why this is coming up. India has tonnes of expertise and they for sure know how the blackberry architecture works. The Indian government is just trying to cut RIM out of the loop so telecom companies can get a bigger slice of the pie. And if they can't give the servers to the telecom companies, at lease they'll get RIM to open a datacenter in India and hire lots of their workers.

Blackberry has been available in India for the last 3 years without the government or DOT raising a single issue about terrorists. Its just when Tata Teleservices offered to provide the service that this suddenly became a 'terrorism' issue. Airtel and Hutch now Vodaphone have been providing blackberry since 2004. This is not about terrorism but corporate politics and influence peddling which is the way of business in India. RIM just has to pay some money to the right people and this will die a natural death or ask Airtel/Vodaphone to stop their lobbying against Tata Tele. Terrorism is fast becoming a favoured excuse and people should be a tad more skeptical before jumping to conclusions about threats that may not exist. Terrorists have many ways of communicating without resorting to blackberry. You can't stop technology because it can be abused.

Re:can't work even if they wanted it to

[junglee_iitk]

I though RIM was short for Reliance India Mobile!

If Tata is Google, Reliance is Microsoft.

Re:can't work even if they wanted it to

[Monsuco]

But I don't really think politicians are that stupid; I think they know this, but want the excuse to be in the best example of Orwellian arguments to tyranny, however subtly and slowly it creeps upon us.

Or, more likely, they panic over everything they don't understand, thinking that if it exist, it must be regulated somehow. I doubt the same politicians that can't agree on a tax code that is less than 10,000 pages could successfully be planning in some vast conspiracy to remove your rights. Never attribute to conspiracy what can be attributed to incompetence.

Re:can't work even if they wanted it to

[daecabhir]

And me without mod-points. The point, of course, is that no one wants to deal with the cause of these ills because then they might have to actually face up to the fact that greed and blatant disregard for the whole of humanity has brought much of this to fruition. Without discontent or dissatisfaction, there would be no motivation to cause harm or chaos. It is the "let them eat cake" attitude that will ultimately bring what we know as civilization crashing down around our ears, because there are many more people on this planet who feel disenfranchised than those who believe that they cannot be touched due to their wealth.

Re:can't work even if they wanted it to

[SteveTheNewbie]

You are correct in that solving terrorism is not an easy thing to do. Solving Islamic fundamentalist terrorism is easier to solve than just plain old "terrorism" though. Or you could just stop being afraid.. novel concept I know.

Re:can't work even if they wanted it to

[deimtee]

This is obviously the point at which we need to implement a standard model of government.

Re:can't work even if they wanted it to

[dgatwood]

SMS is cheap? It's something like a billion dollars a gig. That is how they are making profit---not through data charges, but through nickel and diming people who don't realize they're being screwed.

Re:can't work even if they wanted it to

[Dan541]

$49 = 1000 SMS

Sure it's not as cheap as email but its allot cheaper than it used to be.

Re:can't work even if they wanted it to

[uniquegeek]

I started hanging out here more recently, and I've noticed troll modifiers are used in over-abundance. When used with a heavy hand, it says two things about the person They don't like what someone says. They are so arrogant of their own position that they can't even entertain that another opinion might warrant consideration and thought.

Re:can't work even if they wanted it to

[wvmarle]

Well, to play the devil's advocate, terrorism in India is a much more realistic threat than terrorism in the US is (a democracy surrounded by Pakistan, an Islamic dictatorship and China, an aggressive communist state). Since when are states responsible for terrorism? Please! Stop being brainwashed by your warmongering presidents and would-be presidents! Terrorism is something different. It is organised by non-government groups that have their own, often extremist or sometimes separatist, agenda. States don't do terrorism, they do war. A big difference in tactics and scale.
India has a serious terrorism threat: this is a mainly internal conflict between religious groups, mostly Hindu and Muslim. China is no direct threat to India, even though they do not go well together (and indeed have some border disputes). Pakistan's government is also not too much of a threat - that is pretty much limited to the disputed Kashmir region. They are indeed involved in an ongoing war, shooting at each other regularly. India's muslim terrorists may well have support from Pakistan, though I doubt it is official government support. If the Pakistan government supports them it's in a passive way, by doing nothing. But then as Pakistan is under threat of terrorism and internal conflict itself (think: Bhutto's assassination) even that support is not likely.
India's government may be afraid of international spying: by rivals Pakistan and China, and likely also the US government. But for the latter, if as a country the US government would not spy on you, that's reason to be worried because then you're truly insignificant.

Re:can't work even if they wanted it to

How about the simple fact this is bringing it to the public attention?

If some militant who didn't know before that Blackberries allowed secure encrypted communications which their government can't read... ...they do now!

Re:can't work even if they wanted it to

[EdIII]

Who said anything about fear?

They bomb a plane, we bomb 5 of their training camps. They take down a building, we kill 1,000 of their leaders. They set off a dirty bomb, we nuke several cities into dust. They kill 100,000 of us in an attack, we KILL EVERY FUCKING ONE OF THEM ON THE PLANET.

Screw proportional response. The only thing they understand is violence. I don't fear them at all. We have enough resources, that if used properly, could be used against them with devastating effect.

There is a difference between terrorism and Islamic fundamentalists. You cannot fight terrorism directly. That is a social problem. To solve that you have to address the cause of terrorism. I personally believe that strong society in which there is not an abundance of fear and misery every day is nearly immune to it.

Let me explain. Pat Robertson and other religious nutbags here in the US can keep talking all they want and attempting to spread their bigoted FUD everywhere. They are largely marginalized in the US, as they should be. The US is not entirely ruled by Christian fundamentalism in this country. We hear it, but we just ignore it and go on with our lives.

Can you say the same about the Middle East? Not hardly. The religious nutbags in the Middle East do run things directly. They can reach out and kill people that disagree with them. The Taliban was the most extreme example of this. When you have a young man or woman that is in pain, both physically and mentally, told that another group of people are responsible for their pain, it is FAR easier to recruit them into doing something.

If you have a man that has a decent life, a good family, and a TV to watch and a woman to drink a few with and get jiggy with it... then you have a man that is far less willing to sacrifice his prosperity and family for the fanatical ideas of another.

So to fight terrorism directly is nearly impossible. You need to address the problems in a society to slowly reduce the effectiveness and influence of fanatical people that are willing to hurt others to achieve their vision.

Islamic fundamentalists on the other hand... are a lot easier to find. We can identify them and their leaders. We could deal with them more effectively than we are now.

So we have two choices:

1) Live in fear. Lose our freedoms. "Fight" a war with our hands tied behind our back with an enemy that does not have any such restraint. Hemorrhage resources at fantastic rates and go bankrupt doing it. Slowly torture groups of people in doing so.

2) Live without fear. Maintain our freedom. Actually fight a war. Don't occupy any on spot, just obliterate it and move on the next target. By war, I do not mean a war against any one country. Let's spend the billions we are spending right now on the intelligence community and assassins to find those terrorists and just kill them quietly. We accomplish two things there. Semi-plausible deniability with the attacks, and making the Middle East a place that is a little easier for the sane and rationale people to live their days without fear as well.

Re:can't work even if they wanted it to

[unlametheweak]

I was thinking of it as being more of a general attitude and mindset than a conspiracy. People in power generally like to use that power, and so as an example we have the historical US system of checks and balances offset by the expanding executive powers of the White House. As the old saying (or observation) goes, "power corrupts". Democratic-type countries don't have a lot of history compared to the more tyrannical government types. Where democracies do exist (and have mainly evolved throughout the 20th century), there does appear to be a trend towards more "law and order" and less personal liberty. I propose that this is do to the types of people who generally trend towards power positions (business leaders and politicians). They have the marketing and oligarchical financing to put their psychological whims into reality.

Yes, as you've said, "... they panic over everything they don't understand, thinking that if it exist, it must be regulated somehow." Politicians tend to be business people and not social scientists, historians, or economists; and that being said they tend to be unqualified for their position. They are charismatic leaders, and not natural leaders of intellect or any type of utilitarian ability.

Of course it's not all just psychology; there are conspiracies; the War on Drugs is not just a US institution but is coordinated world wide. The same with WIPO, etc and so on. People in power do want to control our thoughts and behaviors. Of course if you agree with these political agenda's then you probably won't think of yourself as Orwellian or tyrannical. If you happen to be in a jail because of these conspiracies then you would think otherwise.

Best regards,

UTW

Re:can't work even if they wanted it to

[Fred_A]

That's why I only encrypt in ROT13. Otherwise it would be nasty to underpaid government workers.
Somebody has to think of them after all.

Re:can't work even if they wanted it to

[metlin]

It's no use arguing with an idiot who doesn't know much, but I figured I'd at least provide a link.

Re:can't work even if they wanted it to

[jo42]

you need a separate set of knowledge to effectively manage BES on top of Exchange Heh? Install BES on a seperate box (from Exchange) with enough resources. Use it. Or did I miss something when we deployed BES?

Re:can't work even if they wanted it to

[SteveTheNewbie]

nice attempt at a diversion, but please, don't use the word 'terrorism' if you don't mean it (and yes, if you read your original post you used it and then changed/omitted it in your reply)

Oh, and did you ever think that fighting an idea is about as stupid as.. well, pretty much anything.

I guess it is good to be a little patriot and soak up what your glorious leaders tell you tho eh. carry on then.

Re:can't work even if they wanted it to

[EdIII]

Bwahahahahah!

You think I have soaked up ANYTHING "my" glorious leaders have told me? Not Hardly. Not by a long shot. Do not confuse my position with blind American patriotism. It isn't. Now that is a "diversion" from my point.

My posts are far from a diversion too. You seem to have a problem with the word Terrorism. Well so do I. It is confusing and it may seem like I am using it differently in different posts.

There is terrorism as defined by the current administration in the US, and there is the real definition of terrorism. Let's call it Tewworists and terrorism. Terrorism as a simple word defines:

"The unlawful use or threatened use of force or violence by a person or an organized group against people or property with the intention of intimidating or coercing societies or governments, often for ideological or political reasons."

Tewworists refers to "Lions, Tigers, and Bears OH MY!" excuse of the current US administration to basically destroy people's lives, rape and pillage the resources of the US, piss off and alienate the rest of the world, and to nearly completely eliminate whatever rights and freedoms we ever had as Americans.

Now speaking about terrorism, having nothing to do with the US and Islamic fundamentalists, I agree that fighting an idea is pretty stupid and a huge waste of time. However, that is what people who engage in terrorist activities are doing. They are not content to have meaningful dialog, leave peacefully, or to accept in any way shape or form the "idea" that others can live without conforming to their ideological and political agendas. Society cannot fight those people. It has to separate them from society by expulsion, incarceration, or death.

Now Tewworists actually DO EXIST. The way our leaders have chosen to react to those people is what I find so egregious. Instead of truly dealing with the problem in a decisive effective way, they have used it to their advantage to consolidate power, eliminate rights, and to basically pursue their own hideous agendas.

You make a serious mistake in confusing my "patriotic" enthusiasm for identifying Tewworists and killing them by the thousands with blind support and faith in my "glorious leaders".

True patriotism in the US is questioning my leaders, distrusting government, and pushing for change. Patriotism is another word that has been violated as well, and you use it incorrectly IMO. Certainly in describing my position.

If I did not make it clear before, I am wholeheartedly enthusiastic about "killing the shit" out of anybody else on this planet that would dare threaten my freedom here in the US. I would rather die defending this country and its freedoms than give in to fear, uncertainty, and doubt.

To also make it abundantly clear, I do NOT believe that the current US administration has any freakin clue about who to attack and where. I never said I think they have been attacking the right people, or voiced my support for the war in Iraq.

Re:can't work even if they wanted it to

[dgatwood]

$49 = 156.25 kilobyyes maximum. That's not even 33 bytes per penny.

Sure it's not as cheap as email but its allot cheaper than it used to be.

That's like saying, "Sure, if you go to New York City, you'll get robbed and raped, but at least they probably won't murder you like they would have ten years ago...." :-)

Re:can't work even if they wanted it to

[vux984]

the main flaw in https is in certificate creation. You are trusting the root CAs and anyone they delegate certificate creation power not to help your attacker.

You don't have to trust the root CAs if you don't want to.
And you can manually add cert's you DO trust to your browser.

also iirc IE has a bug that makes mitm attacks pretty easy (iirc it defaults to assuming a cert that doesn't say otherwise can be used to sign other certs).

Again that's not a showstopper if you want security. You can either only trust certs that explicitly don't allow signing, or not use IE. ;)

The problems aren't with HTTPs those are problems with cert management. And yeah, the default cert management is a balance of security and convenience, but you CAN remove all your certs, and import only those you actually trust if you are willing to take the trouble.

Re:can't work even if they wanted it to

Blackberry is just a middleman to suck licensing $$ out of Exchange users. Exchange's RPC over HTTPs negates the need for a blackberry enterprise server in a microsoft centric shop.

You know, you're not making any sense. To start with, the blackberry enterprise server is also available for Lotus Notes and Novell Groupwise.

RPC over HTTPs has nothing to do with mobile email. RPC over HTTPs is for Outlook to easily connect to Exchange using strong encryption over port 443. Since port 443 is used for https, the vast majority of routers/firewalls pass it through without problems.

You're probably thinking of Exchange activesync or Exchange OMA - those are for mobile email.

While there are lots of mobile email platforms, none of them come close to the features of the blackberry, period. If you think otherwise, you really don't know what you are talking about. If you don't want to pay the blackberry premium, then don't. You might not need all the features blackberries offer.

Some people are happy driving a Hyundai. Others are happy driving a Lexus. Both will get you to work, but one is better built, more reliable and has more features.

Blackberries are not that expensive, and cell phone carriers will often throw in the blackberry enterprise server licenses if you buy 20+ handhelds - mine does.

Re:can't work even if they wanted it to

"You've clearly not had to manage an IT budget for a medium sized corporation that wants to trim IT licensing costs to remain competitive"

You clearly like to conflate dissimilar arguments. He said it in his opinion it was the best platform not the cheapest.

Re:can't work even if they wanted it to

[SteveTheNewbie]

And here appears to be your problem

Now speaking about terrorism, having nothing to do with the US and Islamic fundamentalists, I agree that fighting an idea is pretty stupid and a huge waste of time. However, that is what people who engage in terrorist activities are doing. They are not content to have meaningful dialog, leave peacefully, or to accept in any way shape or form the "idea" that others can live without conforming to their ideological and political agendas. Society cannot fight those people. It has to separate them from society by expulsion, incarceration, or death. You cannot kill an ideal, if you do then it simply springs up elsewhere, 'seperating these people from society by expulsion, incarceration or death' simply doesn't work, history has shown us this, why try to repeat it fruitlessly ? and this is the exact same problem the current US administration has as well, so really, your stance is no different abeit that you may be doing the 'seperating, expulsion incaceration and/or death' for different reasons.

As I said earlier, if you want to fight terrorism (being, as you said just now)

"The unlawful use or threatened use of force or violence by a person or an organized group against people or property with the intention of intimidating or coercing societies or governments, often for ideological or political reasons." Its really easy, simply don't let them intimidate or coerce you into something you wouldn't normally do.

I know for some people this means playing the 'i have a bigger stick than you' game, but one of the easiest ways to not be intimidated really is just to ignore them, eventually they will give up and go away.

It always takes two to have a fight. Why are you so eager to ensure those two parties exist so we can have our conflict ?

If I did not make it clear before, I am wholeheartedly enthusiastic about "killing the shit" out of anybody else on this planet that would dare threaten my freedom here in the US. I would rather die defending this country and its freedoms than give in to fear, uncertainty, and doubt. Has it ever entered your head that they may be having the exact same attitude toward the western world ? (not to mention that it's not them removing your freedoms, but your own administration, maybe you should take your anger out on the right crowd.)

Re:can't work even if they wanted it to

[bhtooefr]

And lately, it's the Hyundai that's better built and more reliable, and I think might even have feature parity with the Lexus. (Genesis vs. Lexus GS.)

Re:can't work even if they wanted it to

[Amouth]

that is exchange 2003.. exchange 2007 can do that and also notify of new message by SMS (notify the device to go get it.. not the person)

Re:can't work even if they wanted it to

[saforrest]

Let's play your game for a moment.

Let's say homosexuality has no inherant value, since there is no way to produce offspring this way.

What 'value' does homosexuality bring?

First, I never argued that things should be banned merely because they have no value, but because they have no net value. Anyway, your reductio ad absurdum is absurd in itself. I think we've long since realized that sex is about more than procreation, so homosexuality has value as the natural means of sexual fulfilment for homosexuals.

This could set a precedent

[Beryllium+Sphere(tm)]

Phone companies in the US, maybe elsewhere, are legally required to facilitate eavesdropping under CALEA. End to end encrypted data services such as Skype and Hushmail have escaped this so far.

Will they be faced with the dilemma of changing their architecture versus being banned? Will they lose confidence no matter what? Hushmail at least used to publish their source code, but Skype is closed source and the binary is heavily obfuscated.

Re:This could set a precedent

[neoform]

Good thing RIM is a Canadian company.. eh?

Re:This could set a precedent

[blindd0t]

Will they be faced with the dilemma of changing their architecture versus being banned?

I sure hope not! A back door for government is a back door for anyone and everyone. It'd be like having trusted keys for software licensing enforcement, which we all know gets leaked in a heart-beat anyway. :-(

Re:This could set a precedent

[grub]

The Blackberry uses whatever telco you subscribe to but the data portion is end-to-end encrypted. And they're a Canadian company so US laws don't apply. Same goes for Hushmail if memory serves.

Re:This could set a precedent

Hushmail can decrypt your email and will if compelled to do so legitimately. Just read about it on hushmail.com.

Re:This could set a precedent

[unlametheweak]

Phone companies in the US, maybe elsewhere, are legally required to facilitate eavesdropping under CALEA. End to end encrypted data services such as Skype and Hushmail have escaped this so far. So has TOR and Freenet so far. The German built JAP proxy technology was forced to put in a backdoor for the German police; all completely unannounced until a programmer looked at the (open) source code. Wikipedia has a slightly different interpretation (no back doors, but warrants issued to log IP addresses). To this day there are some very stupid people who believe that "anonymous" services should have backdoors in place to make these services un-anonymous.

I can remember when the PGP creator was put on trial in the US for his subversive software. The American government was smart in dropping the case and thus not setting a possible legal precedent (against themselves), but that was pre-9/11. As Bob Dylan once said "The times they are ah changin'"

Re:This could set a precedent

[flaming+error]

> Hushmail at least used to publish their source code
Unless their implementation is buggy, that's got nothing to do with crackability. PGP (and any credible) security is in the key, not the algorithm.

>Will they be faced with the dilemma of changing their architecture versus being banned?
I sure hope not. Hushmail and Skype are applications/service providers. They don't maintain the physical infrastructure of fiber and copper cables. They are not "common carriers."

Re:This could set a precedent

[unlametheweak]

Good thing RIM is a Canadian company.. eh? Why? Google and Yahoo are American companies that are based in the "land of the free" and yet they comply with the Chinese government with all their unethical anti-privacy and surveillance measures. Nice companies who "do no Evil" will never win in the end. Just like corporations are legal personifications of a person; a nice company will never get the girl, the BMW or the promotion. Just ask Steve Jobs or Bill Gates.

Re:This could set a precedent

[neoform]

Yes, but google and yahoo both have servers in china that handle chinese traffic.

All BlackBerry traffic goes through their central servers located in Canada.

Re:This could set a precedent

[74nova]

I knew there had to be a way to slam America in this, nice work.

Re:This could set a precedent

The German built JAP proxy technology was forced to put in a backdoor for the German police; all completely unannounced until a programmer looked at the (open) source code.

...

C:\Documents and Settings\The MAZZTer>cd /d E:\Programs\Internet\JAP

E:\Programs\Internet\JAP>uninstall.exe

E:\Programs\Internet\JAP>cd ..

E:\Programs\Internet>rmdir JAP

Ahem. I never really used it anyway. Just experimenting with different proxies. Besides, Tor is better. >_>

Re:This could set a precedent

[unlametheweak]

I knew there had to be a way to slam America in this, nice work. Thanks :)

Re:This could set a precedent

I can remember when the PGP creator was put on trial in the US for his subversive software.

He wasn't on trial for his subversive software, it was for exporting munitions without a license.

Most countries (including the USA) have rules on the exportation of military technology. They don't want John Doe to export 100,000 artillery shells to a war zone (or an enemy) without approval.

Encrypted communications technology was classified as a munition, so you need a license.

However, the mathematics for strong encryption had been known for years, and free available around the world, so the US wasn't accomplishing anything by blocking the export of PGP.

Re:This could set a precedent

[dadragon]

Hushmail cannot decrypt your e-mail if they don't have your key. They only have your key if you store it on their server. If Hushmail decrypts your mail, it's your fault.

Re:This could set a precedent

[ADRA]

1. While you're at it, you better ban SSL and high grade encryption as well, right?

Oh thats right, NSA lifted the export restrictions on high grade encryption because it could be cracked by their uber super computers anyway.

2. An access provider can only ever allow decryption of messages that they are on one end of the communication channel. If a Telco is a man in the middle of an encrypted channel, the telco cannot possibly facilitate a decryption request, so they can only ship the encrypted stream, origin, destination, and time to law enforcement.

Re:This could set a precedent

[ConfrontationalGrayh]

Phone companies in the US, maybe elsewhere, are legally required to facilitate eavesdropping under CALEA. End to end encrypted data services such as Skype and Hushmail have escaped this so far. Hushmail volentarily provides your private keys to the government so there is no need to legally require them to facilitate eavesdropping. http://it.slashdot.org/article.pl?sid=07/11/17/1823225&from=rss

Re:This could set a precedent

I can remember when the PGP creator was put on trial in the US for his subversive software. PRZ was only ever investigated, never even charged.

Re:This could set a precedent

[ErikZ]

So what's stopping them from just putting him on trial again? Since they didn't go through with the case, they can do this. 9/11 was 7 years ago.

I guess times aren't changing as much as you think.

Re:This could set a precedent

[Khaed]

If this is true, it sounds like a kind of stupid design flaw on their part. If they're being used world wide they should probably have servers world wide.

Re:This could set a precedent

[Kozar_The_Malignant]

>Most countries (including the USA) have rules on the exportation of military technology. They don't want John Doe to export 100,000 artillery shells to a war zone (or an enemy) without approval.

Approval requires that the right people get a cut of the profits.

Re:This could set a precedent

Wrong. If only I had mod points.

Re:This could set a precedent

[unlametheweak]

So what's stopping them from just putting him on trial again? I don't think anything except perhaps for bad publicity, but that could always be countered with "Think of the children!". If the spying laws haven't already been sufficiently strengthened to make a criminal case for unencumbered encryption a possibility, then now certainly appears the right time to do it. There certainly has been momentum on anti-privacy initiatives over the past few years, i.e. increased proliferation of CCTV, illegal telco wiretaps, national ID cards, DNA databases for people who are suspected of criminal activity, etc. Yes the times are changing for the worse.

I guess times aren't changing as much as you think. You can guess as to what I'm thinking if it pleases you, but I don't see the point in that exercise.

Re:This could set a precedent

[torkus]

Google could simply stop doing business in China. The US could enact a law requiring XYZ and if RIM delined to abide by it they could be preveted from doing business in the US.

Oh wait, that was about 15 seconds from happening already, remember? Then suddenly their patent troubles magically went away because someone with a brain realize there was NO WAY they could turn off all the blackberries in the USA without enormous impact to the ecconomy.

Re:This could set a precedent

[torkus]

However, the mathematics for strong encryption had been known for years, and free available around the world, so the US wasn't accomplishing anything by blocking the export of PGP.

 
Not that it stopped them anyhow...heck, every time I buy a Dell PC i still have to promise not to export it. I think this one is due to the limited expore of "supercomputers" as defined by some stupid era-1990 level of computing.
 
All the US is doing is limiting our ability to compete in the global marketplace.

Re:This could set a precedent

[torkus]

Not so sure - it's fairly simple to extend the keyspace of a "proper" encryption method to the point where even something several orders of magnitude beyond the immaginary cutting edge technology would not be able to brute-force a key within 20 years (or 20,000,000 years, just add a few more bits).

I think it was more along the lines of US companies getting really angry that their own contry was preventing them from competing in the global marketplace. After all, the bar for entry into designing encrption products is ubsurdly low. First or second year CS students can write an 'unbreakable' encryption program.

Re:This could set a precedent

[Frank+T.+Lofaro+Jr.]

We have an economy left?!

Re:This could set a precedent

[Frank+T.+Lofaro+Jr.]

..heck, every time I buy a Dell PC i still have to promise not to export it.

Well Dells blow up, so they can be considered a munition and require a license to export.

Re:This could set a precedent

[Frank+T.+Lofaro+Jr.]

Don't let the facts get in the way of a good conspiracy theory!

Now we will have to come up with another one.

Such as there could be a back door even in the open source code planted by the NSA that no one can recognize.

Remember that Linux security hole where someone used = instead of == ?

Re:This could set a precedent

[Briden]

have you heard of "the internet"

it's a nice way to be able to talk to the whole world without actually needing servers all over the place.

Re:This could set a precedent

[Sloppy]

CALEA applies to networks and service providers, not end-user devices or software. If the user's device assumes the network is unsafe and takes the matter of security into its own hands, there's no part of CALEA that applies to that.

And that's the way things should be moving. It is simply unreasonable to not assume that networks are unsafe. If your network does just happen to not be compromised, that's fine, but your applications can't ass/u/me that.

Hushmail's crypto theoretically runs on the client, but since they send you the Java app every time you use it, it's practically the same as just running it on their machine and sending them your private key. I doubt a strict reading of CALEA requires that they put bugs in that Java app, but a court order sure can do that. And I seem to remember that exactly that has happened.

Skype is weird. It's endpoint software, so theoretically immune to CALEA, but they are also a service, in two ways: 1) Their gateway to POTS 2) They are trusted introducers for all the crypto. The "trusted introducer" thing is a serious problem and means they can be coerced into MitMing.

In both cases, the risk is easily foreseeable. You almost have to want to get eavesdropped, to use these services. But they're also special cases, as very obviously wrong ways to do things. Communications in general, can be protected w/out violating CALEA. Just make sure you do it right. For example, that means running PGP at the endpoints (and not re-downloading PGP from an untrusted source every time you run it ;-). hushmail was a stupid idea from the very beginning.

Re:This could set a precedent

[Sloppy]

The problem is that the user is running a Java app in a web browser, and does share their secret with their web browser. Normally, when you're using an actual email client instead of a browser, giving your secret to the application is no significant risk. The email reader (kmail, sylpheed, wheateveR) is your agent. But whose agent is a web browser which is running code that it just downloaded from some website?

Hushmail (and all other webmail services) are a bad idea, from a privacy perspective.

Re:This could set a precedent

[Khaed]

Sorry, I don't use a blackberry and assumed they had some sort of specific-to-them messaging abilities since India is singling them out. It would seem silly to have to route traffic back to Canada considering the nature of intercontinental internet transfer if this were the case.

Oh, and to answer your question: No, I've never heard of the internet. What is it?

Re:This could set a precedent

[enos]

Due to some funky pricing schemes and availability/quality of links, there would be times where traffic between neighboring countries would cross an ocean twice to be routed through the US. I think it happened most in Africa, but also sometimes between some European countries. Just a few months ago I've had traces from Denmark to the UK go through Iceland.

The internet is a big disorganized jumble. It's amazing it works as well as it does.

Re:This could set a precedent

PGP (and any credible) security is in the key, not the algorithm.

Nope. You just failed encryption 101. You need both a good key and a good algorithm.

Long ago in the MS-DOS days, Microsoft had a networking technology called Lan Manager. Lan Manager has a very small keyspace, and you can brute-force all keys in a trivial amount of time. It didn't matter if you had a super-uber long password.

3DES remains a solid encryption algortithm, with no known backdoors, but it's showing it's age - the key space is small. With $500,000 of CPU power (or a big botnet), you can brute-force it very quickly. It doesn't matter if you chose a good key like klJ2vK#LNaersj&kd(f.

AES is generally regarded to be a solid encryption algorithm, with a very large keyspace that cannot be brute-forced. But you can still pick 1234 or your dog's name as the key.

Good encryption requires thinking about all pieces of the puzzle. There are lots of cases where people only think about one piece.

To quote the immortal Dick Cheney...

So?

Re:To quote the immortal Dick Cheney...

[Anarke_Incarnate]

He's only immortal until a ring of garlic is put around his neck, a stake driven into his heart and holy water sprinkled over the earth were he lays.

Come on, folks. This guy has a "Man Sized" safe in his office. What do you think he has in there? He has a man....to feed off of.

Re:To quote the immortal Dick Cheney...

[Kingrames]

...and that's only until he comes back in a future issue due to a retcon, to boot.

Re:To quote the immortal Dick Cheney...

[sm62704]

No, he's not a vampire, he's a Cyborg. For that matter so am I. Neither garlic nor stakes will suffice. In fact, a steak through the heart is the likely cause of Cheney's becoming a cyborg in the first place!

You will be assimilated. Resistance is not only futile, when the time comes you will beg to join us.

Disclaimer: By "us" I mean cyborg, not Republican. I didn't vote for that particular cyborg and never would; I consider him and Bush to be traitors to my country. See what happens when you elect an alcoholic to the Presidency and Vice Presidency?

-mcgrew
PS- did I tell you that you would be assimilated? In fact you may already be a winner!

Re:To quote the immortal Dick Cheney...

[Eponymous+Bastard]

In fact, a steak through the heart is the likely cause of Cheney's becoming a cyborg in the first place! I can't tell if that's a normal, slashdot-level misspelling or if it was intentional to get the point across.

Well done. :)

Re:To quote the immortal Dick Cheney...

[sm62704]

Intentional pun (who ever admits to that?), and thank you.

End to End Encryption - independent of location

[Gat0r30y]

So.... the Indian government wants RIM to figure out a way to decrypt every email - from all those CrackBerries, without any keys (RIM doesn't have the keys) and store them all on a local server - and somehow RIM is also supposed to magically know that the hardware is in India (they operate independent of location). India, I have bad news. It isn't going to happen. On the upside, this may set a precedent for other companies to reject a governments calls for access to emails without warrants (US companies, take note, you could learn from your neighbor to the north).

Re:End to End Encryption - independent of location

your neighbor to the north geez, you have no idea where India is do you.......

i keed i keed :)

Re:End to End Encryption - independent of location

Actually, RIM has agreed to India's demands

http://economictimes.indiatimes.com/RIM_agrees_to_pass_BlackBerry_content_on_condition/rssarticleshow/3056271.cms

Re:End to End Encryption - independent of location

[ClientNine]

Prediction: The real iPhone killer is going to be sex robots from Japan. Think about it. I'll bite-- what the hell does that mean?

Re:End to End Encryption - independent of location

[Lershac]

Canda, Americas Hat.

Biggety, libidinous bon mots?

[spun]

I don't want to go on a rant here, but this screed makes about as much sense as Beowulf having sex with Robert Fulton at the first battle of Antietam.
I mean when a neo-conservative defenestrates it's like Raskolnikov filibuster deoxymonohydroxinate.

Re:Biggety, libidinous bon mots?

[Anarke_Incarnate]

Sherri Shepherd, is that you?

http://abc.go.com/daytime/theview/cohosts#

Re:Biggety, libidinous bon mots?

[spun]

It's a "Family Guy" quote poking fun at Dennis Miller, actually.

Re:Biggety, libidinous bon mots?

[Anarke_Incarnate]

I'll have to download that. I used to like Dennis Miller years ago. Now....he looks like a moron. I wonder who changed :)

Re:Biggety, libidinous bon mots?

> I wonder who changed

One thing's for sure, he never did. He still thinks his tired old schtick is funny. He makes Robin Williams' act look avant-garde.

Re:Biggety, libidinous bon mots?

[spun]

I thought the quote was appropriate. Somebody obviously got out their Big Jar of Large, Important Words and sprinkled liberally. The piece was especially brilliant because it almost made sense. But not quite. It's obvious copypasta, but I wonder if the original is even about John McCain? In any case, it gave me a good laugh.

Re:Biggety, libidinous bon mots?

Dennis did. He was a liberal before 9/11, after which he took a strong turn to the right. He even talked about his "conversion" on his show.

Re:Biggety, libidinous bon mots?

What the hell is a rant?

Re:Biggety, libidinous bon mots?

Arant is the country in between Iraq and Iran. Stupid Americans don't know geography.

Re:Biggety, libidinous bon mots?

[ggvaidya]

Beowulf having sex with Robert Fulton at the first battle of Antietam A mythical warrior returns to fuck the inventor of the commercial steamboat during the American Civil War? It could be the summer blockbuster of 2009!

Seriously, though, that's a better plot than Indiana Jones and Skull.

They can take a lesson from the USA

They need a version of GITMO.

You WILL give us your password or else!

Re:They can take a lesson from the USA

[hansraj]

I suppose you have little knowledge about India. Perhaps the situation is not as bad as some other countries but the indian police and indian jails are scary enough to begin with. If you tell an indian that the police tortured someone or that some guy in prison got thrashed pretty nasty, I doubt s/he will be surprised. At least I won't. The situation is even worse if you don't live in a big city where situation is perhaps better. I come from a small village/town and you have to bribe the police even to file a report and even then they are pretty nasty to you. And it is pretty common that if a policeman stops someone who doesn't appear to have a "good background", a slap precedes any question.

Perhaps if one is suave enough to be using PGP or "rich" enough to have a blackberry things are different but for most people *any* involvement with law-enforecement agencies is bad news already. Gitmo is perhaps tame. Of course that doesn't make gitmo right, but a statement like "they need their own gitmo" is humorous in a dark sort of way.

Re:They can take a lesson from the USA

I suppose you have little knowledge about India. Perhaps the situation is not as bad as some other countries but the indian police and indian jails are scary enough to begin with. If you tell an indian that the police tortured someone or that some guy in prison got thrashed pretty nasty, I doubt s/he will be surprised. At least I won't. The situation is even worse if you don't live in a big city where situation is perhaps better. I come from a small village/town and you have to bribe the police even to file a report and even then they are pretty nasty to you. And it is pretty common that if a policeman stops someone who doesn't appear to have a "good background", a slap precedes any question.

Perhaps if one is suave enough to be using PGP or "rich" enough to have a blackberry things are different but for most people *any* involvement with law-enforecement agencies is bad news already. Gitmo is perhaps tame. Of course that doesn't make gitmo right, but a statement like "they need their own gitmo" is humorous in a dark sort of way. Shut up ass hole. This a BB discussion not to hear ur personal grumbling

I have a better solution

[jollyreaper]

IF they're worried about Muslim terrorists, make everyone getting onboard the train have to eat a BLT. If they refuse, they might be a terrorist. Likewise, if they're concerned about Indian terrorists, make it be a nice, juicy hamburger. And if they're worried about Christian terrorists, tell them they have to suck off a gay dude. On second thought, that might might just encourage the Pastor Ted's of the world.

I'm sorry, am I being religiously intolerant here? Fuck it. I'm just sick of people telling me they believe all sorts of crazy shit based on "faith" and yet they think they can tell us what sort of science is permissible to be taught in public schools. Just gets back to the old definitions...

Cult: a small, unpopular religion

Religion: a large, popular cult

If I seem particularly bitter about this shit today, it's because I had a long conversation about eschatology with a true believer. Obama's the charismatic leader, the two witnesses are already in Israel, Russia's poised to attack the Holy Land and her flying armies are going to be struck from the sky with a rain of brimstone and fire, Hillary Clinton is the Whore of Babylon, and the disasters in Burma and China are proof the end is nigh. Sorry, asshole, you must be this intelligent to ride. Get off the bus.

Re:I have a better solution

"they're worried about Muslim terrorists"

You mean like Rachel Ray?

Re:I have a better solution

[Gat0r30y]

Honestly, I believe they are worried about the Tamil Tigers, and I am not immediately aware of their particular religious affiliation, though I do know they like to blow things up in southern Sri Lanka.

Re:I have a better solution

[apathy+maybe]

What about vegetarian lesbian non-terrorists? Damn, looks like they might be Muslim, Hindu, and Christian terrorists.

Oh well.

Yeah, I support working class attacks on /religion/, but I also think that it is fucking stupid to think that one single test like that would solve your problem.

What if the Muslim person has had special dispensation from their holy leader to eat meat? Or to be allowed to cut their beard? It does happen, and it means your simplistic anti-terrorism measures don't work.

Thanks for trying though.

Re:I have a better solution

[gmack]

Wrong country. The Tigers rarely disrupt anything outside of Sri Lanka.

Re:I have a better solution

[Knara]

The conflict between the Tamil and Sinhalese is ethnic and cultural, not religious if I recall correctly (buddhist monks have been known to run arms for the Tamil Tigers, for example).

However, it is possible you are correct that at least, in part, they're worried about the Tamil separatists. That particular group is absolutely fearless (they conduct suicide bombings that make incidents in Israel look tame by comparison), are strangely well-equipped (they have a navy?), and until recently were actually piggybacking on an Indian broadcast satellite to run their own programming. I'd imagine that using smartphones/PDAs for secure communication isn't out of the question.

Re:I have a better solution

[E+IS+mC(Square)]

Other than killing other country's prime ministers (or pm candidates).
http://en.wikipedia.org/wiki/Rajiv_Gandhi_assassination

Re:I have a better solution

[Reece400]

Oh no! Circular reference!

Cult: a small, unpopular religion

Religion: a large, popular cult

Re:I have a better solution

And you have zen quotations from Dune in your quote.

The irony is palpable.

Re:I have a better solution

[jollyreaper]

"they're worried about Muslim terrorists"

You mean like Rachel Ray? Exactly. But in her case, I'd demand that the test be she eat a popsicle, slowly. I'm not sure what this would prove but it would be fun to watch.

Re:I have a better solution

[jollyreaper]

What about vegetarian lesbian non-terrorists? Damn, looks like they might be Muslim, Hindu, and Christian terrorists. Then our only solution would be to make them at combo platters.

Yeah, I support working class attacks on /religion/, but I also think that it is fucking stupid to think that one single test like that would solve your problem. I'm being deliberately absurdist. I'm just sick of religion in general.

What if the Muslim person has had special dispensation from their holy leader to eat meat? Or to be allowed to cut their beard? It does happen, and it means your simplistic anti-terrorism measures don't work. Then maybe we should just ban everyone from flying. Then we won't have to worry about terrorists getting onboard.

Thanks for trying though. What's the consolation prize, rice-a-roni or turtle wax?

Re:I have a better solution

whoosh . . . . or perhaps
W H O O O O S H . . .

Re:I have a better solution

[rickb928]

You're not being religously intolerant. You're being religiously^H^H^H^H^H^H^H^H^H^H^H ignorant.

If you were being serious, I would be pointing out that our public schools teach the religion of global warming, popularization of alternative lifestyles, and a post-modern outlook on life. I say 'religion' here, taking the cue from you. One man's religion is another's cult, is another's philosophy.

BTW, natural disasters are either clear evidence of the End Times or a consequence of living on an active, dynamic planet... I vote for the latter. Once we were thrown out of the Garden of Eden, we got stuck with this place. Not so bad, unless you happen to get caught up in something interesting, no?

Sheesh. Your bus is a pretty wacky ride, dude.

Re:I have a better solution

[gstoddart]

You mean like Rachel Ray?

Exactly. But in her case, I'd demand that the test be she eat a popsicle, slowly. I'm not sure what this would prove but it would be fun to watch.

Yes, but she has to eat it without using her hands, and no biting. I don't care what it would prove.

Now, if you'll excuse me, I think I need some 'alone time' after visualizing that. ;-)

Cheers

Re:I have a better solution

[urcreepyneighbor]

If they refuse, they might be a terrorist. Or a member of one of those wacky religions whose members are vegetarians. D'oh!

Re:I have a better solution

[ArhcAngel]

Hillary Clinton is the Whore of Babylon

Are you sure it wasn't Bill?

Re:I have a better solution

[cayenne8]

" You mean like Rachel Ray?

Exactly. But in her case, I'd demand that the test be she eat a popsicle, slowly. I'm not sure what this would prove but it would be fun to watch.

Yes, but she has to eat it without using her hands, and no biting. I don't care what it would prove. Now, if you'll excuse me, I think I need some 'alone time' after visualizing that. ;-)"

I still love her smile, but, man, that chick needs to lose some weight....

Re:I have a better solution

[gstoddart]

I still love her smile, but, man, that chick needs to lose some weight....

Dude, she's a cook. She's also almost 40.

Not all chicks are a size 2. Speaking as someone in her age range .... yum-o. :-P

Cheers

Re:I have a better solution

Mmm, free lunch

Why not...

Why not give into the militant's demands? Surely they will stop if there was more cultural understanding.

Re:Why not...

[Penguinisto]

...and if the militants demand a restriction and/or loss of freedom at large? Or perhaps a titanic sum of money? Or what if they demanded a large parcel of land (e.g. Sri Lanka) to be immediately separated off into its own nation, which means a loss of sovereignty over that particular parcel and a lot of people who are suddenly at risk of theft, injury, and/or death by the new order?

Sometimes, to 'give in' isn't a simple matter of giving some ideology a voice in government...

/P

Re:Why not...

Teh whoooosh.

Summary is indicative of the problem

[hassanchop]

The Indian government wants that right too

This shit infuriates me.

GOVERNMENTS DO NOT HAVE RIGHTS OF ANY KIND.

Governments have powers. This IS NOT a simple semantic argument.

Re:Summary is indicative of the problem

[LeafOnTheWind]

"Catch-22 says they have a right to do anything we can't stop them from doing."

Re:Summary is indicative of the problem

[Doctor_Jest]

More specifically, governments have nothing the PEOPLE don't grant them.

And since the PEOPLE grant them, the PEOPLE can (and should) be able to TAKE THEM AWAY.

So, let's pretend we (at least Americans) _remember_ the true spirit of our Founding Fathers....

That's why when we sheepishly ask the government to solve a problem, we really need to think before we grant them _more_ power.

And yes, it's not perfect, and we're to blame for most of the ills of our own governments... but in the US, we still have the Constitution, and we still have the ability to change our government if we truly wanted to. In other "democratic" places, the peoples' rights are much more in danger.

Re:Summary is indicative of the problem

[urcreepyneighbor]

GOVERNMENTS DO NOT HAVE RIGHTS OF ANY KIND. I think we've got one of those freedom-loving, government-hating terrorists on our hands. Sir, please put your hands on your head....

Re:Summary is indicative of the problem

[scorp1us]

Not exactly true. Since you're saying it is not semantic... Governments have a right of sovereignty, which is a right between governments.

But between the government and its people, only republican (not the party) governments do not have rights. Monarchies have rights secured by god(s).(Which is a dubious claim because I've never seen a god testify in court that he granted said rights.) Democracies are a bit of a gray area, where popular vote can take anything it wants with a simple majority (of those that vote). This would then seem to mean that you have no rights, but neither does the government, and both the people and the government are a bit wishy-washy.

Unfortunately, we gave up the republic long ago.

Re:Summary is indicative of the problem

[Khaed]

They have to maintain law and order in a society where more than half the population is functionally illiterate.

If the illiterate people are causing problems (which is implied here), I doubt very seriously that spying on blackberry e-mails is going to help the government.

Just a thought. People who are functionally illiterate aren't going to produce messages worth reading. I know this because I have idiot friends with cellphones.

Re:Summary is indicative of the problem

[diefuchsjagden]

GOVERNMENTS DO NOT HAVE RIGHTS OF ANY KIND. Governments have powers. This IS NOT a simple semantic argument.

I agree Governments have no rights in and of them selves, they do have "rights" which have been surrendered by the people as a particular governments "subjects" and they only obtain any rights by abusing their powers, which in most forms of government are also granted/lent or forcibly by the people that make up the populous any powers, are not innate to a Government just because it is Government. One cannot blame the "man" justly, because you are/we the "man". The Government is always in the minority and not in a safe position to anger the populous, and the only way they can gain "Rights" is to abuse what power the said populous has already lent/surrendered to said government, most of the time the populous doesn't even know they are/have surrendering anything because they are AFRAID of surrendering some other part of there life. The only time this would not be true is in a True Democracy with 100% participation or possibly in a true Communist state, though I am not sure of all the ins and outs there. In order for a government to have true "rights" it must be the People, not represent the People!! Governments are Terrorists as well using fear, as a means to an end. At least Governments which are not the people, and merely represent the People are, and to the best of my limited knowledge there has never been a government which was the people. Sure you could make the argument that ancient Greece or ancient Rome where the people, but was there 100% equal participation I don't believe so certain individuals "had more power" than others. and there is No WAY for a society especially one as large as India or even the US to guarantee "equal" rights to EVERYONE, some greedy selfish individuals will always push others around if given the chance, which is how we got "government" in the first place! OK Rant ended

Re:Summary is indicative of the problem

You are wrong. The U.S supreme court has ruled that the U.S. govt has the right to self preservation that overrules practically everything else. This was established in the Legal Tender cases where it was initially determined that greenbacks were not legal tender for gold and silver debts. This was overturned (after the court was packed with additional members by the president) on the basis that if greenbacks could not satisfy gold and silver war debts, the government could not survive, and therefore the case was overturned.

I quote the ruling:
"If it be held by this Court that Congress has no constitutional power, under any circumstances, or in any emergency, to make Treasury notes a legal tender for the payment of all debts (a power confessedly possessed by every independent sovereignty other than the United States), the government is without those means of self-preservation which, all must admit, may, in certain contingencies, become indispensable, even if they were not when the acts of Congress now called in question were enacted."

You may not like it, but in those rulings, the government established itself a right to exist, through which it can justify nearly unlimited self approved powers to protect.

http://www.fff.org/freedom/0692d.asp

This message contains proprietary information...

[pha7boy]

... and is protected from disclosure.

So, what happens when trade secrets leak because some gov employee got bribed to access them and pass them to a competitor?... I would assume RIM could also be held liable for loss. And its harder to sue (and win) against a government, esp. somewhere like India. A lot easier to drag RIM in front of a jury in the US.

Just to be a little bit paranoid

[tkrotchko]

If you had the means to break into emails and give the key to the government....

Think of this... If you are a government, wouldn't you like RIM to announce that their encryption is unbreakable, and then you announce how unhappy you are with them? I mean, wouldn't RIM be shooting itself in the foot to announce "Oh yes, there's a master key, and if we'll give it up under certain circumstances that we won't discuss"?

And what a great advertisement to have the government say "Even we can't snoop on your email". If you spent a billion dollars on advertising, you couldn't get that kind of great publicity.

It all seems to.... "convenient".

Re:Just to be a little bit paranoid

[flerchin]

Yeah, it's convenient for RIM. However, I don't think that anyone truly concerned with privacy/security is depending upon email for it, over a Blackberry (tm) or not.

Re:Just to be a little bit paranoid

Think of this... If you are a government, wouldn't you like RIM to announce that their encryption is unbreakable, and then you announce how unhappy you are with them? I mean, wouldn't RIM be shooting itself in the foot to announce "Oh yes, there's a master key, and if we'll give it up under certain circumstances that we won't discuss"?

You know, the sheer level of completely casual paranoia exhibited here on Slashdot is staggering at times.

I sometimes think that if someone stated something innocuous, like, "The sky is blue", you'd get one camp fiercely saying the sky is blue, another saying it isn't, and yet a third group saying that talking about the blueness of the sky is just subterfuge to keep us from thinking about the wetness of water.

That would likely lead to side discussions over the merit of the positions of if the sky was designed blue, is blue from reflecting the oceans, or if it's a quirk of scattering of wavelengths by our atmosphere.

Then you would have to repeat the cycle for if we have an atmosphere (and what state it's in), the shape of the Earth, and if we are, in fact, actually only just running in a simulation and anything we think we know about the atmosphere is all carefully designed to make us believe we're sentient beings observing the universe as we know it. This, all being course some elaborate plot by the white mice to get the answers they need.

It all seems to.... "convenient".

When you're convinced everyone is conspiring to hide the truth from you, any rational explanation is too "convenient" in that it doesn't mesh with the crap you're trying to convince yourself of.

At some point, thinking everything is just a little too convenient just basically means you're bat-shit crazy and out of touch with reality.

Seriously, loosen the tin foil hats, have a couple of beers, get laid, and chill. The world isn't conspiring to deceive you at every turn.

Re:Just to be a little bit paranoid

[zacronos]

Seriously, loosen the tin foil hats [...] AHA! Clearly, you have a vested interest in whether I wear my tin foil hat or not!

Since you want me to take it off, it must work! That is, unless that's what you want me to think, and it actually acts as a locator so you can more easily trace my position. Or perhaps it's all a ruse to distract me from noticing something else even MORE sinister....

Yes, it's all becoming clear to me now. I'm on to you!

Re:Just to be a little bit paranoid

I am thoroughly convinced by your logical argument against the substance of that post.

No back door?

[Iphtashu+Fitz]

RIM is stating they have no means to decrypt, no master key, and no back door to allow the government to access email.

<tinfoil_hat scarcasm_mode=high>
Sure, that's what they say to the public...
</tinfoil_hat>

Re:No back door?

Sure, that's what they say to the public...

I know you're joking, but the Blackberry platform has been audited from end-to-end by the governments of Canada, United Kingdom, Austria, Australia, New Zealand, United States, Norway and Turkey. Also approved by NATO and the Fraunhofer Institute for Secure Information Technology in Germany.

There may be back doors, but that is a pretty wide spectrum of institutions.

And frankly, you really don't need a back door. The blackberry is a secure conduit between a handheld device and an email server. So what if you can't crack it in transit. Just go to the email server, and seize that. Or throw the guy with the handheld in jail until he answers your questions.

Security Risk?

[jhouserizer]

If the Blackberry is a security risk, so is a pen.

Re:Security Risk?

[spikexyz]

The pen has always been a risk. The american (canadian) dream is financial and not ethical or intellectual. People writing dangerous ideas have always been a threat and doing so has been tolerated as far as it doesn't pose and significant threat to making money. The difference now is that the government can now eavesdrop on the pen and they want to do so to better ensure that there aren't too many dangerous ideas.

Re:Security Risk?

[jhouserizer]

Oh absolutely. I was primarily pointing out that going after RIM is highly selective and not going to get them far in terms of real results!

Re:Security Risk?

[sm62704]

"The pen is mightier than the sword" - Edward Bulwer-Lytton in 1839 for his play Richelieu; Or the Conspiracy.

True, This! --
Beneath the rule of men entirely great,
The pen is mightier than the sword. Behold
The arch-enchanters wand! -- itself a nothing! --
But taking sorcery from the master-hand
To paralyse the Cæsars, and to strike
The loud earth breathless! -- Take away the sword --
States can be saved without it!

Re:Security Risk?

[grogling]

If the Blackberry is a security risk, so is a pen. That's why NewSpeak is just around the corner. Remove the language of terrorism, and you can't express the ideas. yeah... right... that'll work.

Re:Security Risk?

[Ellis+D.+Tripp]

"As through this world I've Rambled, I've seen lots of funny men. Some will rob you with a six-gun, some with a fountain pen."--Woodie Guthrie, "Pretty Boy Floyd"

Why privacy?

[Normal_Deviate]

IMO, the surveillance state is inevitable, so it may be worth thinking clearly about exactly why privacy is important. IMO, privacy is important because it makes it harder for the state to enforce stupid laws. Prominent examples include laws whose purpose is to extract revenue, restrain competition, appease envy, or score brownie points with invisible men in the sky. In a world ruled by objectivists, universal state surveillance would not be particularly worrisome, except to thieves.

Re:Why privacy?

[nuzak]

> In a world ruled by objectivists, universal state surveillance would not be particularly worrisome, except to thieves.

Or non-objectivists. Or hell, people that like Chopin instead of Rachmaninov. Or abstract art of any kind.

Re:Why privacy?

I, for one, welcome our new robot overlords.

Re:Why privacy?

[Normal_Deviate]

Sigh. No. Objectivists do not imprison people for foolishness. This is, in fact, one of their distinguishing characteristics.

Re:Why privacy?

[nuzak]

No, if you go by Atlas Shrugged they simply shoot them on sight. Or if there's any scope creep or design differences, they blow up the whole project.

I will admit that a world ruled by that silly book might turn out better in some ways than the way things are with our current silly books. Rand's books of course had the advantage of starting with perfect people for her perfect philosophy, when it turns out the world is not populated with the likes of Dagny Taggart and Hank Reardon, but more like Orren Boyle and Emmanual Goldstein^W^WEllesworth Toohey. And unlike her moustache-twiddling villains, these folks are very good at repeating the right slogans to mold their good-guy captain-of-industry images.

Re:Why privacy?

[Normal_Deviate]

I think this argument is pointless, but for record the issue was not stupidity or design differences, it was theft, and to imply that Rand's heroes initiated the use of force to impose their will on others is grotesque to the point of being Orwellian.

Wait a second...

[AutopsyReport]

The US government is not alone in wanting to snoop on everything citizens do over email/phone.

Hold on a second there.

I believe the reason the US government uses the BlackBerry is because the service cannot be decrypted. If it could be, then they wouldn't be able to rely on it due to security and privacy considerations, etc.

As much as that statement is kindle for a fire I'm quite certain that at least in the context of using BlackBerry's, the US government has no interest on being able to decrypt communications. I think it's safe to assume the government is content with the fact that there is no backdoor to RIM's services.

Re:Wait a second...

[bsDaemon]

I would second this. Every time I have to go to the Hill, every one there is on their blackberries. My friends that are Congressional staffers all get them from work for official communications. It's friggin' blackberries all over the place, and you never see anything else.

Personally, I stick with my motorola krazer and my palm tx - but if I were to get a smartphone I'd buy a Palm Treo. Never occurred to me why they love blackberry so friggin' much until this story.

Re:Wait a second...

I believe the reason the US government uses the BlackBerry is because the service cannot be decrypted. If it could be, then they wouldn't be able to rely on it due to security and privacy considerations, etc.

As much as that statement is kindle for a fire I'm quite certain that at least in the context of using BlackBerry's, the US government has no interest on being able to decrypt communications. I think it's safe to assume the government is content with the fact that there is no backdoor to RIM's services. Posting AC for obvious reasons.

You are so close to spot-on that the corrections I'm making are trivial, and I only do so because it is a minor point of interest.

The US Govt DOES have an interest in being able to decrypt BlackBerry traffic. While we ("we" being the US) do use them in the military and intelligence communities for sensitive/critical and "FOUO", if not necessarily classified, communication, guess who else does?

Yep. Everyone else, too.

As stated numerous times in the comments, there is a difference between the corporate and non-corporate services. Yes, we have our own BlackBerry servers. And that's where I'll leave this line of discussion.

Re:Wait a second...

What evidence are you basing your opinion on? I'm just asking because I've seen plenty of evidence to the contrary.

Re:Wait a second...

[Missing_dc]

I worked as a contractor for the FCC and was issued a Blackberry, I think they come with most (Federal)goverment jobs.

Re:Wait a second...

[duffbeer703]

Have you ever used a Treo? Biggest piece of shit ever.

Re:Wait a second...

[bsDaemon]

I've futzed with one before. I'm not much for "smart phones." I've used my friends' blackberries before, but quite unsuccessfully.

Then again, all I really want to do is make phone calls and the occasional sms.

Problem.

[jellomizer]

If you make it so you can monitor the militants with that device... They won't use that device they will just use an other method. There is the concept that encryption technology is so advanced only the best and brightest can take advantage of it. It is easier to use something else the someome made however. It is not that difficult to make your own, espectially if you have a cause.

Blackberry privacy is only for large enterprises

[Animats]

Blackberry privacy is only for large enterprises. If you have a corporate Blackberry server, the keys are between the client units and the server, and RIM doesn't have them. If you use Blackberry's public servers, RIM has your E-mail. India only wants "non-corporate emails".

The gov't listens to everything

Every system has a backdoor. These products would not be allowed onto the American and/or Indian markets without the gov't approval. After all, corporations and gov't are merely quid-pro-quo whorehouses sold to the highest bidder. When the gov't needs illegal wire-taps, Verizon and Sprint allow them secret rooms to listen in on calls. When Haliburton (and KBR) need more revenue, the gov't hands out no-bid contracts. When the gov't dislikes literature, Amazon and Wikipedia ban America Deceived (book). We The People had our gov't sold out from beneath us.

Re:The gov't listens to everything

PGP sure doesn't have a backdoor. Carry on thinking everyone is out to get you.

Re:The gov't listens to everything

[macbeth66]

This book is not banned. It is just a very crappy book and no one wants it.

Re:The gov't listens to everything

[hansamurai]

I know nothing about that book but it was hardly banned by Wikipedia:

http://en.wikipedia.org/wiki/Wikipedia:Articles_for_deletion/America_Deceived

Re:The gov't listens to everything

Every system has a backdoor.

Nope. Many do, but it's not mandatory.

These products would not be allowed onto the American and/or Indian markets without the gov't approval.

So? That doesn't mean they have backdoors. The Blackberry platform has been audited from end-to-end by the governments of Canada, United Kingdom, Austria, Australia, New Zealand, United States, Norway and Turkey. Also approved by NATO and the Fraunhofer Institute for Secure Information Technology in Germany.

That is quite a range of political viewpoints. Blackberries are also used by the governments of Canada, United Kingdom, Austria, Australia, New Zealand, United States for official business.

Do you think these governments would let their staff use a system with easy backdoor access? After all, the Russians & Chinese have lots of good cryptographers and still spy on the West (and vice versa).

After all, corporations and gov't are merely quid-pro-quo whorehouses sold to the highest bidder. When the gov't needs illegal wire-taps, Verizon and Sprint allow them secret rooms to listen in on calls. When Haliburton (and KBR) need more revenue, the gov't hands out no-bid contracts. When the gov't dislikes literature, Amazon and Wikipedia ban America Deceived (book). We The People had our gov't sold out from beneath us.

At this point you're descending into left-wing kookiness, which is outside the scope of a technical discussion.

Re:The gov't listens to everything

At this point you're descending into left-wing kookiness, which is outside the scope of a technical discussion. And I guess that is the point at which you descend into right-wing kookiness.

Friendly advise

This IS NOT a simple semantic argument.

Including simple definitions of "right" and "power" in this context, and demonstrating why the distinction is important, might help drive your point home a bit more.

As it stands your post is pretty easy to dismiss.

Re:Friendly advise

"As it stands your post is pretty easy to dismiss."

Says the AC...

Re:Friendly advise

"As it stands your post is pretty easy to dismiss." Says the AC... Says the AC...

Re:Friendly advise

"As it stands your post is pretty easy to dismiss."

Says the AC... says the other AC. this could get recursive...

Re:Friendly advise

[Das+Modell]

How is that relevant?

Easy solution

There's an easy solution to India's problem: convince the terrorists to use iPhones. There's absolutely NO security on the iPhone, so a hacker can easily get access to all your contacts, all your data (including email), and even listen in on the microphone or watch through the camera.

Re:Easy solution

How? Therehas never been a remote compromise of any Apple product in the company's existence. Yes iPhones are jailbroken, but Apple, if they so chose would make that completely impossible rather than leaving that to the user.

So, what I wonder is... why don't more people go with a really 100% secure platform such as Macs or the iPhone, and forget about RIM?

terrorists using blackberries

[goffster]

Only the really stupid terrorists (98%) believe
this bit about not being able to decrypt.

Kudos

[lilomar]

Best. troll. ever.

I haven't laughed so hard at something I found on the internet in forever.

Re:This message contains proprietary information..

[jimicus]

... and is protected from disclosure.

So, what happens when trade secrets leak because some gov employee got bribed to access them and pass them to a competitor?... I would assume RIM could also be held liable for loss. And its harder to sue (and win) against a government, esp. somewhere like India. A lot easier to drag RIM in front of a jury in the US.

How's this any different to a US government employee being bribed to arrange a tap on a business phoneline and passing details of any conversation to an outside party?

Paranoid indeed!

"You know, the sheer level of completely casual paranoia exhibited here on Slashdot is staggering at times."

Yea.... it even extends to people posting anonymously.

Y'know. Just in case...

Go Canada!

RIM is based in Canada, where we have much stricter privacy laws than in other countries, at least for the time being. It's nice to see that RIM is sticking to its guns on this one too.

Re:Go Canada!

I though we didn't have guns?

Hey, this is easy to fix...

[rickb928]

If the Indian government wants to be able to spy on their own Blackberries, then run their own BES cluster. That way they have the data - problem solved.

Of course, knowing how hard it seems for RIM to let the gummint look at data, I may not give up my BB after all.

And even if they could snoop...

M: "Akeehm, what pretty flowers you have."

A: "Thank you Mohammed. I should water them."

M: "For best results, wait until after the 15th of May."

What does this hypothetical conversation mean? Heck if I know, nor does anyone else. Simple coded language will defeat the global governments and their growing desire to snoop in the name of terrorism. Even if they make encryption illegal, they won't break coded language if they don't know the code, nor will they be able to detect the more clever steganography algorithms.

Re:And even if they could snoop...

[Yvan256]

M: "Akeehm, what pretty flowers you have."
A: "Thank you Mohammed. I should water them."
M: "For best results, wait until after the 15th of May."

What does this hypothetical conversation mean?

It means there's a 1 296 000 000 milliseconds latency?

Re:And even if they could snoop...

[dave420]

Not unless the intelligence-gatherers also have the keys, which isn't out of the question.

Re:And even if they could snoop...

[DaMattster]

A coded language is but an English (or albeit, other recognizeable language) form of encryption. To some degree, an expert analyst would still be able to pick this apart because most exchanges have key cultural, socio-political, ethnic, or religious overtones. One tactic is to even hide coded messages within pictures.

Re:And even if they could snoop...

[gothzilla]

You obviously know nothing about intelligence gathering. That conversation could reveal far more information than you could imagine. You can't learn anything from a single cryptic conversation, but you can learn volumes from many conversations, combined with other forms of intelligence. Your example is but one tiny piece of a jigsaw puzzle. By itself it's meaningless but when you put it with other pieces you can see an actual picture. That's why it's so important for our intelligence agencies to be able to gather information from as many places as possible. It takes a lot of pieces to put the picture together.

Re:And even if they could snoop...

[dbcad7]

You "might" learn something from many such conversations... and then it would really screw you up if the conversation was just that.. meaning the meaning "is" the meaning.

The best you can really hope for is to stop all the WWII and cold war tactics on terrorists, do some intelligence gathering on people that are "known" and stop screwing around and get the ones you know..

IHBT

[sm62704]

Tough room. I'd have modded you down too.

IF they're worried about Muslim terrorists, make everyone getting onboard the train have to eat a BLT.

That works for Jewish terrorists, too. Also for my terrorist daughter who is allergic to bacon. Yeah, she's downright MEAN!

And if they're worried about Christian terrorists, tell them they have to suck off a gay dude

EWWW! Being a Christian wouldn't keep me from sucking off a dude, but being heterosexual would. My bible doesn't say "thou shalt not suck cocks". There are 12 commandments for the Christian: Moses' ten and Jesus' two, although all ten are contained in the two.

Anyone who has read the first four books of the New Testament knows that Pat Robertson is s wolf in sheeps' clothing and has converted more Christians to athiesm than all the athiests at slashdot combined. Eat your heart out, you ineffectual piker!

I'm just sick of people telling me they believe all sorts of crazy shit based on "faith"

Then stop baiting them, troll.

My faith is based on personal experience. If you don't believe in penguins I can't blame you; they are rather improbable creatures. A bird that can't fly, but instead swims underwater and eats fish? And lives at the South Pole? Yeah they have pictures but there's photoshop. And yeah, there are all sorts of documents but those were meant to be works of fiction. People claiming to have actually seen penguins are either schitzophrenic, on drugs, or liars.

But I have experienced penguins, there's one at my local zoo. I'm sure you have some exotic explanation for why I imagine I saw a penguin at the zoo.

...and yet they think they can tell us what sort of science is permissible to be taught in public schools.

Not me. Evolution does NOT go against anything the Bible says. Even teh Catholic Pope will agree that evolution is real (IANAC).

A wise man will hear, and will increase learning; and a man of understanding shall attain unto wise counsels

Surely in vain the net is spread in the sight of any bird.

When wisdom entereth into thine heart, and knowledge is pleasant unto thy soul; Discretion shall preserve thee, understanding shall keep thee

Get wisdom, get understanding: forget it not; neither decline from the words of my mouth.

Forsake her not, and she shall preserve thee: love her, and she shall keep thee. Wisdom is the principal thing; therefore get wisdom: and with all thy getting get understanding. Exalt her, and she shall promote thee: she shall bring thee to honour, when thou dost embrace her. She shall give to thine head an ornament of grace: a crown of glory shall she deliver to thee.

Hear, O my son, and receive my sayings; and the years of thy life shall be many. I have taught thee in the way of wisdom; I have led thee in right paths. When thou goest, thy steps shall not be straitened; and when thou runnest, thou shalt not stumble. Take fast hold of instruction; let her not go: keep her; for she is thy life. Enter not into the path of the wicked, and go not in the way of evil men. Avoid it, pass not by it, turn from it, and pass away. For they sleep not, except they have done mischief; and their sleep is taken away, unless they cause some to fall.

Much wisdom is contained in the book you so despise. However, I can understand your fear of it.

Re:IHBT

[Free+the+Cowards]

Yes, it's perfectly equivalent to compare penguins, which anyone can go see at the zoo as you point out, and of which there is a great deal of evidence, which would require an enormous conspiracy by millions of people if it were made up, and which nobody really doubts, with your imaginary friend for which there is no evidence whatsoever.

Re:IHBT

[Ash-Fox]

Much wisdom is contained in the book you so despise.

Explain to me, the wisdom in telling a thief to rape your wife instead of stealing your stuff.

Such stories are contained in the books you refer to.

Re:IHBT

[sm62704]

First, I said "much wisdom". Second, where does it say that?

Re:This message contains proprietary information..

[unlametheweak]

So, what happens when trade secrets leak because some gov employee got bribed to access them and pass them to a competitor?... I would assume RIM could also be held liable for loss. I'm sure that would be covered in the EULA, as just about everything and the kitchen sink seems to be. And generally governments don't need to bribe anybody to steal trade secrets, as that is (or at least before 9/11) the primary goal of government spying (economic espionage).

Re:This message contains proprietary information..

[sm62704]

So, what happens when trade secrets leak

I'm not Indian, but in my country (USA) we developed patents for the express purpose of avoiding "trade secrets".

Trade Secrets are unamerican. No true American Conservative would defend their existance.

Actually, now that you mention it...

[mengel]

The sky is not blue. And the rain in a rainbow isn't different colors -- it's all pretty much clear.

You just see the colors from a distance because of how the light is bent.

;-)

To the idiot who downmodded above post

[hansraj]

Save for mod points for the "frist p0st" and likes. If it hurts your ego that I am "badmouthing" india, either come up with why I am wrong or go do something to change the situation.

PS: Now that is the kind of post that can be modded troll. Go ahead and burn my karma. At least it would be targeted rightly to a trollish post. Idiots.

Re:To the idiot who downmodded above post

[junglee_iitk]

Are you somewhere from East UP/Bihar?

In Lucknow itself if you are not looking like an educated person, and get caught around some questionable areas, be sure to receive a handful. I always carry around my ID card with me :D

No they don't

[hassanchop]

Governments have a right of sovereignty, which is a right between governments.

No, they do not. The have the powers and responsibilities of sovereignty, given to them by the people that instituted said government.

Calling it a "right" is a misuse of the term, and the rest of your post is just as factually inaccurate.

Re:No they don't

Just government derives from a mandate of the masses, not from some farcical ... never mind.

Not Hanlon, Heinlein

[ClientNine]

> Not that I ever heard off Hanlon before looking the quote up.

It's Heinlein's Razor. Somebody mispelled it on Usenet eons ago and it somehow stuck.

Robert A Heinlein said it in Logic of Empire, I believe

Re:Not Hanlon, Heinlein

[sm62704]

The wikipedists sure are fast. I had looked it up last week and there was no mention of Heinlein, then today thought "what if I search "Heinlein's Razor"?

It redirected to "Hanlons Razor", which had beed edited quite a bit since last week. It now says

According to Joseph Bigler,[1] the quotation first came from a certain Robert J. Hanlon as a submission for a book compilation of various jokes related to Murphy's law published in 1980 entitled Murphy's Law Book Two, More Reasons Why Things Go Wrong.[2]

Bill Clarke[3] claims he wrote it in 1974; he says "Robert Hanlon" is a misspelling of "Robert Heinlein".

A similar quotation appears in Robert A. Heinlein's 1941 short story Logic of Empire ("You have attributed conditions to villainy that simply result from stupidity"); this was noticed in 1996 (five years before Bigler identified the Robert J. Hanlon citation) and first referenced in version 4.0.0 of the Jargon File,[4] with speculation that Hanlon's Razor might be a corruption of "Heinlein's Razor." "Heinlein's Razor" has since been defined as variations on Never attribute to malice that which can be adequately explained by stupidity, but don't rule out malice. or ... but keep your eyes open.[citation needed] A variant, Grey's Law (influenced, no doubt, by Clarke's third law), posits "Any sufficiently advanced incompetence is indistinguishable from malice."

Be proud!

Re:Not Hanlon, Heinlein

[ClientNine]

Wow. And my wife told me nothing useful would come from correcting people on Slashdot.

If you're being serious

[hassanchop]

Ivory tower libertines like you infuriate me.

That's me, shamelessly banging everything that moves and constantly drunk off my ass in my "ivory tower".

Do you know how many terrorist strikes happen in India every year?

Name a number that you think would cause me to reconsider renouncing my rights for safety. Start with a BIG number, you'll waste a ton of time otherwise.

They laid siege to the parliament, blasted commuter trains, temples...

And? That was sufficient to make you renounce your rights as a human being? Sorry, you'll have to do better than that.

They have to maintain law and order in a society where more than half the population is functionally illiterate.

So, why is your solution to this is anything other than teach them to read?

And finally Indian constitution is not the same as US constitution.

Hey man, nothing's perfect.

Lastly, if you were being sarcastic (please please please say you were being sarcastic) then you got me.

Re:This message contains proprietary information..

I'm not Indian, but in my country (USA) we developed patents for the express purpose of avoiding "trade secrets".

Trade Secrets are unamerican. No true American Conservative would defend their existance.

Really? The Coca-Cola formula is a trade secret. You can't get more American than Coca-Cola.

Ultimately...

[jd]

...you are correct. However, technology is currently providing tools that are more powerful than society is equipt to support. Arguably, this is the fault of society and not technology, that society needs to evolve at a pace no slower than the means it provides for its own self-destruction. However, let's face it. Societies evolve slowly and with extreme prejudice against any kind of progressive stance. The Second Amendment in the USA is nothing more than a remnant of the War of Independence (I won't call it a revolution, except in the sense that it went around in circles) and is completely incompatible with any kind of civilized society. Yes, yes, I understand the theories (and also why they simply don't work), and I also understand that they're a part of American tradition. (Tradition and evolution are necessarily enemies and never invite each other round for tea.) But that is just the point. Clinging on to antique "Trial By Fire" and "Trial By Combat" notions only work if you live in a society primitive enough for these to be viable. As science and technology improve, not only do the underlying assumptions behind such antique thinking cease to be valid, but the blind adherence to them becomes a religious doctorine that is obsessed with destroying anything or anyone who dares question the Holy Church of Blind Faith.

Advancement in society comes at a risk. That risk is that you must be willing to throw away anything that you felt sure on, anything that you felt you could depend upon being there. It's scary to some people even today to believe the world isn't flat. Some of humanity's greatest triumphs (such as the American Constitution) have depended upon some of the assumptions that must now be held to the light. If humanity is to avoid another Dark Age, it MUST be willing to let go of anything found to be false, no matter how dear, no matter how precious.

And that is precisely why I used one of the most inflamatory of possible examples. You must be willing to throw away ANYTHING. If you are not, if you insist that some baggage is necessary, then techology will outpace humanity's ability to make constructive use of it, and humanity's self-destructive tendencies will eventually win out. They always have. If you like, that's "bonus material" in the DVD version of Darwinism. Self-elimination forms a part of human natural selection. If you wish to avoid self-elimination, then social progress must take absolute priority over social traditions. You cannot remain Peter Pan forever, and you won't survive if you try.

Secret to the Blackberry's success

[GameboyRMH]

Blackberries are only popular because they're the cheapest phone with MS Exchange integration, and as you said, the encryption and management tools are good. The GUI sucks, it uses some proprietary communication methods, it uses this ugly backasswards e-mail forwarding system that's tied to a central server that has gone down before and will go down again, and the phone is really nothing special in general.

Now if you disagree and wish to mod me down, mod me "Flamebait" like a man, not this limp-wristed "Overrated" crap.

Re:Secret to the Blackberry's success

[torkus]

I won't spend mod points, but I'll reply. Yes, a BB is far cheaper than an iPhone or smartphone. Heck, TMO gives us the curve for 50 bucks on a 1-year contract. The back end server is handy, encryption isn't good - it's 100% mandatory for most companies that want to use mobile email.

As for the GUI - I'd like to know what's better. It's straight-forward, easy to navigate, incredibly stable. The iPhone is slick but not business-centric. If you like WM well i suppose there's one in every crowd.

There's nothing wrong with the communication methods - in fact they're not a huge mystery. It's tied to a central server for many reasons including management tools and the encryption you spoke of. It's not like RIM charges a per-email fee or anything. The central RIM servers have gone done on extremely rare occasions. I have more issues with my bank website, cell tower, and ebay.com.

For a kid emailing his buddies, get an iPhone or WM device if you must. For anyone in the corporate world, blackberry is where it's at. They're totally unmatched.

Re:Secret to the Blackberry's success

[DarkOx]

I am sorry but the BES server you need to make it work is a pice of crap. Sure the software might be easy to work with but, it does just nasty things when it comes to exchange integration. Rather then make a connector or something you could add to the event sync, it sits and uses MAPI. This makes for one lots of overhead and sucktackular performance, (if you have a lot of users it will KILL whatever box its running on) as in don't bother running any other apps there and if you make it a VM it will suckup the entire blade quite hapily. Then on top of that it makes you Exchange Administration more of a headache then Exchange Administration already is, in that its INCREDIBLY sensitive to what version of store.exe your running. Don't even think of service packs or hotfixes until its been checked out on BES. I would love nothing more then to get all of our users over to Windows Mobile or Pocket PC. I use it with Exchange Active Sync and yes it does SUCK compared to the BB user experience but its much less nasty on the backend. Personally I would love to kick Exchange out the door and just deploy a nice IMAP solution or go back to Notes but I don't see that ever happening.

Re:Secret to the Blackberry's success

I am sorry but the BES server you need to make it work is a pice of crap. Sure the software might be easy to work with but, it does just nasty things when it comes to exchange integration.

The BES does have its quirks and eccentricities, but they are well-documented. If you follow RIM's instructions to the letter it will work. RIM has excellent tech support (but you need a service contract). RIM also offers courses & training.

Rather then make a connector or something you could add to the event sync, it sits and uses MAPI.

That would be because MAPI is the native connector to Exchange - blame Microsoft for that, not RIM. The BES does the same thing Outlook does when it connects to Exchange.

This makes for one lots of overhead and sucktackular performance, (if you have a lot of users it will KILL whatever box its running on) as in don't bother running any other apps there and if you make it a VM it will suckup the entire blade quite hapily.

RIM has documented the hardware requirements for BES for a given number of users. If you choose not to follow the requirements, that's your problem. If you have sufficient hardware resources you can run other apps on that server, but RIM doesn't recommend it. BES runs fine as a virtual machine if you provide sufficient resources.

If your server is still overloaded you can get multiple BESes and distribute the load over many servers.

Then on top of that it makes you Exchange Administration more of a headache then Exchange Administration already is, in that its INCREDIBLY sensitive to what version of store.exe your running.

RIM explicitly says the version of MAPI on the BES must be the same or later than the version of MAPI on the Exchange server. If you choose not to follow that advice, it's your problem.

Don't even think of service packs or hotfixes until its been checked out on BES.

There have been a number of patches from Microsoft that broke parts of the Blackberry connection to Exchange. The main one was when Microsoft dramatically changed the Exchange security model, preventing a single account from easily accessing a number of mailboxes. That isn't RIM's fault.

You do test your patches before deployment, right? I've had crappy patches from Microsoft (and others) break all sorts of things. One of the worst was Update Rollup 1 for Windows 2000 SP4. Microsoft reissued it a few months later since under some conditions it would fubar a server.

I would love nothing more then to get all of our users over to Windows Mobile or Pocket PC. I use it with Exchange Active Sync and yes it does SUCK compared to the BB user experience but its much less nasty on the backend.

And there is your answer. Do you want 500 happy executives with blackberries and ten overworked IT staff, or 500 grumpy executives and 10 happy IT staff? I think I know what the CEO is going to say.

Personally I would love to kick Exchange out the door and just deploy a nice IMAP solution or go back to Notes but I don't see that ever happening.

You do know that there is a BES version for Notes, right? There is also BES for Novell Groupwise.

You might want to look into outsourced Exchange/Blackberry service from a hosting provider.

Re:Secret to the Blackberry's success

[torkus]

So you're complaing that BES sucks but most of the problems are exchange and it's really exchange that sucks and you want to get rid of?

Yes, so we have a separate server for our BES...and? The cost of a server vs. the value of instant and secure email delivery globally to all our users - big deal. If you're having such severe performance issues perhaps you should call T-support and get their reccomendations to fix the problem :)

You can move your users to WM devices but your desktop support team will probably lynch the project manager after a few months of 'reset, wipe, reload, retry'.

You've completely missed my point

[hassanchop]

I agree Governments have no rights in and of them selves, they do have "rights" which have been surrendered by the people

NO THEY DON'T. Stop using that word incorrectly and diluting it's meaning. When people such as yourself use "rights" when you mean something entirely different, in pollutes the word and convolutes the discussion.

Governments do not have rights. Please stop misusing that word.

Re:You've completely missed my point

Stop using that word incorrectly and diluting it's meaning. Stop using that word incorrectly and diluting its meaning.

Re:You've completely missed my point

[diefuchsjagden]

I was in agreement and merely trying to say that what a government calls its rights were originally the peoples but are no longer, or are at least limited. I said "rights" as a mode of saying the rights which governments claim they have are not rights they are an entirely "different can of worms"

Re:New definition for RIM Job?

[Drokaten]

Current definition - http://en.wikipedia.org/wiki/Rim_job

I guess it will just become modified from "people will LICK your ass" to "people will KICK your ass" if they get the keys they want.

Re:This message contains proprietary information..

[sm62704]

They should patent it. And no, since Coca Cola is a multinational corporaton with stockholders all over the world, how can you call it an American company?

Apple pie is American. There are no trade secrets to apple pie. Baseball is American. Multinational corporations are decidedly NOT American, although all of them, even ones with headquarters in other counties (Sony, BP, Shell) want you to think they are.

The REAL reason

[eronysis]

The real reason RIM cannot give the Indian government the back door access which DOES exist would be.... "Verizon announced a worldwide deployment of 19,500 BlackBerrys to 56 or so Federal Bureau field offices." http://www.rimarkable.com/verizon-supplies-fbi-with-blackberry-8830 Something tells me that RIM will quickly be developing "export" versions...

Your stance on guns is clearly uninformed...

[tlambert]

Your stance on guns is clearly uninformed by living in a country that owes its existence to the successful violent overthrow of an oppressive and non-representative government, by an armed citizenry, using weapons comparable to those available to the government which it was overthrowing.

AKA the United States.

"Those who do not learn from history are doomed to repeat it" - George Santayana

-- Terry

Re:Your stance on guns is clearly uninformed...

[dryeo]

Actually Canada does owe its existence to an armed citizenry overthrowing its government. We are the good portion of the citizenry who disagreed with the secession part ( the USA never overthrew the British government, they just withdrew from it). Unluckily when a portion, who may of been a minority, of the population went nuts and started shooting they didn't actually have a referendum or anything to democratically decide to secede, they just terrorized those who disagreed.
We have seen the bullshit that can result from some nutcases figuring because they are armed they can terrorize the world.
All my life I've worried about Americans nuking the world and they also seem to behind most of the removal of my rights.

Re:This message contains proprietary information..

[pha7boy]

it's not really different, but bribing is easier in developing countries, especially those where the rule of law is weak. Please don't get me wrong, this is to say that the Indian government can't control their employees. But maybe the Indians can do it but the Congolese cannot. Or the Nigerians... or the Russians, or a Deutche Telecom employee who all of a sudden gets a thought... you get the idea.

Fact is, once you have a back-door into the system, it's only a matter of time until private and protected information starts leaking. And it does not have to be trade secrets. It can be personal information about political opponents. Or judges. Or information used on the stock market.

Fact is that it would be a bad development for RIM. And I'm glad they are fighting it.

Re:This message contains proprietary information..

[jimicus]

Fact is that it would be a bad development for RIM. And I'm glad they are fighting it. Most communications mechanisms are open to government snooping in some fashion - be it post, telephone, email or whatever.

If your average business were to conduct every little thing they did displaying the kind of paranoia displayed on /., nothing would ever get done. It's infinitely more likely you'll get screwed over by the person you're dealing with directly than some unknown eavesdropper anyway.

True story: I received a phone call a few weeks ago from a company trying to sell me a PC imaging product akin to Acronis TrueImage or Symantec Ghost. They openly admitted having bought my details and deduced that I might be interested in such a product because those details that they'd bought came from... er... a company which produced imaging software. You don't need to eavesdrop when you can simply ask a company to sell you details of all their sales leads then point them at a competitor's products.

Good for RIM...

[penguinstorm]

at least until they cave, as eronysis says. I'm sure they will.

It doesn't make my like my Blackberry Curve any better. I'll be sticking to Nokia products in the future, unless the company gives me a blackberry.

Comparisons with other phones

[sjbe]

Mostly you make good points but a few nits.

By comparison, the blackberry is "push" email. There is no need to check for new messages. If your email account gets a new message, the server pushes it to your device. Unless you are sending/receiving a message, your data usage is zero. There HAS to be some data exchange so that the blackberry knows there is a message receive. Not a lot of data needs to be exchanged which I think was your point but it's not zero either. Simply cannot be.

Does your nokia/treo/ericsson sync your todo list, calendar and address book in real time with your desktop? When you can get a Blackberry to do all that with something OTHER than Outlook/Exchange or maybe Lotus Notes (Thunderbird or even Gmail at home in my case) let me know - otherwise I'm not impressed. Not really picking on Blackberry specifically here since NO device I'm aware of can do a good job with syncing to-dos, calendars and address books without either an (almost) all Microsoft or all Apple solution on the PC end. I personally use a Nokia E70 and would DEARLY love someone, anyone, to make it possible to sync my contacts and calendars with my PCs - but given the software I use on the PC end there is literally no good way to do it. A blackberry or an iPhone wouldn't solve that problem for me either. It's not like I'm using some obscure software either - all common stuff everyone here on slashdot is very familiar with. I would happily even pay for a (cross platform) solution but none exists to my knowledge and I've REALLY looked hard for one.

RIM provides full documentation and a developer kit to build your own applications. You don't have to beg apple please pretty please can I write an application and put it on my own phone. Nokia and Microsoft provide application development tools too. Nokia's S60 platform supports Java, C++ and Python development. Apple certainly has control freak issues but then they're not the only or even close to the biggest competitor for RIM. For the record Nokia has the largest smartphone market share at 65% followed by Microsoft and then RIM in a close third.

Re:Comparisons with other phones

There HAS to be some data exchange so that the blackberry knows there is a message receive. Not a lot of data needs to be exchanged which I think was your point but it's not zero either. Simply cannot be.

Really? Why can't it? A phone occasionally transmits so the phone network knows where it is, but most of the time the phone is just listening.

Does your phone check continuously if there are text messages for you? No - the cell phone carrier pushes the message to the phone by sending a special signal telling the phone that there is an incoming text message. The blackberry service is more than a simple data connection, the cell phone carrier has to support the additional push functions.

While there is data usage when a message is being sent/received, no data is sent if you're not sending/receiving a message. That's the point.

Does your nokia/treo/ericsson sync your todo list, calendar and address book in real time with your desktop?

When you can get a Blackberry to do all that with something OTHER than Outlook/Exchange or maybe Lotus Notes (Thunderbird or even Gmail at home in my case) let me know - otherwise I'm not impressed.

Sorry, don't think that exists (aside from Novell Groupwise).

Not really picking on Blackberry specifically here since NO device I'm aware of can do a good job with syncing to-dos, calendars and address books without either an (almost) all Microsoft or all Apple solution on the PC end.

Blackberries sync perfectly with Lotus Notes and Novell Groupwise, with 99% of the same feature set as Exchange.

I personally use a Nokia E70 and would DEARLY love someone, anyone, to make it possible to sync my contacts and calendars with my PCs - but given the software I use on the PC end there is literally no good way to do it.

I used to have a Nokia - the Nokia PC Suite was kludgy but functional to sync with outlook by usb/infrared/bluetooth. If you don't use outlook I think you're SOL.

Re:Comparisons with other phones

[sjbe]

Really? Why can't it? A phone occasionally transmits so the phone network knows where it is, but most of the time the phone is just listening. Rather like a pager I suppose and you're right, most of the time it is just listening. Good point but I guess that was my point too - the phone I'm pretty sure has to occasionally notify the network that it exists and for any modern phone that is a digital signal. *Some* data is being sent even if they aren't billing for it. I'm pretty sure the amount of data is so small as to be near negligible. Feel free to correct me if I'm wrong. Nevertheless, I'm thinking too much along the lines of standard IMAP connection which is definitely a different animal.

Blackberries sync perfectly with Lotus Notes and Novell Groupwise, with 99% of the same feature set as Exchange. I forgot about Groupwise but you're right. That said I can't for the life of me figure out why no phone can do over the air sync with a ICAL calendar. Highly standardized and well documented, would give the phone companies lots of excuses to charge us more and would make life much easier for anyone using something other than the above mentioned software.

As for address books... sigh. I often doubt those will ever get standardized. Still, would it kill someone to write a thunderbird extension to sync address books with some of the more popular smartphones? I'd do it myself if I had the programming chops...

I used to have a Nokia - the Nokia PC Suite was kludgy but functional to sync with outlook by usb/infrared/bluetooth. If you don't use outlook I think you're SOL. Pretty much. Nokia PC Suite is better than it used to be - much better actually - but it's still not especially useful without Outlook. Heaven forbid you use something that works somewhere other than Windows - or even gmail for that matter.

"All governments are liars and murderers"

"All governments are liars and murderers" - Bill Hicks (The Great)

Background Information

First of all, India doesn't have a PATRIOT equivalent; GoI and its investigative agencies are required to get a court order to snoop on communication channels (not that they always do, but...)

For corporates (BES users), GoI can apply pressure and snoop. That is a no-brainer.

GoI's problem is the individual BB subscriber. Several of Indian mobile companies offer BB plans. It was not on the GoI's radar until Tata Teleservices had a branding tie-up with Virgin Mobile of UK and applied for permission to provide a BB plan. GoI suddenly woke up to the "threat" that BB's 256-bit encryption is uncrackable with current infrastructure. GoI refused Tata permission, and also asked RIM to reduce encryption to 40 bits, or provide the keys to GoI upon asking.

The Canadian High Commissioner to India took up the matter. He pointed out that such a move by RIM will be in violation of Canadian laws, and hence RIM wisely backed off. GoI asked RIM to set up a datacenter in India, but RIM doesn't want to go down that route (perhaps the revenues from India is not enough to warrant a datacenter there).

GoI is fighting the mobile operators, RIM, GoC and even the users in this battle, and is quite adamant in its stance. It has made clear that BBs will be banned in India if RIM doesn't comply.

GoI and the various state governments usually react in a knee-jerk manner to terrorism. For example, after the recent Jaipur blasts that killed about 80 people and maimed many more, the Government of Uttar Pradesh made it mandatory to prove your identity when you buy a bicycle - because the bombs were deployed on abandoned bicycles.

As Schneier says, the correct response to terrorism is superior intelligence gathering and police work. These skills are sorely lacking in the Indian intelligence and investigative agencies; hence there is a preponderance of terrorism activities in India. The politicians of India with their parochial and partisan attitudes aren't helping any either.

Lastly, GoI's interest in BB is mostly about Hawala, an illegal way of money transfer.

Not Entirely True

[Narcogen]

I think RIM is being disingenuous. Russia doesn't allow for type certification of any telecommunications gear that doesn't support their stringent legal intercept requirements, and RIM is launching Blackberry service there this year.

I doubt India is asking for more legal intercept authority than Russia insists on.

FREEDOM is a security-risk!

A population of free citizens can choose to vote-out the incumbent government!

For the security OF THE ESTABLISHED "INSTITUTION", that is a security-THREAT.

They didn't have the ability to record all our discussions in the previous thousands of years,
yet generally, they did survive!...

their rights-grab is simply *extortion* practiced against the survival of individual spirit, by their collectives, their incorporated-"person" organizations.

Period.

Stand for your right to be individual, or later find individuality has been snuffed!

No _NSAKEY?

[canuck57]

Or just use encryption. To me, that's what is so baffling about the government privacy crackdowns. If anyone who was even remotely well informed wanted to communicate in private, they'd use strong encryption. I guess once someone uses encryption, they get an Indian military intelligence unit parked outside their door.

Yes, but blackberries make it easy to communicate securely. You don't have the hassle of a PKI infrastructure with S/MIME certificates, or using PGP.

Incidentally, blackberries support PGP and S/MIME on top of their existing security.

And no _NSAKEY. Guess that means RIM isn't in favorable books with the governments. Wonder what their fall out will be?

Bet there will be some quiet legislation to change this. The government(s) fear the people.

I know...

[stands2reason]

PGP anybody?