Slashdot Mirror

← Back to Stories (view on slashdot.org)

BlackBerry CEO Promises To Try To Break Customers' Encryption If the US Government Asks Him To (techdirt.com)

Posted by BeauHD on from the chink-in-one's-armor dept.

An anonymous reader writes from a report via Techdirt that claims the company has "chosen to proclaim its willingness to hack into its own customers' devices if the government asks." From the report: From a Forbes article: "[CEO John] Chen, speaking at a press Q&A during the BlackBerry Security Summit in London on Tuesday, claimed that it wasn't so simple for BlackBerry to crack its own protections. 'Only when the government gives us a court order we will start tracking it. Then the question is: how good is the encryption? 'Today's encryption has got to the point where it's rather difficult, even for ourselves, to break it, to break our own encryption... it's not an easily breakable thing. We will only attempt to do that if we have the right court order. The fact that we will honor the court order doesn't imply we could actually get it done.'"

Oddly, this came coupled with Chen's assertions its user protections were better than Apple's and its version of the Android operating system more secure than the one offered by competitors. This proactive hacking offer may be pointed to in the future by DOJ and FBI officials as evidence Apple, et al aren't doing nearly enough to cooperate with U.S. law enforcement. Of course, Chen's willingness to try doesn't guarantee the company will be able to decrypt communications of certain users. Blackberry may be opening up to law enforcement but it won't be sharing anything more with its remaining users. From the Forbes article: "Chen also said there were no plans for a transparency report that would reveal more about the company's work with government. 'No one has really asked us for it. We don't really have a policy on whether we will do it or not. Just like every major technology company that deals with telecoms, we obviously have quite a number of requests around the world.'"

59 of 107 comments (clear)

  1. Benedict Judas Quisling goes all Boeing by Freshly+Exhumed · · Score: 2

    Isn't there a law or code of some sort that says not to murder, harm, sue, or otherwise ruin a paying customer?

    --
    I deny that I have not avoided attaining the opposite of that which I do not want.
    1. Re:Benedict Judas Quisling goes all Boeing by ShanghaiBill · · Score: 5, Informative

      Hold on. The headline is very misleading. He did NOT say they would attempt to crack if the government ASKED. He said they would do it ONLY for a court order, which is not ASKING, it is demanding.

      All companies are required to obey court orders.

    2. Re:Benedict Judas Quisling goes all Boeing by silas_moeckel · · Score: 4, Informative

      Companies are free to fight court orders he is implying he will not contest anything or even look too hard. It does not matter as their platform is dead.

      --
      No sir I dont like it.
    3. Re:Benedict Judas Quisling goes all Boeing by Megol · · Score: 1

      And attempting to do it would probably be asking the engineers and then relay their response to the court: "it's impossible"

    4. Re:Benedict Judas Quisling goes all Boeing by ewanm89 · · Score: 2, Interesting

      I haven't trusted blackberry since 2012. They already sold out back then.

    5. Re:Benedict Judas Quisling goes all Boeing by brantondaveperson · · Score: 4, Funny

      Of course it's not impossible.

      You deliver the court a PC, something nice and powerful, running a brute-force decryption crack attempt on the encrypted payload. Then you give them a reasonable estimate regarding how long they might expect to have to wait until the machine finds the correct key. That this length of time exceeds the lifetime of the universe might be understood to be the plaintiff's problem.

    6. Re:Benedict Judas Quisling goes all Boeing by ShanghaiBill · · Score: 2

      he is implying he will not contest anything or even look too hard.

      You are stretching his words far beyond anything he actually said. He doesn't say he would challenge a court order, he doesn't say he wouldn't.

    7. Re: Benedict Judas Quisling goes all Boeing by Anonymous Coward · · Score: 1

      "We will only attempt to do that if we have the right court order. "

      What part of this is difficult for you to understand?

    8. Re:Benedict Judas Quisling goes all Boeing by ShanghaiBill · · Score: 1

      Brute forcing the encryption is impossible in a practical sense, but that is not the only, or even the best way to crack a phone.

      Backdoors?
      Bugs?
      Soak the phone in liquid N2, then remove the RAM and scan the VM.
      Check the keyboard/screen for abnormal wearing or body oil.

    9. Re:Benedict Judas Quisling goes all Boeing by i286NiNJA · · Score: 5, Interesting

      Being scared of terrorists in a country almost bereft of terrorism is just shy of being an accomplice.

    10. Re: Benedict Judas Quisling goes all Boeing by barbariccow · · Score: 1

      "We will only attempt to do that if we have the right court order. "

      What part of this is difficult for you to understand?

      The definition of the word "right".

      I think he means those secret courts that you can't appeal or even disclose that you have to give up. They're called the FISA Court: https://en.wikipedia.org/wiki/...

    11. Re: Benedict Judas Quisling goes all Boeing by Anonymous Coward · · Score: 3, Insightful

      And the US Constitution and Bill of Rights handicap the US when dealing with countries such as China, Russia, or NK. While the NSA and CIA are subject to daily scrutiny the same cannot be said about US adversaries. You will never see any protesters in China, Russia, or NK demanding details of their countries intelligence agencies.

      Yeah and the US Gov is so handicapped by that scrutiny that their rates of regime-changing per decade are lower than China, Russia or NK. And the incarceration rates too.

      Without such handicaps the US Gov would have to interfere with democracies by paying for social media ads and fake news/users rather than making up lies and sending US citizens to kill brown people. /s

    12. Re: Benedict Judas Quisling goes all Boeing by gl4ss · · Score: 1

      That aside, this attitude is why BlackBerry collapsed. People wanted security. They got complicity instead

      ..the decline of blackberry had nothing do with security.

      but it did have everything to do with being unable to sell phones on any operator-bundling free market. they got used to that they had an operator in their pocket with their servers running at the operator and those traffics got priority and using their push technology. that became irrelevant before 2010 and they have been going downhill ever since and the operator bundling of really expensive phones where the customer doesn't understand the cost went to iphone.

      --
      world was created 5 seconds before this post as it is.
    13. Re: Benedict Judas Quisling goes all Boeing by Reverend+Green · · Score: 1

      TL;DR summary:

      Businessman subject to repressive government publicly promises to obey edicts of repressive government.

    14. Re: Benedict Judas Quisling goes all Boeing by Anonymous Coward · · Score: 1

      If an imminent national security related matter is discovered the Constitution and Bill of Rights get thrown out the window. After all the Constitution and Bill of Rights are not suicide pacts. And the US Constitution and Bill of Rights handicap the US when dealing with countries such as China, Russia, or NK. While the NSA and CIA are subject to daily scrutiny the same cannot be said about US adversaries. You will never see any protesters in China, Russia, or NK demanding details of their countries intelligence agencies.

      Okay, so we have a constitutional government, with all its benefits and civil liberties, unless the authorities decide that it's just too dangerous and inconvenient to have one. In that case they just throw the whole thing out the window. Saying the Constitution is not a suicide pact is a red herring. We have never been in a situation in which honoring and respecting and following the Constitution would have resulted in everyone's death.

      Seriously, what is this bullshit? You know why no one is demanding the details of what the Russian, Chinese and North Korean intelligence agencies are doing? Because those are authoritarian regimes! Yeah, gosh, it makes it really tough for the CIA that citizens have rights and protections (Not that they ever really let that stop them).

    15. Re:Benedict Judas Quisling goes all Boeing by silas_moeckel · · Score: 1

      Two big issues he is not saying he will fight any court orders, seeing that they commonly come with a gag order and having been on the receiving end in the hosting sector yea you have to fight them as the majority are junk they get dumped or changed with any pushback cops shop around for rubber stamp judges it can be as simple as waiting till the easy one is up in the rotation. Second blackberry should not be in a position to honor those court orders other than there is the encrypted blob and metadata even here is how our encryption works. If your building a system where you can decode in the middle your system is broken by design and needs to be fixed.

      --
      No sir I dont like it.
    16. Re:Benedict Judas Quisling goes all Boeing by Agripa · · Score: 1

      Of course it's not impossible.

      You deliver the court a PC, something nice and powerful, running a brute-force decryption crack attempt on the encrypted payload. Then you give them a reasonable estimate regarding how long they might expect to have to wait until the machine finds the correct key. That this length of time exceeds the lifetime of the universe might be understood to be the plaintiff's problem.

      The US Supreme Court ruling in Eldred versus Ashcroft established that "limited time" is not perpetual so it will take the government only a "limited time" (and an easily calculated bound time) to brute force any encryption system. What are they complaining about?

      Just like when a police officer stops you, he tells the court that you "eventually" pulled over no matter how quickly you did so.

  2. And? by MightyMartian · · Score: 4, Funny

    I'm sure all eight remaining BB customers are totally freaked out. Best switch to Windows Phone to keep their niche player cred.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
    1. Re:And? by ffkom · · Score: 1

      Yeah, but only those 2 of them can now buy Windows phones who are not yet in jail or beheaded because Blackberry squealed on them to their totalitarian government.

  3. Okay by alvinrod · · Score: 4, Funny

    Not that I was going to seriously consider buying a Blackberry product before, but I can't think of any possibly way this would make me want to change my mind.

    Is he just saying stupid shit like this so he can get fired and collect his golden parachute?

    1. Re:Okay by farble1670 · · Score: 2, Informative

      Is he just saying stupid shit like this so he can get fired and collect his golden parachute?

      The Blackberry CEO didn't say anything other than he'd comply with the "right" court order, which is true for anyone that wants to avoid going to jail. You might have to read further than the headline next time before you post.

    2. Re:Okay by Anonymous Coward · · Score: 3, Informative

      Apple refused to just 'comply' with the FBI's warrant and vociferously fought it in court. Enough so that the FBI withdrew their request. BB's CEO seems like he's ready to just roll over on you.

    3. Re:Okay by darkmeridian · · Score: 4, Interesting

      The article is deceptive and clickbait. Everyone has to comply with court orders, even though you can appeal them, but if you lose your appeal, you have to comply. The BB executive is making the point that "heck, our encryption is so good that we can't crack it even if we had to do it."

      --
      A NYC lawyer blogs. http://www.chuangblog.com/
    4. Re:Okay by farble1670 · · Score: 1

      Enough so that the FBI withdrew their request.

      It was withdrawn because the device was cracked by an Israeli firm.

      BB's CEO seems like he's ready to just roll over on you.

      Saying you'll comply with a court order isn't rolling over. What should he have done when asked? "BB promises to disobey local laws and regulations". He'd have been promptly dismissed by the board for gross negligence.

    5. Re:Okay by barbariccow · · Score: 1

      Yeah!!! And if you're lucky, you can live in a Russian embassy for the rest of while you're considered useful to them!

    6. Re:Okay by n329619 · · Score: 4, Informative

      Enough so that the FBI withdrew their request.

      It was withdrawn because the device was cracked by an Israeli firm.

      Not before they fought in court, with Tim Cook writing public letter about protecting the people's right, with some of the public interviewee realizing FBI on the wrong, with a number of technology giants supporting Apple including MS and FBI finding themselves in a position for a possible bad precedent against them.

      Only then they "just a day before the hearing" went and signed $15,278.02 contract with Cellebrite (Israeli company).

      There is zero reason they should be "postponing the hearing" and also signing a contract on a day before postponing, unless they've ran out of time on something bad against them. Apple really did "enough" to make the FBI withdrew their request.

    7. Re:Okay by drinkypoo · · Score: 1

      wrong. You always have a choice

      Yeah, you can choose to go to prison.

      You are the best kind of correct, but that's not much of a choice.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    8. Re:Okay by StormReaver · · Score: 1

      The article is deceptive and clickbait.

      Actually, the article is exactly correct and properly representative of what the Blackberry CEO said. Your interpretation applies (to some insignificant extent) only to enterprise customers, who possess the encryption keys. For everyone else, Blackberry possesses the encryption keys. For the former, Blackberry has promised to not oppose a court order if it is properly formatted. For the latter, Blackberry has promised to turn over the decrypted data upon request by any properly formatted court order.

      For Blackberry's remaining handful of customers, this should be very disconcerting. For everyone else, this is the nail in the coffin for any consideration they might have for using Blackberry.

      As much as I may despise Apple and Microsoft's products and general business practices, I can give them credit for doing everything in their power to defend their users from Government overreach. Sure, it's only because it's in their best business interest, but at least they do it. Blackberry has promised to roll over on their customers without so much as a squeak in protest.

    9. Re: Okay by farble1670 · · Score: 1

      His company is CANADIAN! Why the hell should he care about NSA?

      Yes, because who ever heard of a company selling products outside of their country or origin?!?

    10. Re:Okay by Fnord666 · · Score: 1

      For the latter, Blackberry has promised to turn over the decrypted data upon request by any properly formatted court order.

      which is no where near being a

      ... proactive hacking offer ...

      --
      'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
    11. Re: Okay by Brockmire · · Score: 1

      Apple had to posture because they were embarrassingly hacked by NSA for years. They were shamed by Snowden and wiki leaks for how invaded they were internally. BlackBerry's closest hacking revelation was the NSA's TAO turned an endpoint and was able to get BES communication after a targetted hit. They had to, they were security incompetent and needed a show for the public.

    12. Re: Okay by Brockmire · · Score: 1

      You look petty saying "properly formatted" . It's a fucking government court order, it's someone's fucking job to make sure they are all properly formatted to be approved by a fucking judge. How do you go on trying to say this is accurate reporting when you insert your own meaning, that means fuck all and were never said? You're a fucking asshole. You have no credibility.

  4. The REAL question is by sit1963nz · · Score: 1

    If he was asked to put in a backdoor "by court order", would he....

    Thats the $64,000 question , and to be honest I and everyone else simply do not know. Unfortunately in this case that amounts to distrust.

    BB is gone burgers

    1. Re:The REAL question is by Anonymous Coward · · Score: 1

      Actually, there are already implications that there *IS* already a back-door in their software. It is alluded to in the last couple of paragraphs of the article.

    2. Re:The REAL question is by PolygamousRanchKid+ · · Score: 4, Interesting

      If he was asked to put in a backdoor "by court order", would he....

      Governments already require telcos to implement backdoors under the guise of "Lawful Interception": https://en.wikipedia.org/wiki/...

      I developed for an ISP platform of "a major provider" in Europe a while back, and guess what . . . ?

      Yes, it was conform in providing this LI service to the folks, um, "entitled" to it. It was even implemented so that the platform operators could not see who was being tapped. This was because the spooks feared that "criminals" would smuggle in their own folks to work as operators, who could then tip off the criminals when the spooks were tapping them.

      The spooks are supposed to have the proper judicial approvals . . . but it's like a dubious dance club catering to underage drinkers . . . no one is checking IDs at the door.

      Someone should directly ask Blackberry how they assist "lawful" organization trace and tap communications on their systems.

      Whoops! That pesky little National Security Letter Gag Order, again . . .

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    3. Re:The REAL question is by n329619 · · Score: 1

      If he was asked to put in a backdoor "by court order", he wouldn't need to because they already have a back-door.

      I'll take that $64,000. Thank you.

    4. Re: The REAL question is by Reverend+Green · · Score: 1

      Can a given communication device be lawfully sold in the United States, Russia, and/or China? If so, it spies on you!

    5. Re: The REAL question is by Brockmire · · Score: 1

      In one case, they had future BBM messages intercepted and stored which allowed them to catch pedophiles. They were basically saying, 'we do this kind of thing, we feel like we're doing the right thing'. They are privy to some fucked up sickos, and many people have no problems legally catching these fuckers. It's hard to take a stance on not helping when you know what bad shit bad people do. You become complicit when you stand around and let it happen.

    6. Re: The REAL question is by Brockmire · · Score: 1

      Only the Z10 had a removable battery, the rest don't.

  5. No Surprise by Anonymous Coward · · Score: 1

    If you don't know me by now...

    Blackberry Offers 'Lawful Device Interception Capabilities'

    BlackBerry Hands Over User Data To Help Police 'Kick Ass,' Insider Says

    BlackBerry CEO 'Disturbed' By Apple's Hard Line On Encryption
     
    ... then you will never never know me.

  6. NOTHING TO FEAR by Anonymous Coward · · Score: 1

    BUT FEAR ITSELF

    1. Re:NOTHING TO FEAR by MoaDweeb · · Score: 1

      I must not fear. Fear is the mind-killer...

      --
      New Zealanders are well balanced with a chip on each shoulder. One represents Australia, the other the rest of the world
  7. Fuck me! Blackberry just INVITES irrelevance! by Chas · · Score: 2

    Seriously.

    They're so customer unfriendly it's not even funny.

    "Yeah. We know you paid a lot of money for our products. But fuck you! Because we have an "in" with the gub-mint!"

    --


    Chas - The one, the only.
    THANK GOD!!!
    1. Re:Fuck me! Blackberry just INVITES irrelevance! by Chas · · Score: 1

      I didn't say they weren't ALREADY irrelevant you shitstain.
      I simply said that they keep inviting it.

      --


      Chas - The one, the only.
      THANK GOD!!!
  8. Exactly. And Blackberry got what they deserved... by ffkom · · Score: 1

    ... in return: Irrelevance.

  9. Relevance by DaMattster · · Score: 2

    I wasn't aware Blackberry is even relevant anymore. Now I have even more reason to stay away ... as if there weren't enough reasons anywway.

  10. This is a BIG DEAL by 93+Escort+Wagon · · Score: 3, Funny

    ... says 2008 me.

    --
    #DeleteChrome
  11. How is this news? by CanadianMacFan · · Score: 1

    They have always done this, even when they were Research in Motion. The only change is that they are saying it's hard to break the encryption. At least when they had their own OS and applications which interacted with the enterprise software the company had keys, on a regional basis, to decrypt the data. It sounds like they can't decrypt the phone itself easily, but are happy to try. I'm sure that they still have the ability to decrypt anything that goes through the enterprise software.

  12. BB vs. Apple by supernova87a · · Score: 2

    That I have never heard of Blackberry / RIM being in the news for resisting or challenging a government order to reveal customer data speaks a great deal to me.

    At least I have some public signalling by Apple that they think about whether they should or not. Maybe BB thinks about this as well, but I don't hear about it.

  13. Blackberry is a Joke by Murdoch5 · · Score: 1, Insightful

    You'll try to help police get into a protected phone? He should be fired for make that statement.

    1. Re:Blackberry is a Joke by Neuronwelder · · Score: 1

      Did I overlook something? Isn't privacy the thing that gives a device value? Would life be devalued if we lost it all?

    2. Re:Blackberry is a Joke by Murdoch5 · · Score: 1

      Yes, once a device has no privacy or when you have a public statement that the company behind the device doesn't give a rats ass about security, the device becomes worth almost nothing.

    3. Re:Blackberry is a Joke by Neuronwelder · · Score: 1

      Thank you! You are awake.. I know that you were born into an era that has not known much freedom. And were loosing more by the day :( ..Look at the old Woodstock Festivals to see people enjoying freedom on youtube.

    4. Re:Blackberry is a Joke by Murdoch5 · · Score: 1

      I work in high-security IT, it's my job to make sure that no one and nothing can track or read anything my team does. I understand more than most people the need for privacy.

  14. Apparently people have very short term memories by XSportSeeker · · Score: 3, Insightful

    I've been repeating this for quite a while now, but I dunno for what reason, people have apparently forgotten all about the case involving the Canadian Mounted Police, a master decryption key for all non-enterprise accounts, and extremely crappy response from your same very own John Chen who was also the CEO back at the time.

    Let me refresh people's memories:
    https://www.theverge.com/2016/...
    https://news.vice.com/article/...
    http://blogs.blackberry.com/20...
    https://www.computerworld.com/...

    If anyone was stupid enough to fall into the obvious and very false statement that the new Blackberry had better costumer protection in place in comparison to Apple or other Android brands, it's on you for not doing very basic research.
    It's like getting surprized with a new round of scandals of Lenovo laptops having malware pre-loaded on their bios. There have been enough cases to know what the position of the company is. If you are still throwing your money at them, you are just reinforcing the behavior and proving to them that it's acceptable.
    John Chen has said nothing there that he didn't already say in the past. While he is the CEO of the company, such behavior is to be expected. Anyone who cares about their own personal privacy and about having proper standards on costumer protection should've already let go of the brand by now.

    1. Re:Apparently people have very short term memories by nnull · · Score: 1

      What difference is this with Android fracturing again with Samsung, LG and every other brand now making their own closed source custom framework for Android? LG now installs applications for me without my knowledge (Ignoring Google Play Store completely), throws ads on my idle screen, and most likely spies on me all the time despite being encrypted. Samsung is on the path of doing the same thing and Google is taking the closed source approach to Android (And telling me how this is a good thing). And on top of all this, Google is constantly spying on me. It negates any customer protection or encryption. I really see no difference between Blackberry's approach versus all of every newer Android phones out there.

      Meanwhile, all this is making projects like Lineage OS more difficult to use as many functions of the phone no longer work when you root and install an open source version of Android (When before this wasn't a big deal). The very fact that Camera apps fail horrendously now in AOSP is a tall telling story for things to come to Android. I've been looking for phones with better Lineage support and the great irony is that they're all phones designed and made in China (go figure).

      Apple seems to be keeping its reputation but for how long?

  15. Re: Russian court order? by Reverend+Green · · Score: 1

    In Soviet America, laws enforce the courts!

  16. Encryption by ledow · · Score: 2, Insightful

    Aside from petty criminals, I would be shocked that any decent terrorist was even bothering to rely on any kind of third-party to provide their encryption anyway. I mean, that's just stupid.

    Use ANY communications medium you like. The same metadata would be present on just about all of them. And encrypt the message before you send it. It's not hard.

    Then you know that only the guy with the key can decrypt it and it doesn't matter what Blackberry/WhatsApp/Facebook etc. record - they only get the same metadata anyway. And, also, you could send the message by carrier pigeon if you were that paranoid. It would barely matter.

    What we're catching with such stupidity are not the master criminals, but the idiots. The idiots are easy to spot anyway, precisely because they give the game away from the metadata. While the master criminals aren't hindered in the slightest. Meanwhile, all our privacy is stripped away on the inference that we're somehow stopping the master criminals by doing so.

    I object to the stupidity, dumbing down, and taking me for an idiot - much more than I object to someone claiming to help the government decrypt if ordered to do so.

  17. Re: Apparently people have very short term memorie by Brockmire · · Score: 1

    How the fuck is BBM, a chat thing, considered your actual phone? It's no different than text, except that the whole world can access text messages through numerous ss7 holes. Fucking dummies.