[Reader-list] BB, cracked and buried. What else will follow?
Patrice Riemens
patrice at xs4all.nl
Thu Jul 17 19:49:14 IST 2008
My understanding is that, at least in the 'dominant North', govts have
largely abandonned attempts to restrict the 'right to encrypt' (save for
provisions to retain encrypted messgs on the record far longer than
ordinary ones, in the somewaht vaporous hope to decrypt them in future,
when the crypto has become crackable), in order to clamp down on the
'right to decrypt' (DRM devices, govt communications etc). Possibly India
is trailing behind here?
Cheers, patrizo and Diiiinooos!
> In response to point 1 -> It is however impossible to get a locked message
> opened by the messenger (RIM) when the message has been locked by A, and
> the
> corresponding key is with B (and the system is set up with end-to-end
> encryption). While the lock can be opened, it cannot be opened by the
> messenger, since he doesn't have the key! So, is the government going to
> ban all forms of communication which it cannot snoop on? The logical
> extension of this would be to ban all cryptography in India. What will it
> ban next? PGPi (which allows you to encrypt e-mails)? E-mails (which play
> the same role as the messenger, RIM)? Languages for which there are no
> official translators? While this might sound absurd, I don't see how it
> is
> any more absurd than denying people the right to communicate privately.
> It
> is a slippery slope once one accepts the proposition that terrorists and
> child molesters necessitate governmental spying on all our communications.
> Bruce Schneier (on his website) and Cory Doctorow (in the Guardian) have
> both written extremely lucid articles defending the right to privacy which
> people who are interested could look up.
>
> Cheers,
> Pranesh
>
> On Thu, Jul 17, 2008 at 17:02, <radhikarajen at vsnl.net> wrote:
>
>> Hi,
>>
>> let us get our basics right, whatever be the developments in science
>> and
>> technology, one thing is for sure, old sayings are out of knowledge and
>> experience, the old sayings say
>>
>> 1. There is no lock without a key, or a lock which can not be opened.
>>
>> 2. Crime is always one step ahead of prevention.
>>
>> 3. Human greed is such that it can open any hidden treasure.
>>
>>
>>
>> Regards.
>>
>> ----- Original Message -----
>> From: s|s <supreet.sethi at gmail.com>
>> Date: Thursday, July 17, 2008 3:27 pm
>> Subject: [Reader-list] BB, cracked and buried. What else will follow?
>> To: reader-list at sarai.net
>>
>> > April 2008:
>> > Express India:
>> > DoT said it was responsibility of domestic mobile service
>> > providers like
>> > Bharti, Vodafone and others to ensure that security system was
>> in
>> > place before
>> > offering Blackberry e-mail and mobile messenger services.
>> >
>> > May 2008:
>> > The Examiner.com:
>> > In a fresh twist to the ongoing dispute between Research In
>> > Motion (RIM) and
>> > the government of India, RIM said that it is unable to provide
>> > access to the
>> > Indian government as it does not possess the key to the
>> encrypted
>> > data. According
>> > to RIM, security design for enterprise customers is so designed
>> > that it is not
>> > possible for RIM or any third party to access encrypted
>> information.
>> > The security
>> > design is modeled on a symmetric key system enabling the
>> > customers to
>> > create their
>> > own keys, which are not available to a third party.
>> >
>> > June 2008:
>> > Economic Times:
>> > In a complete about turn from its earlier stance, the department
>> of
>> > telecom (DoT)
>> > on Wednesday said that there was no threat from Blackberry
>> services
>> > and the government
>> > had no objection if an operator wanted to offer these
>> > services.
>> > The story started with possible use of blackberries by terrorist
>> > outfits. Followed by DoT becoming the blocker in the way of Tata
>> > Teleservices launching their blackberry service. DoT asked RIM for
>> > 'master' keys which will allow security agencies to read through
>> > messages and mails send by 4,00,000 blackberry services users. RIM
>> > puts empty hands on the table, there are no 'master keys' to this
>> > grand vault. Finally DoT announced, it does not see RIM blackberry as
>> > a threat to security. This episode being the first instance of visible
>> > intervention by government towards 'Cyber' surveillance. Implications
>> > are many fold.
>> >
>> > Another facet of the ongoing security versus privacy debate is "who
>> > can and who cannot" keep their data private.
>> >
>> > For the uninitiated RIM (Research in Motion) is a company which
>> > launched a protocol and a device called Blackberry few years back.
>> > Blackberry as a device with help of protocol, can provide end-to-end
>> > secure email and messaging services apart from normal cellular
>> > functions.
>> >
>> > Blackberry provides security by encrypting the data. It is relatively
>> > new for devices like mobile phones to do this. This aspect of
>> > Blackberry coupled with its looks helped it find ready acceptance in
>> > corporate board rooms and slowly gain visibility in Small office and
>> > Home office segment. Encryption converts meaningful text to gibberish
>> > which can only be decrypted by use of a key. The novel idea in
>> > blackberry is generation and usage of key by the device instead of
>> > being embedded by device manufacturer. The key used in case of
>> > blackberry is 256-bit.
>> >
>> > This key is used to transmit encrypted data over cellular lines in
>> > India to a server or group of servers run by RIM in Canada providing
>> > secure emails to its users. So as a representative of soverign of the
>> > land when DoT asked for the keys which are unique per device, it is
>> > exercising its right to intercept data passing from India into foreign
>> > land. RIM apparantly provides two kind of services. BIS to individuals
>> > and BES to enterprise users. RIM during negotiation announced that
>> > they 'may' give access to survillence agencies to snoop mails sent
>> > using BIS. Placing corporate users above law.
>> >
>> >
>> > Encryption or transfer to foreign lands is nothing new. Most portals
>> > which provide E-commerce are doing one or both. Is DoT going to go
>> > after them as well? Also DoTs assertion at using 40-bit encryption
>> > instead of 256 is interesting considering 10 years back, it would take
>> > 4 hours for a bunch of machines to break 40-bit keys. While we are at,
>> > we should also file away our locks, so that thieves have easier time
>> > getting into our houses.
>> >
>> >
>> >
>> > --
>> > ~preet~
>> > http://jpgmag.com/people/djinn
>> > _________________________________________
>> > reader-list: an open discussion list on media and the city.
>> > Critiques & Collaborations
>> > To subscribe: send an email to reader-list-request at sarai.net with
>> > subscribe in the subject header.
>> > To unsubscribe: https://mail.sarai.net/mailman/listinfo/reader-
>> > list
>> > List archive: <https://mail.sarai.net/pipermail/reader-list/>
>> _________________________________________
>> reader-list: an open discussion list on media and the city.
>> Critiques & Collaborations
>> To subscribe: send an email to reader-list-request at sarai.net with
>> subscribe in the subject header.
>> To unsubscribe: https://mail.sarai.net/mailman/listinfo/reader-list
>> List archive: <https://mail.sarai.net/pipermail/reader-list/>
>>
> _________________________________________
> reader-list: an open discussion list on media and the city.
> Critiques & Collaborations
> To subscribe: send an email to reader-list-request at sarai.net with
> subscribe in the subject header.
> To unsubscribe: https://mail.sarai.net/mailman/listinfo/reader-list
> List archive: <https://mail.sarai.net/pipermail/reader-list/>
>
>
More information about the reader-list
mailing list