BlackBerry- in a Security Jam – and the way out!

Ask any grandma, and she’ll tell you that the best way to make Blackberry jam is to add sugar and preservative to crushed berries, as you bring the mix to a rolling boil, at least 3 times before it becomes sticky, and the right viscosity for it to store for a year, and be ladled up and consumed as breakfast bread spread. The manufacturers of BlackBerry devices, Research In Motion (RIM), yet again in a security jam with governments ranging from UAE and Saudi Arabia to India, seem to need the right recipe to find a face –saving solution out of this mess.

blackberry jam 024 120 dpi sharpened @ 10 Governments, and government agencies, in the post 9/11 terror climate, have been clamouring for access to scan and monitor email traffic as a way to pre-empt future attacks. While most internet service providers across the world have provided some kind of access into their databases, RIM has periodically been in the news for denying such access to these agencies.

Here’s why:   

End-to-End Encryption

Using Advanced Encryption Standard (AES) or Triple Data Encryption Standard (Triple DES)* encryption, email and other data remain encrypted at all points between the mobile professional’s BlackBerry smartphone and the BlackBerry Enterprise Server. And with optional support for S/MIME**, data is protected along the complete path between the sender and the recipient.

you can read the full text here and the meaning of this para as RIM lawyers have stated many times over in the US, France, China, two years back in India, and now again is that the technology standard used here doesn’t allow governments to snoop as the encryption keys are personal to the user or to the organisation that is setting it. Remember, this standard is used only for BlackBerry Enterprise Solutions, and not for those using BlackBerry  handhelds and syncing their gmail, hotmail, yahoo or even public domain hosted emails. Professionals, housewives, teenagers, and social networkers use the BlackBerry Internet solution that operators in 550 countries across the world offer, which incidentally is NOT encrypted!!

Yup! read that again-

Email messages that are sent between the BlackBerry Internet Service and your BlackBerry device are not encrypted. However, email messages that are sent between the BlackBerry Internet Service and your messaging server can be encrypted using SSL encryption.

You can read that text here. 

Torch_9800_Front_Open So what was the controversy again? why is media across continents writing about how governments are banning the BlackBerry, and why is RIM embarrassing itself in front of the media by provoking headlines such as the one in today’s Times of IndiaBlackBerry refuses to help on security

Liquor Baron Late Manu Chhabria when beleaguered by negative press had once said, “any publicity is good for business!” RIM would agree, in the last 5 years, BlackBerry users have grown from 5 million in 2005 to 41 million in 2009 worldwide, and counting!

So, if the controversy is about Enterprise encryption and not for normal push mail service, why doesn’t either party bend? First, Businesses are increasingly cross border, large military- industrial complexes, like to protect their data from government snoops. RIM built its business around serving knowledge sectors who need to protect and value IPR, to the extent of cocking a snook at the government. Even today, with  its wide acceptance as a high-end mobile device competing in looks, service, usage and snob appeal with the Apple iPhone and Nokia N/E series, RIM is doing well to protect its mobile data user base, which incidentally is also growing.

Why are governments bothering with unlocking the BlackBerry code? if the userbase is mainly corporates, and professional organisations, it should be easy for the Men In Black to just have a quiet chat with the IT managers of these organisations, as they set the codes, and can therefore, snoop into their own corporate email traffic. This incidentally, is standard practice, companies do have snooping policies and are responsible for email traffic originating from their employees. Remember, the news report of a Yahoo India employee being an ‘alleged’ terror suspect?

So what’s the way out?

  1. Governments can and should ask RIM for their Enterprise deployment lists. The same government agencies can then have a quiet chat with the IT managers in those companies, very discreet and very uninvasive.
  2. RIM spin doctors and lawyers should try the obvious. Read their own website and stop obfuscating facts with the governments and the media
  3. The Media could also read the same documents, instead of drumming up the noise, but then the stirring is an important part in the making of good jam.

Five years ago, BlackBerry service was available in 60 countries via 160 telecom providers, this quarter it notched its 100 millionth BlackBerry sold through 550 providers. The controversy has helped RIM spread this jam well and thick!!

Bookmark and Share

Advertisements
This entry was posted in Corporate and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s