Yes, to me it is believable. Reasons: 1) RIM uses AES, an open standard for which it is proven, that no master key exists 2) To generate the keys on the device and server, RIM uses SPEKE, an open standard to generate keys without ever transmitting it. 3) The moment RIM has the keys and this is getting public knowledge (and something like this would get out), the business model of RIM is dead
I somewhat can understand the concern of law enforcement that a secure mail environement makes their job more difficult. On the other hand, giving access to the RIM infrastructure implies that you are no longer innocent until proven otherwise, but you are now suspect until your innocence is proven. BAD
While Internet Service and PIN2PIN messages seem to be encrypted with the same key for everybody, RIM always claimed that enterprise mail is encrypted with a unique key end to end from the enterprise server to the device and that nobody else has this key, specially not RIM. Enterprise mail solution is crypted with AES 256bit, so if this is true, your corporate mail should still be safe. And if you don't trust this, use S/MIME or PGP or don't use mobile corporate mail at all.
Anyway, this step does not increase the customer trust in the RIM solution, I really hope for a clear statement from RIM on this purpose.
Slashdot Mirror
To be exact, rÃteromanisch is not a Swiss German dialect, but a proper language for itself
Yes, to me it is believable. Reasons:
1) RIM uses AES, an open standard for which it is proven, that no master key exists
2) To generate the keys on the device and server, RIM uses SPEKE, an open standard to generate keys without ever transmitting it.
3) The moment RIM has the keys and this is getting public knowledge (and something like this would get out), the business model of RIM is dead
I somewhat can understand the concern of law enforcement that a secure mail environement makes their job more difficult. On the other hand, giving access to the RIM infrastructure implies that you are no longer innocent until proven otherwise, but you are now suspect until your innocence is proven. BAD
While Internet Service and PIN2PIN messages seem to be encrypted with the same key for everybody, RIM always claimed that enterprise mail is encrypted with a unique key end to end from the enterprise server to the device and that nobody else has this key, specially not RIM. Enterprise mail solution is crypted with AES 256bit, so if this is true, your corporate mail should still be safe. And if you don't trust this, use S/MIME or PGP or don't use mobile corporate mail at all.
Anyway, this step does not increase the customer trust in the RIM solution, I really hope for a clear statement from RIM on this purpose.
I once had a system where a simple ls would time out as too many files were in the directory.
a simple
echo *
does the trick