Dubai's Police Chief Calls BlackBerry a Spy Tool

crimeandpunishment writes "Does the battle over the Blackberry ban in the United Arab Emirates have its roots in a spy story? Dubai's police chief says concern over espionage (specifically, by the US and Israel) led to the decision to limit BlackBerry services. The UAE says it will block BlackBerry email, messaging, and web services on October 11th unless it gets access to encrypted data. Comments by Lt. Gen. Dahi Khalfan Tamim are often seen as reflecting the views of Dubai's leadership, and would appear to indicate a very hard line in talks with Research in Motion."

Shoes a spy tool

[Dyinobal]

Shoes are also a well known spy tool. 99.999% of all spys use them.

Re:Shoes a spy tool

[erroneus]

It's not "weird" but it certainly calls attention to an interesting duality of standards. The people of the U.S. aren't quite as concerned when its own government does the things it does, but we tend to go ape shit when other governments do the same or even a lesser version of the same. We call it wrong and anti-freedom and all that while at the same time, we justify to ourselves that it is somehow okay for our own government to do this. I'm sure I will never see the day when people finally wake up to reality, but I hope they do.

Re:Shoes a spy tool

[icebike]

So you are saying that my private encryption key on my blackberry has been turned over to the US government?

You do know how it works do you not?
http://na.blackberry.com/eng/ataglance/security/features.jsp [blackberry.com]

Its my security key. Not Rims.

Re:Shoes a spy tool

[HungryHobo]

From the link you posted, did you even read that?
Or do you not use the system you posted?

"The BlackBerry Enterprise Solution offers two transport encryption options, Advanced Encryption Standard (AES) and Triple Data Encryption Standard (Triple DES)*, for all data transmitted between BlackBerry® Enterprise Server and BlackBerry smartphones.

Private encryption keys are generated in a secure, two-way authenticated environment and are assigned to each BlackBerry smartphone user. Each secret key is stored only in the user's secure enterprise account (i.e., Microsoft® Exchange, IBM® Lotus® Domino® or Novell® GroupWise®) and on their BlackBerry smartphone and can be regenerated wirelessly by the user.

Data sent to the BlackBerry smartphone is encrypted by BlackBerry Enterprise Server using the private key retrieved from the user's mailbox. The encrypted information travels securely across the network to the smartphone where it is decrypted with the key stored there."

Storing your private key in 2 places is traditionally a bad idea. Especially when one of those places is in the hands of a company which can be compelled to hand it over without telling you.

If the goal were to simply be able to send data securely between your secure enterprise account and your blackberry then your secure enterprise account should only have your public key with which to encrypt data it sends to you and your private key should remain in your hands and your hands alone.
Idealy the secure enterprise account shouldn't be able to decrypt your data at all.

Now this could be for the sake of efficiency since public key crypto takes more cpu cycles but simply put if the US government asked for your private key, lets say they sent an NSL, RIM would be able to give it to them.
That is not a secure system.
A secure system would be one where only you have your private key and where blackberry merely validates certificates.
In which case anyone who wanted to read your communications would have to perform an explicit man in the middle attack after strong-arming blackberry into signing a cert for them.

So to make it genuinely secure you'd have to use public key crypto and let people choose their own certificate service in which case it would be as secure as the cert service and devices themselves.

So you are saying that my private encryption key on my blackberry has been turned over to the US government?

Simply put, if they asked for it then yes, there's nothing stopping that.

Re:

[Jurily]

Now this could be for the sake of efficiency since public key crypto takes more cpu cycles but simply put if the US government asked for your private key, lets say they sent an NSL, RIM would be able to give it to them.
That is not a secure system.

Note how this is an Enterprise(tm) system. There is no expectation of privacy, only contracts and CYA.

Re:

[geniusj]

BlackBerry® Enterprise Servers are not run by BlackBerry. Although they do write the software, obviously. So, assuming all is well with the software, the two parties capable of decrypting your email are you and the party running the BES (which isn't BlackBerry.)

Re:

[gotpaint32]

Mod UP. Parent is a damn fool who obviously has no idea how BES works. This is not BIS we are talking about.

Re:

[wkk2]

Assuming safe key distribution, security comes down to whether or not the phone (or server) has an API that exposes the shared secret. I'm guessing that there will be (or is) a command to dump the key.

Re:Shoes a spy tool

[pitchpipe]

Why is it so weird when other countries in turn demand the same kind of access? If US wants to promote privacy of citizens, at least start doing it yourself first.

Just because our country does it, doesn't mean that we don't oppose it. We oppose violation of privacy in all its forms, including our own government's.

Re:

[ScrewMaster]

Sorry, but US demands EU and a lot of other countries to give them access to their peoples banking, financial and all kind of other data, and don't get me even started on the NSA listening devices and backdoors on major ISP's backbones. Why is it so weird when other countries in turn demand the same kind of access? If US wants to promote privacy of citizens, at least start doing it yourself first.

Uh, Mr. Fruitbasket, you do realize that Research in Motion is a Canadian company, don't you? Plus which, in your haste to make an anti-American comment early in the thread and thus score some cheap mod points, you didn't even notice that the GP was referring to shoes.

Besides, encryption is legal in the United States. If I want to encrypt my emails, or encrypt my voice communications, it's legal for me to do so. What was your complaint again? Oh, I'm supposed to give a damn about people in other countrie

Re:

[falconwolf]

Sorry, but US demands EU and a lot of other countries to give them access to their peoples banking, financial and all kind of other data, and don't get me even started on the NSA listening devices and backdoors on major ISP's backbones. Why is it so weird when other countries in turn demand the same kind of access? If US wants to promote privacy of citizens, at least start doing it yourself first.

I'm glad to say you're wrong. Many Americans oppose what their government does. In quite a few of my own posts

Re:Shoes a spy tool

[JustOK]

sorry, my shoe is ringing.

Re:

[ScrewMaster]

sorry, my shoe is ringing.

Ohhhh, Max.

Re:

[gtall]

Reminds me of a joke. Three Business School Product were sitting down at lunch and all were trying to show how technologically advanced their companies were. One guy starts tapping his fingers and then puts his thumb near his ear and his pinkie by his mouth and starts talking. Then he says goodbye and explains to his amazed buddies that his company had installed phones in their hands and their fingers do the dialing. One of the others, not to be outdone, starts touching various teeth with his tongue, lookin

Re:

[Sulphur]

Then another one sold him call waiting.

--

I can keep a secret. All my friends can keep one too.

Re:

[shentino]

I think it was making a point that correlation!=causation.

Re:Shoes a spy tool

[jc42]

What is the relation of shoes to this topic at all? Discussion was not about shoes and the TS was trying to make fun of the main topic.

Exactly. And public ridicule is often a very appropriate way to deal with such "Ban it all" approaches.

A local example: Here in Massachusetts, the courthouses have installed metal detectors in the doorways over the past few years. There were news reports explaining that a huge number of weapons (over 17,000 in one report) had been confiscated from people entering the courthouses in the previous year. Some local reporters got a bit curious about this and interviewed some of the managers, who were audibly reluctant to answer questions about just what kinds of weapons people had tried to bring into the courthouses. After a while, the interviewers finally got an admission of what these weapons were: "pocket knives, of the Swiss Army type".

That's right, they were classifying pocket knives as "weapons". And when pressed to admit this, they described such knives with phrasing intended to make them sound like military weapons.

It's quite common for security folks to use this sort of PR tactic to make it sound like they're detecting huge rates of attacks from people intent on doing harm. Similarly, when we've got the details of the ongoing huge numbers of computer "hacker attacks", it has sometimes turned out that they're counting incoming pings as "attacks", probes in the same class as port scans.

When we hear or read vague language like "spy tool" to describe threats, we should always suspect that they're including normal, everyday uses of tools in this catchall classification. We should try to learn more details of what they're really talking about, and how they're planning to deal with it. Ridiculing them by pointing out that shoes are also "spy tools" is quite appropriate, to highlight the misleading nature of that phrase. Similarly, pings are "hacker tools" and pocket knives are "Army type weapons". This sort of misuse of language is a standard propaganda tool that should be exposed.

Re:

[AHuxley]

A Canadian company has to bend over to to wishes of the Canadian gov that enjoys working with the NSA.
Canada did consider going it alone for crypto after ww2, the the US and the UK both had reasons to pull Canada back in.
The US did not want an intel free for all between the UK and Canada. So the US/NSA worked very hard to make sure Canada got crypto and intel as did the UK, NZ and Australia. The gift back was very close, long term work. The idea that Canadian crypto work, public or private was ever o

Re:

[ScrewMaster]

yes; I have seen the contract documents.

I will re-iterate the GP's comment: Oh really, and you have proof of it in this instance?!

Saying you've seen documents is not proof. It's just ... some A.C. on Slashdot saying he saw documents. Meaningless.

PGP

[VincenzoRomano]

Is a much better spy tool. And you cannot block all email to and from all servers!

Re:

[antifoidulus]

PGP does have one weakness that an encrypted blackberry server wouldn't have though. Namely that it's still possible to determine who a person is sending mail to. Now good spys would set up an elaborate relay system, but we have seen how clumsy "superspys" can be with technology on occasion....

Re:

[Cwix]

You'd think spies would make use of some sort of onion routing.

http://en.wikipedia.org/wiki/Onion_routing [wikipedia.org]

Re:

[antifoidulus]

Onion routing still doesn't prevent the authorities from eavesdropping communications between the isp and the spy, it would just make spying on anything after that incredibly difficult. Ultimately if you really want protection just buy a satellite phone that allows for end to end encryption, it's more expensive but worth every scheckel.

Re:

[AK Marc]

Throw-away Gmail accounts and encryption would be cheaper, simpler, and just as "safe" assuming no one person is captured and new emails are used for every action. And a country that really wanted to could block or track satphones (who they talk to, if not obfuscated, but not what they say, if encrypted). And it really sucks that they don't work indoors. Skype on a data network would be easier, or just use a SIP client, or an encrypted SIP client or any of a variety of ways that are just as safe (and muc

Re:

[Tacvek]

How would onion routing not prevent that? The messages to the onion router are encrypted, so the ISP can see that the user is using encrypted comms, but has no idea who is receiving the encrypted message.

Onion routing is based on an incomplete earlier anonymous remailing system created by a subset of the TOR team (the type II system: Mixminion). The routing was similar technically, except that a message would normally have ten relays rather than 3. Besides the messages being encrypted, the links between nod

Re:

[mr_mischief]

That's what TLS is for.

Re:PGP

[TyFoN]

And with APG [thialfihar.org] and k9mail [google.com] on Android [android.com] this is simple to use on a mobile phone. I bet the UAE (and the USA) government would have a fit if everyone sent emails with 4096 bit encryption.

Politically prompted?

[allaunjsilverfox2]

You have to wonder if this guy isn't looking for some kind of promotion. The easiest way to go from nobody to somebody is to get noticed.

Re:Politically prompted?

[ToasterMonkey]

So if RIM were a Chinese company, or better - Iranian, or say head quartered in Dubai, would you have any problems with BlackBerries being used by the majority of our government officials & heads of industry? These people have more than enough reason to be wary of our intelligence services.
Without knowing any specifics, you should at least have a _little_ faith in their (our intel) capabilities. It's just a little silly to think the rest of the world is just a bunch of tinfoil hat types when it's no secret that we, and everybody else do pay people to collect information on, stuff. AKA spy.

Re:Politically prompted?

[Peeteriz]

RIM has made it known that they are giving the encryption keys to BlackBerry communications to various governments - ergo, it makes some sense for Saudi Arabia to say that Saudi businessmen are not allowed to use them despite the convenience, due to risk of business espionage by foreign governments.

Re:

[falconwolf]

RIM has made it known that they are giving the encryption keys to BlackBerry communications to various governments

Citation needed.

I know I would not trust or use a form of communications for what I want to keep private if government, any government, was able to read messages. People have already complained they don't want Indian government employees giving Indian businesses that compeat access to their communications. And where government has that access someone can buy access as well.

Falcon

Only if they were dumb about it

[Sycraft-fu]

If they were all passing through Blackberry's central servers, then sure, I'd be worried. However if they had their own BES and were doing end-to-end encryption to it (which it will do, that's why the US government uses them)? Then no.

Also I'd be far more worried about regular cell phones and the like, I'd think the NSA would have a much easier time monitoring those.

This Blackberry shit really looks like BS. It looks like corrupt officials want to get access to what is happening in their country so they can

Re:

[DDLKermit007]

Well China is a fairly easy target to beatup. Seeing as how government officials have repeatedly been showing willingness to screw over one party, or a foreign business group for the benefit of someone they know. There, the government is just a partner of your business. If they aren't? You can bet your ass they'll be helping your competitor because you wern't in lock step with them.

Hit submit by accident

[Sycraft-fu]

What I was also going to say is: If I was a counter-intelligence chief and particularly one in a country where the government could force their will internally easier than the US, and I was concerned about a device being used to spy, I'd push to have the device banned. We'd work to get rid of them and run public education campaigns letting people know that they could be spied on using them. That is how to make it safe. I wouldn't ask for access to the data. That gets me nothing in terms of preventing others

It doesn't take much to torture a person.

[falconwolf]

True but information gathered that way can not be trusted. Even if they know nothing people being tortured will say anything to end the torture.

Falcon

Re:

[Runaway1956]

Seventy years? You think you have to go that far back to find a dictatorship? Read current events, and you can find one totalitarian state in existence right now in Korea. At least 3 repressive theocracies, in existence, right now. We can list some de facto dictatorships in the last 40 years, no matter the names they used for their nations and/or governments. Pol Pot and Idi Amin come readily to mind, as does Saddam Hussein. Maybe people like yourself don't recognize a dictatorship unless and until th

Re:Politically prompted?

[HungryHobo]

http://www.planetrulers.com/current-dictators/ [planetrulers.com]

authoritarian regimes/dictatorships

Algeria - Abdelaziz Bouteflika, President of Algeria
Angola - Mr. Jose Eduardo dos Santos, President of Angola
Azerbaijan - Ilham Aliyev, President of Azerbaijan
Belarus - Aleksandr Lukashenko, President of Belarus
Bhutan - Jigme Khesar Namgyal Wangchuck, King of Bhutan
Brunei - Sultan Haji Hassanal Bolkiah Mu'izzaddin Waddaulah
Cambodia - His Majesty King Norodom Sihamoni, King of Cambodia
Cameroon - Paul Biya, President of Cameroon
Chad - Idriss Deby, President of Chad
China - Hu Jintao, President of China
Congo, Dem. Rep. of - Isidore Mvouba, Prime Minister of Congo
Côte d'Ivoire - Laurent Gbagbo, President of Cote d'Ivoire
Cuba - Raul Castro, President of Cuba
Egypt - Hosny Mubarak, President of Egypt
Equatorial Guinea - OBIANG NGUEMA MBASOGO, President
Eritrea - Isaias Afwerki, President of Eritrea
Guinea - Lansana Conte, President of Guinea
Iran - Mahmoud Ahmadi Nejad, President of Iran
Iraq - Jalal Talabani, President of Iraq
Kazakhstan - Nursultan Nazarbaev, President of Kazakhstan
Laos - Lieutenant General Choummaly Sayasone, President
Libya - Muammar Abu Minyar al-Gaddafi, Leader of Libya
Myanmar (Burma) - Soe Win, Prime Minister of Myanmar (Burma)
North Korea - Kim Jong-il, President of North Korea
Oman - Qaboos bin Said Al-Said, Prime Minister of Oman
Pakistan - Pervez Musharraf, President of Pakistan
Qatar - Sheikh Hamad Bin Jassim Bin Jabr Al-Thani
Russia - Dmitry Anatolyevich Medvedev, President of Russia
Rwanda - Paul Kagame, President of Rwanda
Saudi Arabia - King Fahd bin Abdul Aziz, King of Saudi Arabia
Somalia - Abdullahi Yusuf Ahmed, President of Somalia
Sudan - Omar H.A. Al-Bashier, President of Sudan
Swaziland - Mswati III, King of Swaziland
Syria - Bashar al-Assad, President of Syria
Tajikistan - Emomalii Rahmon, President of Tadjikistan
Thailand - Surayut Chulanon, Royal Prime Minister of Thailand
Togo - Faure Essozimna Gnassingbe, President of Togo
Tunisia - Zine el Abidine Ben Ali, President of Tunisia
Turkmenistan - Gurbanguly BERDIMUHAMEDOW, President of Turkmenistan
United Arab Emirates - Sheikh Khalifa bin Zayed Al Nahyan
Uzbekistan - Islam Abdughanievich Karimov, President of Uzbekistan
Vietnam - Nong Duc Manh, President of Vietnam
Zimbabwe - Robert (Gabriel) Mugabe, President of Zimbabwe

Re:

[boxwood]

uh that list is wrong. If Thailand and Cambodia are dictatorships ruled by their respective monarchs, then the UK is a dictatorship as well.

nice marketing

[fadethepolice]

all the news lately makes me want to buy a blackberry.

We're worried you're spys because

[meerling]

we can't read your encrypted messages and are too stupid or too lazy to crack them ourselves, so won't you please give us the golden master keys to the kingdom?

Re:

[Nursie]

You mean just like the US and UK governments do through legal or extra-legal means? Installing data taps in ISP and telephone providers operations centres? Demanding encryption keys from companies and private citizens alike?

Let's not pretend that these are tinpot developing nations - these guys are following the example set by #1!

Re:

[Nursie]

"let's get this straight right off: there never existed, does not exist, and never will exist a government that does not spy on its citizens
do you understand that? it's called law enforcement."

FAIL.

Law enforcement doesn't need to spy and should not spy without reason and a court order. It is spying and watching as a matter of course,, prying into everyone's lives for no reason, that is the issue here.

And for fuck's sake lay off the "you just try that in iran and china!" line, it makes you look like a moron.

Re:

[the_womble]

That is the way it should be, but it is not the way it is anymore.

There has been warrantless tapping in the US, and a reduction in oversight generally, while EU law now REQUIRES that ISPs and phone companies record EVERYONE's activities/

Re:

[roman_mir]

aaah, the usual circletimessquare, trolling some more.

Flame on, circletimes, flame on.

Re:

[jedidiah]

> you are a fucking idiot.

NO. It looks like someone hit YOU a little to close to where you live.

a system that pays attention to impenetrability

[circletimessquare]

in countries that pay a premium on authoritarianism?

the only thing i wonder is why is this story happening in 2010 and not earlier?

The west already wiretaps Blackberry emails

[Anonymous Coward]

Western intelligence services already have access to Blackberry servers - and had for years.

Beyond actual wiretap API interfaces provided by RIM there's also a net of broad packet-capture: as had been documented in detail here on Slashdot, AT&T had been running raw, spliced optical cables straight to the NSA headquarters since late 2001, carrying most of the raw IP traffic in the USA - including most unencrypted Blackberry emails as well.

Any new encrypted service that offers no access for intelligence a

Re:

[khallow]

I think it's fairly evident that God opposes IP. After all, his communications and other intellectual property has always been public domain.

Also, what's your position on tyranny? Good/bad?

The ND license of Revelation

[tepples]

Apart from the 1611 edition, the majority of translations of the Bible into English are copyrighted. Furthermore, the book of Revelation has what appears to be a NoDerivs license on it: (Rev 22:18-19 [biblegateway.com]).

Re:

[roman_mir]

I see copyrights and patents as impediment to economy, they all must be abolished and I am a developer.

Re:

[the_womble]

God does not want people to breach state mandated monopolies? What next - God supported Stalin?

Artists made a living for millennia before copyright law.

Many professional programmers choose to make limited use of copyright protection (open source licences) or even waive them altogether (stuff like SQLite that is public domain).

Re:

[mr_mischief]

You forget that Jesus was the son of God (or God himself, or a part of God himself, or some combination depending on who you ask) and that the IP on plants and animals belong to God. ;-)

Besides, people gave Jesus the loaves and fishes. He made copies of his own loaves and fishes, not copies of someone else's.

Re:a system that pays attention to impenetrability

[lewko]

Spoken like a true Arab Minister for Propaganda.

Step 1: Blame Israelis.

Step 2: Clamp down on your own citizens.

Step 3: Repeat.

Re:a system that pays attention to impenetrability

[the_womble]

As the GP pointed out, Israeli intelligence actually murdered people in Dubai. Given that, they do have a reason to be a bit wary of the risks posed.

OF course it is a nasty feudal dictatorship, with a modern gloss to hide its underlying backwardness, but it still has genuine enimies.

Re:

[blackraven14250]

As the GP pointed out, Israeli intelligence actually murdered people in Dubai.

I'll point out that despite there being a good indication that this is the case, there's not enough proof to convict if this were a murder case in the US.

Re:

[rtfa-troll]

Ah yes; because you have special privileged prior access to the full Dubai file? I mean, I admit that I don't have enough evidence to prove it's Israel. I'll even believe you don't have enough evidence. I'm just not sure that that's really relevant to the question of whether Dubai has enough evidence..

Re:

[Skapare]

Even if Israel did do murders in UAE, which I do not disbelieve, that just makes it easier (at step 2) to carry out their goals (at step 3). Israel isn't the cause; it just makes it easier.

Re:

[jedidiah]

> Even if Israel did do murders in UAE, which I do not disbelieve,
> that just makes it easier (at step 2) to carry out their goals
> (at step 3). Israel isn't the cause; it just makes it easier.

You really have to wonder if it's worth throwing away the baby with the bath water here. Dubai seems to be all about the money.

What's a few Israeli's running amok when there's money to be made?

You could easily apply the same stupid logic to ANY country and
completely undermine whatever liberty and business cli

Is there anything special about RIM security?

[sl149q]

What is so special about RIM security (speaking as a non-RIM user here...)?

If I have a Blackberry (or any smartphone, say Android or iPhone) don't I just point at a mail server with IMAP and pick up stuff with SSL/TLS? Are the "spies" so stupid that they wouldn't just point a a non RIM mail server?

And as mentioned above then you can start using PGP for the content as well.

Re:

[flyingfsck]

Fortunately, most spies and terrs really are that stupid.

Re:

[oiron]

Another non-blackberry user here, but from what I understand, what they provide is something like PGP on top of mail; your message gets encrypted using a private/public key system such that it's not vulnerable to man-in-the-middle attacks, which SSL/TLS (https/imaps) can be susceptible to.

Re:Is there anything special about RIM security?

[Lehk228]

the blackberry connects to RIM and RIM connects to your email, or if you are corporate the blackberry points to the corporate BES server, the link between the handset and RIM or between the handset and your company's BES server is heavilly encrypted, and in the case of BES servers even RIM cannot access the data, only your company's security staff and other authorized users, making it suitable for communicating confidential and trade secret information that a regular smartphone should not be handling. BES is also able to remotely control security settings and initiate a secure wipe.

Re:

[binaryspiral]

Get an iPhone or windows mobile and get yourself a hosted exchange account in anoter country. Same deal only not centralized like rim.

If I were to travel to UAE with my iPhone would they block the encrypted link to my Exchange server?

Re:

[Lehk228]

if your company has a BES server it's not centralized, it all goes through your corporate BES server.

Re:

[falconwolf]

Get an iPhone or windows mobile and get yourself a hosted exchange account in anoter country. Same deal only not centralized like rim.

Businesses can set up their own Blackberry Enterprise Server [blackberry.com], so Blackberries can be decentralized.

Falcon

Re:

[AHuxley]

Quality point to point encryption via Canada is the big seller.

Re:

[drolli]

Also speaking as a non-RIM user:

does your phone warn you if you encounter a changed ssl certificate for the domain your mail client is connecting to?

Re:

[trapnest]

I powered up a blackberry that had been off for a few years. The clock was set to not get the current time from the network and was set to some time in 2007, making most (if not all) of the security certificates invalid. The Blackberry displayed a warning dialog for every connection till we corrected the date. So yes, BBs do warn for invalid certs.

Re:

[drolli]

my comment was about the other phones. I hope BBs check the certificate. i know other phones cant do it correctly.

Re:

[alfredos]

I have managed a Blackberry Enterprise Server. I don't want to manage another one. It's weird and, as you say, you can't get control of everything without nontrivial hacking. That was the first thing I deeply disliked about it (there are more, but not relevant to this discussion).

If that architecture works for them, then good for them. However, I can understand that governments get pissed about it. Heck, even the (rest of the) US government was quite pissed when Obama stated he wouldn't give up on his Blac [cnn.com]

I Know!

[PinkyGigglebrain]

The rulers of Dubai wants to know what the CEO of Haliburton [wikipedia.org] is doing.

Or they just want to be sure that its harder for the rest of the world find out about its dark side [independent.co.uk].

Just as well I was already planing to never visit the place.

If only he knew.

[stalkedlongtime]

It's

Re:

[EnsilZah]

Monty Python's Flying Circus?

Let's try this again. "If only he knew..."

[stalkedlongtime]

It's practically a given that TEMPEST-like capabilities moved to satellites, decades ago. Combine that with ECHELON or something like it, and everything that everyone is displaying on their screens (Internet-connected or not) is probably being hoovered up by at least one intelligence agency. Including what's on the screens of those precious Blackberries.

Re:

[Panaflex]

TEMPEST at a few hundred feet is pretty remarkable... you think it can be done in a satellite 50 miles high? Plus there's considerations such as the van allen belt and the ionosphere acting upon wavelength propagation, never mind the noise and attenuation distortions wielded upon an 2GHz+ clock rate of a typical system bus, or voltage balanced and shielded video cables at such great distances.

Now if you're thinking about satellite sweeping for wifi or cellular then it would be almost a given and certainly

Re:

[lewko]

I need thicker tinfoil.

One single mistake and BB/RIM will be doomed

[Ilgaz]

Everyone in civilized/democratic places, especially large businesses which are RIM's real market are watching these news.

If Blackberry is magically loved in those territories, it means they handed the keys to them and people will immediately think they are _already_ being watched for a long time.

I really think RIM should consider getting OUT of these markets instead of losing the image of secure communications. Once they lose it, it will be like a domino.

Look to Youtube, a certain country said "pull this video, pull that, setup office here, pay taxes". You know what Youtube did? Ignored! Don't they lose money/marketshare? Of course they do.

It is a closed system, that is where they lose. Nokia or Apple can say "hey, they are enabling SSL on IMAP, there is absolutely nothing we can do." RIM, as there is a central server, can't do it.

It is always and always about open standards.

Re:

[Lehk228]

i would rather see an option for handset to handset crypto, allow secure messages between non-BES handsets and handsets on different BES servers. they could use the barcode scan system that the latest version of BB messenger uses to add friends using the screen and camera

Re:

[mxs]

Look to Youtube, a certain country said "pull this video, pull that, setup office here, pay taxes". You know what Youtube did? Ignored! Don't they lose money/marketshare? Of course they do.

Sorry to burst your bubble, but that is simply not true. Try surfing YouTube in Germany, for instance. Lots and LOTS of videos are pulled or "not available in your country", they do pay out some local media conglomerates, and, guess what, Google has offices here too.

Re:

[Late Adopter]

I am curious how many of those videos are unavailable because Google can't legally distribute them under copyright law (or contractual agreement, etc), or because they can't legally distribute them under offensiveness statutes.

At least with the latter Google can't be sued in the US for their actions in foreign markets.

Re:

[drinkypoo]

Everyone in civilized/democratic places, especially large businesses which are RIM's real market are watching these news.

If Blackberry is magically loved in those territories, it means they handed the keys to them and people will immediately think they are _already_ being watched for a long time.

I don't know about you, but I in particular live in a country where the government is known to have tapped all long distance voice calls and all internet traffic. Obviously they can't scan all internet traffic for keywords but they can scan a subset. To me, to believe that the US government is NOT listening in on crackberries would be the height of naivety.

Re:

[Kjella]

Look to Youtube, a certain country said "pull this video, pull that, setup office here, pay taxes". You know what Youtube did? Ignored! Don't they lose money/marketshare? Of course they do.

YouTube got it easy, they don't have to "shut down" anything. It's highly unlikely users will get harassed for finding a way to visit YouTube. I think there's even legislation in place to prevent a US-based service from being arsed by foreign libel lawsuits and the like. RIM is a physical product, they probably have offices with a lease, people with work contracts and most of all if they'd harass everyone with a Blackberry or worse, confiscate them then that would have a rather big business impact. It might

Re:

[binaryspiral]

Open standards or ActiveSync with exchange. Gives you the same basic features as BES (encrypted traffic, remote wipe, and policy enforcement) without a central network.

Each exchange server uses it's own ssl certain

Just mobile? What about internet?

[gmuslera]

https is a spy tool too? If i go with https to gmail, and post anything, unless they have a keylogger or something similar in whatever im using to access it, functionally are in the same situation. Worse, what about crypto tech? Tor?

quality of the tool depends on the user

[ChipMonk]

In the hands of a skilled person, including a skilled spy, anything can be useful for any purpose. Even a common orange has its place in a spy's toolkit. Do you really think that's chewing gum in his mouth?

Every tool has uses that conformists never ponder. Critical thinkers are already ahead of the curve of every government. Of course, no government is willing to admit it (out loud).

Re:

[jd2112]

In the hands of a skilled person, including a skilled spy, anything can be useful for any purpose. Even a common orange has its place in a spy's toolkit. Do you really think that's chewing gum in his mouth?

Even Paris Hilton has 'Special' gum....

Re:

[ScrewMaster]

In the hands of a skilled person, including a skilled spy, anything can be useful for any purpose. Even a common orange has its place in a spy's toolkit. Do you really think that's chewing gum in his mouth?

Even Paris Hilton has 'Special' gum....

Yes, and she is glad to see you.

Re:

[account_deleted]

Comment removed based on user account deletion

Phoning it in

[sensationull]

Damn, even the spys are just phoning it in now.

Dubai's Police Chief Calls BlackBerry a Spy Tool

[IorDMUX]

Very well.

I call Dubai's police chief a Tool.

The real issue

[lewko]

Dubai's police chief says concern over espionage (specifically, by the US and Israel) led to the decision to limit BlackBerry services.

Well of course he would say that. Despotic Arab regimes have always used the US and Israel as an excuse for their own totalitarianism and oppression of minorities.

The article details the real reason, as if it wasn't obvious:
Tamim told a conference on information technology that the proposed BlackBerry curbs are also "meant to control false rumors and defamation of public figures due to the absence of surveillance,"

Translation: It promotes freedom of expression, and limits the government's ability to control its people, which frightens the shit out of Arab dictators.

Re:

[ScrewMaster]

Except smartass, this time Israeli spies really did land in Dubai, use Blackberries, assassinated someone and left.

Dubai police can't decrypt the messages sent by the spies.

DO YOU SEE THE PROBLEM? OR ARE YOU TOO MUCH OF AN AMERIC*NT TO FIGURE IT OUT?

Yes, because of course a highly-trained and experienced Israeli hit squad couldn't have just used regular unencrypted voice telephony to complete their mission. They hardly needed Blackberries, assuming they really did what they're accused of (not saying they didn't, nor do I care for that matter.) All that will happen is that the Israelis, the next time they decide to whack someone in Dubai, won't bother using Blackberries. For that matter, now that they know the things are being monitored, they can probab

To put it this way

[JanneM]

Say that there's a group of people connected to some country that is opposed to US and its interests. There's a fair amount of resentment towards the US and its culture, and the country isn't exactly known as peace-loving and dovish. These people could be semi-official (non-legal spies from their embassies), or they could be private people working for this country.

US intelligence people find out about these people, try to track them, see what they're up to. Unfortunately, a lot of their communication is goi

India

[guyminuslife]

Is it just me, or is it that since RIM's shown that they'd give ground to world governments (even if it's a face-saving maneuver, as some here have said), that everybody and their brother now wants access to their servers?

Nothing to do with it ...

[daveime]

Having spent a couple of years in the UAE back in the 90's, I can tell you the ban has NOTHING to do with spying, and everything to do with Etisalat (the national phone company) desire to control all aspects of IT in the country.

Years ago, at the advent of the mobile, you could get one (1) model of phone in Abu Dhabi ... the "Hud Hud 1" was the model name, I remember it fondly, with it's external antenna that almost took your eye out, and it's inability to hold a call for more than 5 minutes. You couldn't even use it indoors, I had to sit outside in the bloody desert with only camel spiders for company, to call my girlfriend who worked in Abu Dhabi city. Text hadn't even been invented, so it was calls only.

There was one (1) phone model, one (1) line provider, one (1) internet provider, one (1) e-mail service, and it was All Etisalat provided.

Now, 12 years, later, there is a few more phone models, but still only one (1) line provider, one (1) internet provider, one (1) e-mail service ... wanna take a guess who it is ?

Whichever of Sheikh Khalifa's brothers is running Etisalat doesn't want his business fucked up, and the possibility of anyone using IT without Etisalat getting their pound of flesh is unthinkable. THAT is why they are putting the screws on RIM.

Re:

[binaryspiral]

RIM would do well to pull out of UAE and show the world they give a shit about their customers' privacy and won't be bullied like a third rate carrier into handing over the keys to the castle.

Re:

[auric_dude]

They may well be the bad guys http://yro.slashdot.org/story/10/08/14/0012254/EFF-Asks-Verizon-Whether-Etisalat-Deserves-CA-Trust [slashdot.org]

If

[Dunbal]

The blackberry is a spy tool then surely the Dubai police are terrorists...

Contributions

[b4upoo]

Dubai can have no direct military interests from us as they are essentially an unarmed society. But I would bet money that we do keep tabs to see if governments are supporting terrorist groups in near by states. If the politics of the region cause Dubai to be pumping money to the Taliban then Dubai becomes a legitimate target for our military. We also need to know if Dubai is supporting Iran.

To be fair...

[Lord Kano]

You don't think that they haven't given the same access to the US and Israeli governments, do you?

LK