Spyware In BlackBerry Updates For Users in the UAE

mulaz writes with this excerpt from The Register: "An update pushed out to BlackBerry users on the Etisalat network in the United Arab Emirates appears to contain remotely-triggered spyware that allows the interception of messages and emails, as well as crippling battery life. Sent out as a WAP Push message, the update installs a Java file that one curious customer decided to take a closer look at, only to discover an application intended to intercept both email and text messages, sending a copy to an Etisalat server without the user being aware of anything beyond a slightly excessive battery drain."

it's a feature

c'mon real time backup, can't beat that.

Re:It's one from column A OR one from B not both.

[gEvil+(beta)]

" as well as crippling battery life." is not the same as "a slightly excessive battery drain."

It's slightly crippling?

UAE - no surprise

[Torontoman]

As far as non-north-american countries go - the UAE is very progressive. But a former client of mine who spent 8 yrs there working in administration pointed out - "in North America we are an odd country and culture - we simply take it as the norm that nobody will listen to us. That level of privacy is not the norm, it's unusual" He was in a senior healthcare position and essentially knew as a foreigner in a position of influence that he would be monitored regularly if not constantly.

Re:UAE - no surprise

"As far as non-north-american countries go - the UAE is very progressive" Hahahahaha, ahem, sorry I mean LOL. Are you serious? What's so "progressive" about north american countries? Different isn't better per se. "in North America we are an odd country and culture - we simply take it as the norm that nobody will listen to us" That's at least a generalisation, and some might say naive. "a foreigner in a position of influence that he would be monitored regularly if not constantly." Yes, that would never happen in north America.

Where shall I start? Women's Rights Minority Rights Freedom of Assembly Voting And this is just for starters. The UAE is very progressive, in comparison to other Middle Eastern countries, but still many decades behind the "decadent" West.

Re:UAE - no surprise

[julian67]

Yes it's so progressive that every new car comes with a tracking device built in so the govt always knows where you're driving. It also knows when you go to fast. They have this amzing system whereby if you drive over the speed limit a siren sounds in your car and gets louder and louder until you slow down to within the limit. Driving around Dubai you'll be passed by speeding cars with a terrible wailing siren sounding out over the terrible bass heavy music. These drivers are Emiratis, locals (70% of the population is foreign workers). They won't have to pay the fine so as long as they can stand the noise they'll drive as fast as they like. It's a bizarre phenomenon. It's absolutely no surprise that the state monopoly telco would also like access to all your communications whatever device you use. Skype is banned, and tor is blocked and using any privacy enhancing encryption leads not to the unfettered web but to the court house. Also progressive: jail time for sex outside of marriage, deportation with no notice if your boss withdraws your work permit and so on. I guess it looks progressive next to Saudi, but mostly it isn't progressive, only rich.

Re:UAE - no surprise

[MRe_nl]

No, more along the lines of Colombia, Chile, Uruguay, Bolivia...maybe.

Re:UAE - no surprise

Where shall I start?
The death penalty, no social security, no basic healthcare, the gun and the bible.
And this is just for starters. The USA is very progressive, in comparison to other American countries, but still many decades behind the "decadent" Europeans.

See, there's no truth, only peception.

-Death Penalty: All countries have this, just not for the same crimes. Try committing treason in most places and see what that gets you, and Genocide is punishable by death in pretty much any country that doesn't have general Death Penalty. I'm not saying the US is right, but don't try to pretend your country won't kill someone if they feel they have just cause.

- Social Security: Umm, yes we do have that.

- Healthcare: Again, we do have that, through Medicaid and multiple other programs. We just don't have one consolidated umbrella-type program run by the government.

- The Gun: Yes, every country has them. Some countries like the US seem to think that maybe more than just the political elite, military, and those with money & influence should be able to own them.

- The Bible: Again, every country has one. In many places, like the Middle East, they just use a different one called by a different name.

I can tell by your statements that by "progressive" you really mean "Socialist". The two are not the same.

Re:UAE - no surprise

[julian67]

If you have a new car (purchased in the last 2 years) it has a tracker in the license plate. I know this is true in Dubai, it may be different in other emirates. You will get in some deep trouble if the license plates are not affixed properly or appear to have been tampered with. You can see traffic accidents where the cops arrive, check the license plates are affixed and in order (on the right vehicle) and then their work is done and they leave. Same for the speed siren (maybe siren isn't the best term but when it's going at full volume it's impressive...can be heard very loudly from inside other cars...all mobile with windows up and aircon on)....it starts of as a gentle reminder and gets louder and louder and louder....

I hadn't mentioned homosexuality and I don't equate sex outside of marriage with homosexuality (necessarily).

Adultery = prison in UAE.

Dubai is liberal only compared to states where full sharia law is practised. If you're a foreigner or a local who dresses western style yes you can drink alcohol and if you're on a tourist visa you can share a hotel room with your partner without being married. If you're local or have a resident visa then you had better be very careful about your private life and keep it extremely private, even secret if you sleep with anyone other than your spouse. You'll notice that nobody in local dress is ever seen drinking alcohol. They won't be served and may have a lot of explaining to do. Similarly at the duty free shops and on UAE airlines an Arab won't get a drink unless in western clothes. It's a distinctly odd place where appearance is everything. You can *kind of* do as you please as long as you're furtive and don't embarrass anyone or do anything unconventional publicly. This 'freedom' doesn't extend to expressing yourself freely or to accessing uncensored tv, radio, or internet.

Re:UAE - no surprise

[spire3661]

Why would any normal western person subject themselves to such de-humanizing rules? You couldnt pay me to go to UAE. Its not that im a trouble-maker or rabble-rouser, but it seems that in those types of countries very small missteps can land you in a whole heap of trouble. Its fine if they want to run their sovereign nation like that, I jsut dont ever plan on subjecting myself to their rules.

Re:UAE - no surprise

[julian67]

Why do foreigners live there? Generous salaries and no tax. I'm not sure many people want to set up home permanently but if you can work there for a higher salary than at home, pay no tax, get generous benefits (health, a house etc) then in 5 or 10 years you can have saved a really big pile. For workers from India, Pakistan, Philipines etc there aren't the generous benefits and nice accommodation but they can make a lot more than at home especially if they are skilled. They can go home at the end of their contract and buy a home or set up a business, pay off their family's debts etc. For them it beats a life of guaranteed breadline existence.

Re:UAE - no surprise

[the+9a3eedi]

I dunno, some parts of your comments seem rather exaggerated. First off, Emaratis HAVE to pay speeding fines. I know that because I'm an Emarati myself. And no, we dont get some special discount. We might be able to get away with it because we know where all the traffic radars are and so we slow down just in time :P There isn't any "siren" implanted in our cars. It's just the standard "bell" that comes out from the car when you go above 120km/h . I really don't think it's due to a government regulation, but it's probably dependant on the car itself. Our family bought a Pajero last, and whenever I speed, I do get a rather annoying continous beep from it, but it's not that loud. The sound can be drowned with music played in a reasonable volume. Also, that claim that using privacy enhancing encryption can lead you to the courthouse sounds farfetched to me. I've been using privacy enhancing applications in the UAE the entire time, and I'm fine. Also, tor works. I tried. If it would really eventually make me end up in the courthouse, give me evidence. As an Emarati, I admit that my country has some problems, but there is no need to exaggerate things and tell lies which would unnecessarily damage the reputation of the country.

Re:UAE - no surprise

[the+9a3eedi]

P2P networks like Bittorrent and Gnutella always work with me. Never had any problems with it. And if tor doesn't work, I really think it's tor's fault, and not the ISP. Tor is encrypted, isn't it impossible for the ISP to "block" it?

Apparently, VoIP services aren't completely blocked. It's just the ones that allow you to do cheap PC-to-Phone calls that are blocked, as it would kindof interfere with Etisalat's revenue. However, things like SIP and Google Talk, where it's just PC-to-PC works perfectly fine.

Flickr is blocked because Etisalat blocks "dating sites". That's the official reason. Yes, I know, flickr is not a "dating site" :P . It's a shame that it got blocked for something silly like that.

In general, Etisalat's Internet service is pretty horrible compared to other countries. It's a well known fact. Sucks, but the people there generally just accept it and try to find workarounds (and doing that doesn't get them into trouble).

How slightly?

[damn_registrars]

slightly excessive battery drain

As a crackberry user myself, I can tell you that sometimes a change in battery life isn't even something I would worry much about. Considering the number of applications that many of us have on our 'berries, the number we have in the background at any given time, and the amount we use the applications in the foreground, a noticeable shift in battery life between Tuesday and Wednesday might not be considered abnormal. I know there are people who just charge every night religiously because they always want to start with a full battery in the morning; if they ended at 45% instead of 55% they might not think anything of it as long as their charge made it to the end of the day.

On the other hand if they normally end at 45% and now they don't make it through the day, they would likely notice that.

Re:Steve Jobs is a flamer

[Freetardo+Jones]

You say it as if its a bad thing.

That's because it is.

I, for one, would rather see Jobs get his liver than, say, some old person who worked as a machinist for 30 years, or even worse, an alcoholic native american.

Yeah, because the only choices were either him or the two extreme examples you've given. There are probably plenty of people on the list far more deserving than Jobs who got bumped down because they couldn't afford to buy their way to the top.

Re:Why would they need this?

[guruevi]

Supposedly, e-mail between the company's server and the device is encrypted (although at one time, there were some protests to using Blackberries because the messages pass through RIM's servers which were located somewhere in Canada - I don't know if that's still the case).

More information

[mothrsuperior]

the register has a followup (including some code) here.
  Apparently etisalat claims the spyware is for troubleshooting during the 2g to 3g upgrade.

Re:More information

[JCSoRocks]

Haha, of course! Troubleshooting network issues is so much simpler when you're using twice the bandwidth as you were before just so that you can send yourself a copy of everything being sent.

Re:Why would they need this?

[cvolny]

From the Register: "While text messages and phone calls are usually more easily intercepted at the network operator, the BlackBerry architecture doesn't lend itself to that kind of legally-authorised interception, which has caused problems in several other countries. It seems probable that this application was an attempt by the authorities to circumvent that architecture, and it will be interesting to see if a similar application appears on competing UEA operators."

Removal utility link deleted

[dougsyo]

The Register article stated:

No one from Etisalat, RIM, or SS8 is saying anything about the issue, despite the fact that the application appears remarkably difficult to remove. Enterprising hackers, though, have discovered it can be done, with one providing a useful utility (seventh message down) to automate the process.

It pointed to this link: http://supportforums.blackberry.com/rim/board/message?board.id=BlackBerryDeviceSoftware&thread.id=5504&view=by_date_ascending&page=2

But if you follow it you get:

The message you are trying to access has been deleted. Please update your bookmarks.

Interesting.

Doug

No, not interesting

It's just a typo in the link, and for some reason the 404 page says "deleted" instead of just "not found". If you read the elreg comments page, you can find the corrected URL and the thread is still live:

http://supportforums.blackberry.com/rim/board/message?board.id=BlackBerryDeviceSoftware&thread.id=5632&view=by_date_ascending&page=1

Re:Did it install on all Blackberry's connected

[HTH+NE1]

SS8 says their software is used by "some of the largest service providers in the world," so it may have been more surreptitiously pushed in phases by your own provider already.

Bum, bum, buuuuummmm.

Australia

Death Penalty, no we dont have it for any crime, this is the touchstone for the difference between civilised countries and others. Only uncivilised countries have the death penalty.

Socail security- You dont have a proper social security system compared with other countries.

Health Care-The US does not have universal health care but spends more than countries that do, quite an achievement.

The Gun- As much a religion to some in the US as the bible, we got rid of most of the guns in our society and we have no regrets.

YAnks just dont know what socialism is do they?

Re:Bullshit

[tolan-b]

> By the way, I know how healthcare works in Europe.
> "Oh, you have insurance, come ahead now." Maybe
> Greece and Italy aren't part of Europe, but your
> universal healthcare seems to be a case of some
> pigs are more equal.

Eh? Can't comment on anywhere else, but in the UK having insurance makes no difference to your treatment in the NHS. It means you can go to a private provider, but it makes no difference to your NHS provision.

Re:Did it install on all Blackberry's connected

[spire3661]

A good general rule of thumb is, If you dont want to be tracked or monitored, dony carry a cell phone, because at some point or another they ALL have ways of tracking you.