RIM Agrees To Hand Over Its Encryption Keys To India 164
An anonymous reader writes "BlackBerry maker Research in Motion's (RIM) four-year standoff with the Indian government over providing encryption keys for its secure corporate emails and popular messenger services is finally set to end. RIM recently demonstrated a solution that can intercept messages and emails exchanged between BlackBerry handsets, and make these encrypted communications available in a readable format to Indian security agencies. An amicable solution over the monitoring issue is important for the Canadian smartphone maker since India is one of the few bright spots for the company that has been battling falling sales in its primary markets of the US and Europe. In India, RIM has tripled its customer base close to 5 million over the last two years,"
Yes but this won't help (Score:5, Insightful)
Part of the appeal of RIM was that you knew governments weren't out there stealing secrets sent across your network. I understand that India has a legitimate security need to be able to wiretap communications and so on. But this isn't going to 'help' RIM. This takes away the only major competitive advantage they had, which was that using RIM meant you knew no one in the indian government was going to steal your work and sell it to someone else (which is a serious concern in india).
If anything, this just levels the playing field. And that's bad for RIM, because they aren't competitive.
Re:Yes but this won't help (Score:5, Insightful)
It's pretty clear what happened. They kept the keys secret and held out for a long time on "principle" because that was the best business decision at the time. Then, as the onslaught of iPhone and Android took its toll, the principle changed to survival, because that became the new best business decision.
It's sad, but at this point, it hardly affects any country but India anyway!
Re: (Score:3)
And in most other countries you aren't worried about the government stealing and reselling most of your secrets anyway. At least not your own government.
But this is India we are talking about (Score:2)
Encryption is crackable
True, encryption _CAN_ be cracked, by hook or by crook
If it's USA, with its seemingly unlimited resources (NSA and the like always get a blank check from the congress for whatever black programs they initiate), I would agree with you.
But you almost forgot one thing, this is INDIA we are talking about - a nation which nearly 30% of its population still living below one dollar a day level
Re:But this is India we are talking about (Score:4, Funny)
Encryption is crackable
True, encryption _CAN_ be cracked, by hook or by crook
Are you talking about this [xkcd.com] form of cracking? Because, with a sufficiently long secret key, it is proven [wikipedia.org] impossible to break.
I like using long period [hiroshima-u.ac.jp] PRNGs to make an effective one-time pad. How you initialize the PRNG is your key.
Re: (Score:2)
In other words, you use a stream cipher.
Re: (Score:3)
Yes, and brute forcing the stream cipher key can take a very long time.
2^19937 is a big number.
Re: (Score:2)
You just told all of us your method, and we didn't even need to use a wrench.
One time pads are only unbreakable when they're generated with a true random source. What you described is a stream cipher, and as long as you know the key to initialize the keystream, it can be forced from you.
Of course, if you do have a true one-time pad, the location of your copy of it can be extracted just as easily. I'd say the only way to protect against that is to make sure no-one knows you use crypto at all.
Re: (Score:2)
By telling us his method, he lost the advantage of his method vs just using AES. IE, if we don't know how he generates the stream against which his data is XORed, that stream might as well be a one time pad. But now that he told us, the problem is reduced to brute forcing the initial stream generator parameters.
Re: (Score:2)
That was not my point at all.
JoeMerchant was implying his crypto method was perfectly safe against cryptanalysis because it's a one-time pad. However, in the same post he tells us he's not using a one-time pad at all, but a stream cipher.
Re: (Score:2)
Well, he admitted to using mersenne twister for generating the keys. Mersenne twister is not designed for cryptography so it's quite possible it's relatively easy to crack. From wikipedia: "Observing a sufficient number of iterates (624 in the case of MT19937, since this figure is the size of the state vector from which future iterates are produced) allows one to predict all future iterates."
Re: (Score:2)
Someone doesn't understand encryption. If you have a decent crypto system then you can tell the world how it works and it doesn't make a bit of difference, because you aren't getting the data without a key.
Unless I misunderstand, JoeMerchant wasn't describing how the crypto worked, he was describing his personal method of coming up with a key.
Re: (Score:2)
Read up on CryptMT [hiroshima-u.ac.jp] (which is copyright, so I use a non-IP protected variant with similar security properties.) Write me back when you have brute force tried 2^19936 keys on a trivial stream, then try that on a stream that starts at a key-selected point in a large image file, lots of data to load into memory just to "try" each key, increases cost of breaking considerably.
Since I am a US citizen and marketing a Crypto product for export, I have agreed to reveal the algorithms to the Department of Commerce up
Re: (Score:2)
If you're really interested, try reading a few pages here [hiroshima-u.ac.jp] the summaries are short and easy to understand.
Re: (Score:2)
Re: (Score:2)
Yes, and brute forcing the stream cipher key can take a very long time.
2^19937 is a big number.
I do hope you're not just XORing the p.random stream with the data. At least initialize a 256 byte cipher table via key expansion, and transform the enciphered bytes with it as well. Additionally use cipher block chaining such that the next block depends on knowing all previous blocks, and you don't reveal the 8bit block cipher mappings.
PRNGs were not meant to be used for crypto, and unless you're using a robust crypto framework in addition to the randomness generator, then your "2^19337" is just an il
Re: (Score:2)
Due to the nature of psuedo random number generators, a known plain text attack can tell us everything we need to know about the next iteration of your cipher.
Yes, of course, if the same key is reused (many times over LARGE messages). Also, encrypting a long stream of nulls is a great way to help a cryptanalyst break a stream cipher. There is a long list of ways to misuse stream, block, and all manner of cipher schemes. I am not alone [hiroshima-u.ac.jp] in use of PRNGs for stream ciphers.
I do believe that CryptMT faces a certain amount of negative pressure for real-world use because it is virtually impossible to brute force, if you use long keys. Most of the popular cipher sche
Re: (Score:2)
No encryption scheme is "proven impossible to break" because no (usable) encryption scheme is unbreakable (if you consider a random stream to be encryption, then in that case it would be unbreakable, but it would be useless). The one-time pad is only proven to be perfectly secure from an information theoretic perspective, which simply means that the only way to break it is through brute force. However, brute force still remains a viable option: if you can guess the key, you can decrypt the information. F
Re: (Score:2)
Give the US time..... Removal of all unions and government protections for workers in the name of "job-creating-free-enterprise", and we can also achieve that #0% number as well.
Re:Yes but this won't help (Score:5, Insightful)
Re: (Score:2, Insightful)
sure that they don't ship a backdoor? that's essentially what they're asking for "This satisfies India's core demand that RIM provide intelligence and security agencies with automatic solutions to monitor all communication on BlackBerry smartphones on a real-time basis, an official aware of the development said."
it's a pretty crazy requirement for a device that allows programmable code and tcp/ip though.
Re:Yes but this won't help (Score:5, Informative)
As has been pointed out over and over again, This Does Not Affect BES Users.
Everyone else is just as insecure as they always were. If you want security in India, RIM is still your only real choice.
More details here [crackberry.com]
Re: Not BES, and only India (Score:3, Interesting)
And it is probably also worth pointing out that this means that RIM's BIS service provides better content protection than SMS/MMS, unencrypted email (which is virtually all e-mail, and indeed all Android phones using the inbuilt GMail app), and almost any IM out there. I've also missed other equally unprotected means of communication.
Why? Because at least BIS is encrypted in transit to and from RIM. (To be fair, services like MSN Messenger in which all messages go through a central server could be considere
Re: (Score:2)
Re: (Score:3, Insightful)
Are you saying you trust your smart phone to have only real, valid intermediate ssl certificates? Or are you so ignorant to think that governments aren't trying to man-in-the-middle SSL like crazy, especially on mobile networks.
Re: (Score:2)
Won't matter once CALEA is amended to include non-voice public networks. It'll happen eventually.
This isn't to say I support the extension; I think those proposing it should be shot. That doesn't change the reality that it will eventually be enacted, whether it requires sneaking it into a broad authorization bill or actually getting the support to pass it on its own.
Re: (Score:2)
Use GPG, no one has the private keys except for me and the remote party.
GPG with K-9 on my android works just fine.
Re: (Score:2)
Are you saying that email sent via the Android GMail app isn't encrypted between the device and Google's servers?
No, I'm not saying that GMail for Android (or via a browser, or iPhone) doesn't use SSL. However, GMail is an e-mail service using a client (on Android) which doesn't have support for encryption apart from SSL to the server. Sure, if I'm sending GMail to GMail that's fine - it falls into the same boat as MSN Messenger. If I'm sending to a non-GMail recipient, then that goes out the window.
There are other apps which can use GMail, and do provide encryption functionality, but as with TextSecure - how common i
Re: (Score:2)
Sure, BES has that advantage. GP was responding to "unencrypted email (which is virtually all e-mail, and indeed all Android phones using the inbuilt GMail app), and almost any IM out there. I've also missed other equally unprotected means of communication. Why? Because at least BIS is encrypted in transit to and from RIM"
i.e. he was refuting the statement that Android phones send email unencrypted. This isn't true. Email is encrypted on the route to Google's servers. What happens from there is dependen
Who does it effect? (Score:2, Insightful)
I think we need to make clearer what exactly the impact of this is.
Does an Indian businessman who bought a Blackberry in SouthAmerica and is working in Europe be assured on some level of privacy on communications?
Does an American businessman with a Blackberry bought in the USA visiting India on the way to China need to rethink how company documents are transmitted?
Not very clear, especially as the BIS keys can't and therefore haven't been handed over.
So we have a new server in India, but what is being route
Re:Who does it effect? (Score:4, Informative)
My god these posts are annoying.
Does an Indian businessman who bought a Blackberry...
Does an American businessman with a Blackberry...
Do they have a BES? If they have a BES, nothing to worry about. Next question?
Re: (Score:2)
Re: (Score:2)
Email account details are stored on your phone, not the SIM. Switching SIM would be the equivalent of say switching from one public Wi-Fi connection to another. What you said in your second paragraph doesn't make much sense.
Re: (Score:2)
This Does Not Affect BES Users.
No, being within india they are already subject to indian laws, and already have to hand over any enterprise keys they have stored within india if they're 'asked'.
If you're running your BES from outside the country then you might have a temporary reprieve, until the indian government gets wind of that plan.
Re:Yes but this won't help (Score:4, Informative)
RIM doesn't have the keys to hand over. Again, see the link I sent. If you're referring to a company running BES in India being forced to give the gov't access to their communications, that's completely different and has absolutely nothing to do with RIM.
Still, the point stands. RIM is the only secure option -- the playing field has not be leveled.
Re: (Score:2)
RIM doesn't have the keys to hand over
Right, the company hosting the BES does. And has for a couple of years. For the moment if your BES is based outside of india you're 'safe', until the government figures out how to deal with that.
the playing field has not be leveled
It has. The situation is now no different from you running your own communications app on whatever platform(s) you want. If you're in india they can compel you to hand it over, if you base your servers outside india they can't do anything much to you, and you can't rely on RIM to provide you any inherent securi
Re: (Score:2)
I don't follow your reasoning? RIM still offers the only secure option, yet somehow they're just as insecure as the rest and thus a level playing field?
Moreover, how does RIM giving in to the Indian gov't on BIS snooping change anything at all about BES before and after they gave it?
Sorry, I just don't see how the playing field has been leveled in any way -- RIM is still way ahead in terms of security. They've been delt a blow, sure, but they've not been knocked down so far as to be on the same level as t
Re: (Score:2)
Why is RIM's option any more secure than using Exchange Activesync over HTTPS? I don't get the big deal when it comes to supposed BB security.
Re: (Score:2)
RIM still offers the only secure option
No, it doesn't. That's the entirety of my reasoning. A BES isn't any more secure than any other product can be. And now you can no longer rely on RIM bouncing data through waterloo to keep it secure.
A BES, or ANY communications server hosted in india: has to turn over keys or just the data to the government if asked.
A BES or any communications not hosted in india: Can make a legal fight out of it, might not have to turn data over.
Any communications via RIM are insecure from within india.
Re: (Score:2)
You're really stretching here. Sorry, but when it takes manpower and possibly complex legal action (to say nothing the expense!) for the Indian gov't to read my messages while it takes virtually no effort for the Indian gov't to read messages on other platforms, my platform is more secure.
It's like saying Fort Knox is just as insecure as my tool-shed because a highly-trained team of tactical and explosive experts explosives could get in if they really tried.
Re: (Score:2)
RIM is the only secure option -- the playing field has not be leveled.
In what way is RIM more secure than anything that implements OTR? e.g. Gibberbot on Android
Re: (Score:3)
As others have pointed out, this doesn't affect BES - they're as secure as ever in the enterprise.
Thing is, they've always given this level of access to governments (or we reasonably assume this is the case, anyway) for their BIS service The difference is officials in India needed to save face and made a big deal out of this - even though they're getting only what they were told they could get from the start, and certainly no more than any other government.
Re: (Score:2)
Well now they don't have to call to waterloo, and argue over just what they need to get the data. Now they can do whatever they want.
Also, BES for indian companies is a separate issue, because companies already have to turn those keys over to the government because they're subject to indian law.
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
No, there is no legitimate need to wire tap without any kind of warrant
I didn't talk about the requirements. Because 'requiring a warrant' is stupid. It's not stupid in the US legal system, but that doesn't mean that's appropriate for india, or oman, or the emirates or whatever. India has it's own legal system, it's up to them to decide what is or is not a sufficient condition for wiretapping, and that's a separate discussion.
Re: (Score:2)
so it's up to them to decide whether it's okay for police to spray bullets around for fun? No
yes actually. It is.
International treaties (which are laws that everyone agrees to follow) would preclude randomly murdering your own population generally, but a country is under no obligation to sign on to those treaties.
Re:Yes but this won't help (Score:4, Informative)
Re: (Score:2)
Businesses in india will already be subject to indian laws though. RIM isn't subject to indian law, that's why they've been able to squabble over this as long as they have.
Landgrab (Score:4, Interesting)
I understand that India has a legitimate security need to be able to wiretap communications and so on..
Nope. This is a landgrab. Law enforcement is constantly talking about "going dark", where in fact, the light they have is much brighter than they've ever had before -- technology only made it possible to snoop on everything, and now they want the laws for actually doing so, and to lever out any countermeasures the user may take.
In the 80ies, wiretapping actually meant either a) placing a wiretap in the users phone or b) going physically to the phone switch where the user was connected to, and placing the tap there. Both only done with a judical warrant, and for very specific cases. Wiretapping was _complicated_.
Now, wholesale wiretapping is easy; so easy that a lot of people and companies take countermeasures. And now law enforcement wants "to have back" capabilities it never had?
Re: (Score:2)
Part of the appeal of RIM was that you knew governments weren't out there stealing secrets sent across your network. I understand that India has a legitimate security need to be able to wiretap communications and so on. But this isn't going to 'help' RIM. This takes away the only major competitive advantage they had, which was that using RIM meant you knew no one in the indian government was going to steal your work and sell it to someone else (which is a serious concern in india).
If anything, this just levels the playing field. And that's bad for RIM, because they aren't competitive.
I suspect that it will help them more than being kicked out of the country, though it certainly won't improve their product in any absolute sense...
Re: (Score:2)
I wouldn't even trust my uncles and cousins who work in pharmaceuticals oversight. In india.
And yes, china is far worse because the theft is state sponsored. India it's not state sponsored, it's more at the level of corporate espionage, and there's bugger all you can do about it.
Re: (Score:3)
Sorry to be pedantic
You're not being pedantic, you're living in a fantasy land. This isn't a legal treatise on just what should be the requisite standard for a wiretap, because that depends in large part on the details of the existing legal system. Wiretap rules in france and the US can be completely different but both reasonable. India has both the authority and a legitimate need to be able to wiretap communications in their own country. Suggesting they can't is wearing a tinfoil hat because you think they have satellites
Re: (Score:2)
which is still largely the desired place for college students to work
Relatively few graduates from outside of india want to go to india. When you're in india already then yes, governments jobs mean you can never show up and still get paid something, or you can use your position to try and enrich yourself with bribes.
Nothing like giving in... (Score:4, Funny)
... to a democratically elected government...
Re: (Score:2)
The government in india is democratic, but that doesn't make it any less corrupt to the bone. I wouldn't trust anyone in the indian government with my business secrets. Including my own relatives (who are in the civil service).
India is fully entitled to demand wiretap access. Democratic or not. But the whole reason to choose RIM over a competitor in india was precisely because the government couldn't get into the system, because you can't trust people in government to not just steal your secrets and sel
Re: (Score:2, Informative)
India's corruption puts any Western government to shame. Want to get anything done? You WILL pay a bribe, and a good one at that, down to the "untouchable" cleaning out poop out of the sewer.
The caste system still stays there, same with the attitude of helping people is considered bad juju since it interferes with their divine punishment.
Also remember: India isn't a friend to the West. During the Cold War, they were doing their best to cozy up to the Russians, and were willing to do almost anything for
Re: (Score:2)
India's corruption puts any Western government to shame. Want to get anything done? You WILL pay a bribe, and a good one at that, down to the "untouchable" cleaning out poop out of the sewer.
If you belong to the banker "caste" in the United States.. the laws apply differently to you. You can steal from the people, defraud them, gamble their pensions on the stock market, and then get bailed out by the Government .. and never ever have to face any kind of criminal investigation.
If you belong to the executive branch "caste" you can do anything you want, including assassinate your own citizens abroad via drone strikes. You can lie your way into invading and killing civilians in other countries and
Re: (Score:2)
To a very corrupt democratically elected government. The keys will be in the hands of Russian mobsters in a few days.
Re: (Score:2)
Evidently I should have enclosed the above in tags.
Re: (Score:2)
*sarcasm* tags. (original filtered out by /. darn editing software)
Re: (Score:2)
Democratically elected doesn't mean jack anymore, if it ever did. Do you know any democratic government that's not for sale to the highest bidder?
Re: (Score:2)
/me evidently thought that *sarcasm* tags were not necessary for this audience. Don't know why...
Re: (Score:2)
Most of the people here on /. would no know sarcasm if it were to bite them on the ass.
Re: (Score:2)
Perhaps we could arrange for them to be electrically shocked while it bit them on the arse, and simultaneously, offer the smell of raw steak.
Re:Nothing like giving in... (Score:4, Funny)
Sargasm. When your joke makes you laugh a little too hard.
Not quite the full story... (Score:5, Informative)
Please, the BES keys have not been handed over... because they can't be...
http://crackberry.com/rim-encryption-keys [crackberry.com]
BIS != BES.
Re: (Score:2)
"I did not steal the stocks or the bonds"
_Tales of the Black Widowers_, Isaac Asimov
Re: (Score:2)
Re: (Score:2)
I wouldn't want to spoil the story for you, but the point is that one must read announcements of this type very carefully as there is generally far more hidden in them that appears on the surface. So your assurances are not entirely... reassuring.
sPh
Re: (Score:2)
I don't know how BBs work, so this is pure speculation, but when connecting to a BES server, does the device require a specific key that is tied to that server, or merely any valid key? If the latter, then a man-in-the middle system could allow connections to BES servers to be spied upon.
Re:Not quite the full story... (Score:4, Informative)
It needs a specific key. A BES connection is secured by a key-pair that is generated when the BlackBerry is added to the BES. This allows for the 3DES encryption to occur for all communications over the BES connection.
The situation you're talking about applies to BIS where any handset can decrypt the encrypted messages.
This mis-understanding of the differences between BIS and BES lead to a lot of FUD unfortunately.
And you know Apple is keeping an eye on this... cuz India will be coming after them too for access to their iMessage comms, if they have not already done so.
Re: (Score:2)
Note that BES servers by default use 3DES and (i think?) MD5, but can with the click of a button be transitioned to AES / SHA.
Re: (Score:2)
My statement was based on (I think) the days of 4.x-- It is possible you are correct with regard to 5.0.
Re: (Score:2)
Re: (Score:2)
Yeah, my bad. An old throw back reference to the good old days. ;)
Moral of the story (Score:5, Insightful)
Moral of the story: If you do not control end-to-end encryption yourself, it is not secure.
Re:Moral of the story (Score:5, Insightful)
In this case you don't even control ANY part of the encryption, not even on your end. Something that is the absolute bare minimum for any kind of security.
Re: (Score:3)
Re: (Score:2)
Moral of the story: If you do not control end-to-end encryption yourself, it is not secure.
This ^ period.
Re: (Score:2)
This ^.
I'm glad i'm not the only one that gets annoyed by that.
Re: (Score:2)
Except there's no story here, as BES, the service that corporate Blackberry deployments use, _is_ end to end--the encryption key pairs are generated by the company that deploys a BES installation, and neither RIM nor anyone else has access to them, unlike SSL certificates etc. The article is about the consumer BIS service and doesn't affect enterprise.
Re: (Score:2)
Everyone in this thread seems to assume that all SSL keys are generated and provided by public CAs, who then could leak your private key. You can roll your own anytime you want. Then just tell the users and your servers to trust your public key. Works the same
It's OK... (Score:5, Funny)
Half the country has been unable to recharge their Blackberries for two days in a row anyway.
Saving Face (Score:5, Informative)
from the fine article:
"But he said there was no access to secure encrypted BlackBerry enterprise communications or corporate emails as these were accessible only to the owners of these services."
The reality is BES uses keys assigned by the owner of the BES server, RIM HAS NOT and CAN NOT give those to anyone, because they dont know them. This has been RIM's position from the begining, and still is. What they HAVE done is give access to the messaging services they run (and therefor have keys to) to the Indian authorities. My understanding is that this was always the case. The article really does not make the distinction between the two clear.
TLDNR: RIM gave what they always give anyone, some minister is useing it to try and save face. Poor reporting means it worked.
Re: (Score:2)
Misleading title (Score:5, Informative)
Already Debunked by RIM (Score:4, Informative)
"Although not all of a BlackBerry's messaging functions are encrypted, RIM has long maintained that it is unable to grant anyone access to its corporate e-mail service, which is encrypted from end-to-end. RIM responded in a statement late on Wednesday, saying it was necessary "to correct some false and misleading" information" that had appeared in the Indian media."
"RIM is providing an appropriate lawful access solution that enables India's telecom operators to be legally compliant with respect to their BlackBerry consumer traffic, to the same degree as other smartphone providers in India, but this does not extend to secure BlackBerry enterprise communications," the company added."
And *pof* (Score:2)
There goes the customers to some other solution that can't be eavesdropped.
Re: (Score:2)
Did any of you yahoos bother to read the article? (Score:2, Informative)
"RIM recently demonstrated a solution developed by a firm called Verint that can intercept messages and emails exchanged between BlackBerry handsets, and make these encrypted communications available in a readable format to Indian security agencies..."
Re:RIM's private keys (Score:5, Insightful)
Once again. For the last time....
RIM does NOT have the encryption keys used by BES servers. Those keys are held internally by businesses only, and those are then used (along with "random" data) to generate the device keys. Even if RIM somehow had the organization's master key, they wouldnt have access to the "random" data that was used to derive the device key (which is pulled from that "wiggle your mouse around for a while" procedure).
In other words, BES servers continue as unaffected as before. Call me when India figures out how to large-scale crack AES256 with unknown keys.
Re: (Score:2)
What you are describing is BIS. With B_E_S-- Blackberry Enterprise Server-- you run the server that is ultimately the endpoint for the blackberries. When you install the software, it creates its master encryption key; when you tie new devices into it, it uses that key to derive a per-device encryption key.
All data is sent thru RIM, yes-- but only after it has been encrypted by YOUR server with a key that RIM never gets a hold of. There isnt any question of RIM's goodwill here, but of their inability to c
Re: (Score:2)
It seems to me VPN or IMAP over SSL has all the advantages of BB without the risk they'll sell you out. And has for some time.
Re:Sell now (Score:5, Insightful)
It seems to me VPN or IMAP over SSL has all the advantages of BB without the risk they'll sell you out. And has for some time.
yeah, I was pointing this out to clients as early as 2004. I had a working IMAPS client on a Treo 650 at the time. They wanted Outlook integration over security (despite always talking about their multi-billion-dollar IP that had to be protected at all costs). Lesson learned: most people don't care about security, they just say they do.
Re: (Score:2)
I have noticed that news-reaction stock market swings are more responsive to the general public's perception of a news item than they are to the opinions of technical people who may, or may not, have a better grasp of the future business implications of a piece of news.
In other words, betting opposite of the sentiment you read on /. is likely to bring you better than average returns.
Re:Sell now (Score:5, Informative)
I hope you arent in a position where you advise anyone on IT.
Active Sync's security is in LARGE part dependent on the security of SSL. For a HUGE number of organizations, those SSL keys are self-signed, which provides about the same security of WEP. All that is needed to break in is to somehow get the device to reach out to your server, and then have your server present a similar self-signed cert. Even if you are using a "proper" cert, you can be "easily" bugged by a government, since a large number of governments are considered trusted root authorities (including China); this means they can generate their own certificate, claim to be your Exchange CAS, and your device will happily talk back and forth with it. Presumably at that point your device would authenticate to that rogue server; Im not clear in what form the credentials would be sent, but we're already into "danger" territory.
On the flip side, with a proper BES (which is NOT what is being discussed in TFA), SSL simply isnt in the loop. All communications are relayed through RIM, but the encryption keys (up to AES-256) are held completely internally. I believe (though I could be wrong) that each device has its own key which is derived from the master key, so under the absolute worst conditions someone could sieze a blackberry and -- shockingly-- have access to that user's email. But of course, they'd have to get around the in-memory encryption and flash encryption that a security-sensitive organization would obviously have enforced on their blackberries.
At the end of the day, if absolute security is a necessity, you probably dont want your employees running around with smartphones, but if you do, youre using Blackberry / BES because there STILL isnt a good competitor in that range. Plus, if we're completely honest, most androids are touchscreen, and touchscreen devices simply arent as good at fulfilling the role of business communication device. They have other perks, but from personal experience I can say that they are a massive letdown when it comes to email and phone.
Re: (Score:3)
PS, if you think IMAP is a serious competitor to what a BES does, you are even more in the dark than I originally thought.
Re: (Score:2)
Setting up a private CA and removing default CAs != self-signed cert. SSL can be set up securely.
Re: (Score:2)
Which is why its a good thing that BES doesnt use SSL certs.