[Reader-list] BB, cracked and buried. What else will follow?

radhikarajen at vsnl.net radhikarajen at vsnl.net
Thu Jul 17 17:02:56 IST 2008 

Hi,

 let us get our basics right, whatever be the developments in science and technology, one thing is for sure, old sayings are out of knowledge and experience, the old sayings say

  1. There is no lock without a key, or a lock which can not be opened.

   2. Crime is always one step ahead of prevention.

3. Human greed is such that it can open any hidden treasure.



  Regards.

----- Original Message -----
From: s|s <supreet.sethi at gmail.com>
Date: Thursday, July 17, 2008 3:27 pm
Subject: [Reader-list] BB, cracked and buried. What else will follow?
To: reader-list at sarai.net

> April 2008:	
> Express India:
> 	DoT said it was responsibility of domestic mobile service 
> providers like
> 	Bharti, Vodafone and others to ensure that security system was in 
> place before
> 	offering Blackberry e-mail and mobile messenger services.
> 
> May 2008:
> The Examiner.com:
> 	In a fresh twist to the ongoing dispute between Research In 
> Motion (RIM) and
> 	the government of India, RIM said that it is unable to provide 
> access to the
> 	Indian government as it does not possess the key to the encrypted
> data. According
> 	to RIM, security design for enterprise customers is so designed 
> that it is not
> 	possible for RIM or any third party to access encrypted information.
> The security
> 	design is modeled on a symmetric key system enabling the 
> customers to
> create their
> 	own keys, which are not available to a third party.
> 
> June 2008:
> Economic Times:
> 	In a complete about turn from its earlier stance, the department of
> telecom (DoT)
> 	on Wednesday said that there was no threat from Blackberry services
> and the government
>        had no objection if an operator wanted to offer these 
> services.
> The story started with possible use of blackberries by terrorist
> outfits. Followed by DoT becoming the blocker in the way of Tata
> Teleservices launching their blackberry service. DoT asked RIM for
> 'master' keys which will allow security agencies to read through
> messages and mails send by 4,00,000 blackberry services users. RIM
> puts empty hands on the table, there are no 'master keys' to this
> grand vault. Finally DoT announced, it does not see RIM blackberry as
> a threat to security. This episode being the first instance of visible
> intervention by government towards 'Cyber' surveillance. Implications
> are many fold.
> 
> Another facet of the ongoing security versus privacy debate is "who
> can and who cannot" keep their data private.
> 
> For the uninitiated RIM (Research in Motion) is a company which
> launched a protocol and a device called Blackberry few years back.
> Blackberry as a device with help of protocol, can provide end-to-end
> secure email and messaging services apart from normal cellular
> functions.
> 
> Blackberry provides security by encrypting the data. It is relatively
> new for devices like mobile phones to do this. This aspect of
> Blackberry coupled with its looks helped it find ready acceptance in
> corporate board rooms and slowly gain visibility in Small office and
> Home office segment. Encryption converts meaningful text to gibberish
> which can only be decrypted by use of a key. The novel idea in
> blackberry is generation and usage of key by the device instead of
> being embedded by device manufacturer. The key used in case of
> blackberry is 256-bit.
> 
> This key is used to transmit encrypted data over cellular lines in
> India to a server or group of servers run by RIM in Canada providing
> secure emails to its users. So as a representative of soverign of the
> land when DoT asked for the keys which are unique per device, it is
> exercising its right to intercept data passing from India into foreign
> land. RIM apparantly provides two kind of services. BIS to individuals
> and BES to enterprise users. RIM during negotiation announced that
> they 'may' give access to survillence agencies to snoop mails sent
> using BIS. Placing corporate users above law.
> 
> 
> Encryption or transfer to foreign lands is nothing new. Most portals
> which provide E-commerce are doing one or both. Is DoT going to go
> after them as well? Also DoTs assertion at using 40-bit encryption
> instead of 256 is interesting considering 10 years back, it would take
> 4 hours for a bunch of machines to break 40-bit keys. While we are at,
> we should also file away our locks, so that thieves have easier time
> getting into our houses.
> 
> 
> 
> -- 
> ~preet~
> http://jpgmag.com/people/djinn
> _________________________________________
> reader-list: an open discussion list on media and the city.
> Critiques & Collaborations
> To subscribe: send an email to reader-list-request at sarai.net with 
> subscribe in the subject header.
> To unsubscribe: https://mail.sarai.net/mailman/listinfo/reader-
> list 
> List archive: <https://mail.sarai.net/pipermail/reader-list/>

More information about the reader-list mailing list