India Now Wants Access To Google and Skype 366
crabel writes "A couple of weeks ago India went after RIM and its mail service; it has extended its hunger for data now to all telecommunications. All telecom companies have to give them access to all voice over IP services that go in/out or happen within the country. Heck, they are even going after VPNs used by corporate employees working remotely."
Is India trying to *stab* its economy? (Score:5, Insightful)
well... (Score:3, Insightful)
Maybe this is a good thing, in a way. maybe if India requires access to corporate vpn, it will dissuade security-conscious companies, such as a large, multinational, 3-lettered one, from outsourcing to india
If only ... (Score:4, Insightful)
Re:Well... (Score:5, Insightful)
Considering how many businesses still flock to China with relatively little protection for their IP, I doubt this will affect business relations much as long as it is more profitable to do business there than elsewhere.
Re:Sevens Sins (Score:4, Insightful)
That's Nice (Score:4, Insightful)
Re:ok... (Score:3, Insightful)
Only way the government is getting access to my VPNs in the US is with a court order and warrants, and even then they're only getting exactly what is spelled out to the letter in the warrant and nothing more. Any vague sweeping requests will be punted back up stream.
The Great Wall of India (Score:2, Insightful)
Seems like the Indian government has found a more effective way of building a great wall around its borders - let the people outside build it.
Re:Well... (Score:5, Insightful)
how is this NOT an outlawing of encryption? (Score:5, Insightful)
so let me get this straight. the indian government thinks it has a RIGHT to intercept all communication that it wants to (sans warrant, mind you).
does that essentially make personal end-to-end encryption illegal? it has to! the concept of you being able to conceal your comms is in the process of being ILLEGAL there.
people are commenting on 'well, just use SSH or SSL or ...'.
but you are missing the point. if they insist on getting access to all comms, you think they'll tolerate people doing an end-run around this?
the VERY next step is to identify users who side-step this with their own encryption layer and persecute them, one way or another. it has to follow. first you require all data to be sniffable and then you go after those that won't agree.
I remember about 20 yrs or so ago, it was illegal for french citizens to use encryption (details are fuzzy; I may not have this exactly accurate). but france was some kind of exception and vendors had to do all kinds of backflips to sell to french companies. are we going back to shit like this, again??
I think we are. its absolutely coming that encryption will be deemed 'munitions' again. or, encryption that WORKS; the bullshit encryption you think you can trust but is breakable will be 'allowed' to you to keep you feeling like you have some control.
I guess its now: any encryption that is legal is encryption you cannot trust.
Too bad for Democracy (Score:3, Insightful)
India Now Wants Access To Google and Skype
Google and Skype should just say no. In fact, if everybody said "NO!" then India would condemn itself to being a third world country. It would also give BlackBerry an incentive to say "NO!" too, because if your competition isn't making money off of evil, then BlackBerry isn't losing any business from competition. Of course India (et al) could always just continue to steal technology, but at least that would give trading partners an incentive to retaliate.
When the democracies start spying on there own citizens then being in a "democracy" is quite useless. Warrants, oversight and checks and balances are what made America (on paper at least) a great nation. Too bad everybody is falling for the lowest common denominator repression that used to be the primary domain of dictatorships.
Re:Is India trying to *stab* its economy? (Score:5, Insightful)
This is especially true considering just how notoriously corrupt a lot of the Indian government is. It has been featured on NPR and other news outlets as being a large impediment to business.
Then you will have someone in a position where they have access to all of your company's secure communications? For the price of a bribe anyone could find out proprietary information that could sink your company or they could gain access to listen in on calls and glean account information for identity theft or just to solicit customers.
Re:India = not all that democratic (Score:3, Insightful)
our CFO's will outsource the 'mundane' coding, sure. but sensitive stuff? any smart CFO will rethink this.
finally, a competitive advantage. at least RIGHT NOW, the US won't demand that all US based VPN's be sniffable at any time and without a warrant.
we finally have a good reason to NOT offshore; that CFO's can understand.
Re:India = not all that democratic (Score:2, Insightful)
Re:Well... (Score:2, Insightful)
I'm posting anonymously as my new employer has not found the time to purchase my company laptop and I'm "borrowing" a co-workers machine.
So, post explanation, let me say I have many friends, a few family members, and a few acquaintances who are from India. Even knowing how nice these people are and such, I agree with Panda - fuck doing business with India. The reasons I say this are manifold, but include the fact that if American companies quit outsourcing to India (and other countries) exactly how many jobs would be created in the American economy? How much money would be pumped back into the economy that is teetering between recovery and disaster #2? Are companies so stupid that they have lost sight of the fact that if America's economy fails and we cannot get jobs that pay a living (or BETTER) wage then WE can't buy those nice shiny objects they're selling?
Borrowing heavily and massive credit card debt are slowly being eliminated from the many friends and family I've talked to - and news I keep hearing as well. Everyone is a little paranoid and they are paying off debt as fast as they can; well, most everyone is. We have plenty of people who want to work in the United States they just don't want to work for $5 or $6 an hour AFTER taxes. Unless you're living in a highly affordable area (which eliminates most cities), then you can't survive on that wage without help of some kind.
Bah, I've digressed a bit but the point remains - do business in America you American companies. Stop outsourcing everything, including the natural talent that America (used to?) has. If we keep brain-draining our research and other knowledge to foreign countries what the hell are we going to have left? We've shipped everything else off - manufacturing, electronics, call centers, etc, etc.
Re:Not A Surprise (Score:5, Insightful)
This level of monitoring without transparency will just make corruption easier.
Re:how is this NOT an outlawing of encryption? (Score:5, Insightful)
people are commenting on 'well, just use SSH or SSL or ...'.
but you are missing the point. if they insist on getting access to all comms, you think they'll tolerate people doing an end-run around this?
I think the legislators miss the point about "encrypted VPN" being such a trivial technology. They probably think there must be around 100 big companies doing that in India right now and they will soon discover that their law is inadapted. Back to the drawing board.
I remember about 20 yrs or so ago, it was illegal for french citizens to use encryption (details are fuzzy; I may not have this exactly accurate). but france was some kind of exception and vendors had to do all kinds of backflips to sell to french companies. are we going back to shit like this, again??
There was a limitation to the key length. More than a certain length was considered "military material" and required some authorization. Mind you we were happily generating 1024 bits keys (the limitation was something ridiculous. IIRC but it was something like 56 bits), using them routinely. I doubt anyone has ever been prosecuted for this. It bothered vendors though. We do that a lot in France : vote bad laws, do not apply them, use them as a precedent to vote even worse laws, rinse, repeat.
Just because you want.... (Score:2, Insightful)
Governments are like puppies. They keep crapping in the middle of the floor until you rub their nose in it a few times.
Re:Well... (Score:4, Insightful)
I'll second that because I see you got modded flamebait as well. It's nothing against Indians or companies that operate in India, but data disclosure is something you need to be aware of. If a company is going to be distributing your information you need to know who it goes to and why they want it. The fact that this would apply to every company that operates in India seems very relevant.
Maybe you decide it's ok that the Indian government gets ahold of your data. Maybe your data is sensitive and you don't want any government obtaining it. It's worth paying attention to at the very least.
Re:India = not all that democratic (Score:4, Insightful)
our CFO's will outsource the 'mundane' coding, sure. but sensitive stuff? any smart CFO will rethink this.
Yeah right, the executives that work their way up to CxO are the guys who would save a nickel today to get their bonuses and take a golden parachute out tomorrow when the company tanks.
Re:ok... (Score:4, Insightful)
Or a "National Security Letter" where you can't neither talk nor complain about?
Re:Is India trying to *stab* its economy? (Score:5, Insightful)
This really wouldn't be too uncommon. IBM has to have very detailed technical conversations/emails/etc with outsourced people in India, it would not take much to determine their future plans, product launches, progress, feature sets, etc. If you're competing with IBM and have access to all this information, you can easily beat them in the game. Same goes for any company with outsourced workers in India. It's not necessarily that it would "quickly sink" IBM, but it could easily quickly sink a new product launch, or a new division... And if you're a startup, and IBM, HP, or MSFT has access to this information that you've passed off to your outsourced labor, it could very quickly sink your company. IBM releases your product 2 months before you do you're done.
You mentioned "thinking about your internal security" the problem isn't internal security, it is that your perceived internal security now has an open spigot to the government of India... you have no internal security by default. Employees have to be able to discuss project progress, plans, etc. You have to have product meetings, there has to be communication about these things or nothing will ever get done. And the nature of these discussions if revealed to a third party can easily spell doom to a product, business division, or startup.
Further, it would be a huge temptation to use this information to trade stocks... Think you overhear an HP conversation where its revealed that they just lost a major customer to IBM, or they are months behind schedule on a new product... You've finally found step 2
1) Use gov't access to private communication to glean insider information
2) Short/Buy stock as appropriate
3) Wait for information to become public/earnings release
4) Profit
Re:Well... (Score:3, Insightful)
Encrypt your data. Public VoIP gets the exact same treatment as the telephone network when you're calling your branch office in Mumbai - if the government asks, the call is intercepted, and any third parties will give out your data - your phone, mobile, mail and DHL/Fedex packages are all subject to this.
If you want privacy, don't trust third-party public networks and do encrypted message exchanges that you and only you control.
Re:Well... (Score:4, Insightful)
Re:Well... (Score:2, Insightful)
Who do they think they are, the US?
Re:Going too far, BUT... (Score:5, Insightful)
And Indian civil society is not going to take it
Sure they will.
Over the past ten years the government of the USA has eroded the civil rights in your nation, and the citizens by and large have said "meh" and gone back to watching Kate Gosselin on "Dancing with the Stars." Why should India be any different?
Re:Well... (Score:3, Insightful)
Re:S/MIME (Score:4, Insightful)
Actually, they make a lot of sense. If you rely on blackberry encryption, you have no idea when your privacy is being invaded by the Indian government. With S/MIME, they can't even attempt to spy on you without you being aware. They won't go fishing through your correspondence. They won't data-mine you. They would need to be specifically targeting you and admitting to you that you're under investigation to even have a chance of seeing your mail.
Re:Well... (Score:1, Insightful)
Guys - stop working with India.
You sound like you are the CXOs of big firms - you are not. You are a bunch of salaried programmers who have no control on what your companies do.
The few places you have ability to stop .. is say in healthcare. Right now .. most of your stupid crowns come from india, your radiology pictures go to india, and your health insurance (oh and your 401k analysis.) is also done in India.
If not you - some one else will do business with us. And anyways - since when did Americans do whats good for the country and not whats good for themselves.... you wanted cheaper heavy industries, and manufacturing went to china and blue collar labor went back the backyards. Next consumables went to china (even your dog food comes from there LOL), and next will be you programmers, financial analysts and everyone except your plumber.
Wanna save your job - go find a hands on job. Do some real work before you demand $100/hr for doing some crap HTML that most high school students could do.
Re:Well... (Score:3, Insightful)
Appeasement... (Score:3, Insightful)
never works. It only emboldens that aggressor.
Re:India = not all that democratic (Score:2, Insightful)
Note sure why you got modded down, I'll repeat your post here:
"A lot of people don't know this, but the Indians were closely aligned with the Soviet Union in the 1970s. In particular you had the Indo-Soviet Treaty, under which India received military and (gasp) intelligence assistance from the Russians.
So the fact that they're behaving like pseudo-socialist totalitarians right now shouldn't really surprise anybody. And provided they continue to rent their workforce to US corporations at rates that can't be competed with on US soil, our CEOs and CFOs will continue to patronize them."
Re:Well... (Score:3, Insightful)
Re:Well... (Score:4, Insightful)
And that patent in China means far less than it does in the US. In China, companies copy products and ideas from other companies all the time, with little risk of losing more than they stand to gain by doing so.
Now in India you may lose trade secrets (schematics, blue prints, secret recipes, etc.) simply because your email is intercepted by a corrupt government official that hands it off to your competitor for a kickback.
Either way your company loses something that you can't easily get back. These situations are not all that different.
Re:Sevens Sins (Score:1, Insightful)
Re:Well... (Score:3, Insightful)
If you want to be secure from government intrusion, all of them. Don't be naive and think that US based CAs are any better. They'll roll over for an NSL in a second. If you want to be secure from the government manually create, exchange, and verify your own certificates.
copying patents (Score:1, Insightful)
...before china it was taiwan....and before that it was japan. The pattern is to be the manufacturer, learn how the design/ tech/ manufacturing works, then become independent.
Ex: Wiki 'Giant Bicycle' (http://en.wikipedia.org/wiki/Giant_Manufacturing)
It even happens to people who work for a promotion - learn the job of the superior (copy) and then innovate (or bullshit to the higher up).
Re:Well... (Score:2, Insightful)
Re:Not A Surprise (Score:3, Insightful)
Sniffing of all incoming and outgoing email in a Department of Defense is usually a good thing. Sniffing all incoming and outgoing email in the country is usuially NOT a good thing. Big difference here. You want your military secrets protected from being emailed by employees and contractors.
Re:Well... (Score:3, Insightful)
Re:vpns? maybe outsourcing will slow down, then. (Score:3, Insightful)
Ok, I admit, I'm only thinking of one or two executives in particular right now, but it can't be too uncommon.
Re:Well... (Score:3, Insightful)
but what native Indian is going to fight this? They all want to be safe.
You'll be surprised. And not all of us prefer to cower in safety while everything we say and do is monitored.