Blackberry Offers 'Lawful Device Interception Capabilities' (itnews.com.au) 137
An anonymous reader writes: Apple and Google have been vocal in their opposition to any kind of government regulation of cell phone encryption. BlackBerry, however, is taking a different stance, saying it specifically supports "lawful interception capabilities" for government surveillance. BlackBerry COO Marty Beard as much at a recent IT summit. He declined to explain how the interception works, but he denied the phones would contain "backdoors" and said governments would have no direct access to BlackBerry servers. The company may see this as a way to differentiate themselves from the competition.
This makes me want to run out and get a Blackberry (Score:5, Funny)
Re: (Score:3)
Yep. As long as the government has gone through the proper procedures and has a lawfully obtained warrant, then I most certainly want to make sure they can access my private communications. Smart move by Blackberry to differentiate their product that way! I'll get rid of my iPhone next chance I get and proudly buy a Blackberry.
For the sarcasm impaired, please disregard my comment.
Re: (Score:2)
Smart move by Blackberry to differentiate their product that way!
Blackberries are still being made? Rather, are they still being sold??
I thought that they had a historical hold on corporate world -- and I thought that even that was pretty much gone (Liberty Mutual has made a switch, at least in some departments, a couple of years ago).
Re: (Score:1)
The funny thing is....now BB's biggest customers are governments. So this should put the final nail in the coffin for them, as governments would definitely not want a backdoor in their devices...
Re: (Score:2)
Blackberry is relying on the corporate world's reluctance to change. So long as Blackberry is the tried and true, management will keep on buying them. After all, spying by the government is not a concern for them.
This attitude will change the first time some corporate spy, Chinese or otherwise, slips through that backdoor.
Re: (Score:1)
Yep, they used to have a stranglehold on the corporate world, mostly because the executives always had Blackberries (and absolutely loved them) and IT refused to support anything else.
Then the execs all got iOS devices and ditched their blackberries and told IT to support iOS devices (or look for a
Re: (Score:2)
Re: (Score:2)
Maybe BB thinks to cater to the
If its in the phone it ignores jurisdiction (Score:1)
Even the "nothing to hide" group would fear this. If the handset can intercept comms, and its not done in the network, then it can be done across jurisdictions. e.g. Russian user is spied on by US using US warrant against Blackberry. China spies on foreign dissidents using it. Journalists targetted in Europe based on US warrant etc.
Re: (Score:2)
The problem is idiots try to use this idea to ignore enshrined rights. NO matter how badly you want into my computers, you have no right to tell me that i HAVE to give you a way to read my work. Thats not a power my government has. It should not be illegal to build a computer that cannot be read by anyone but me. Governments DO NOT
Re: (Score:2)
Right: they should be allowed, yet it should be impossible for them to actually do.
It's sort of like how I'm allowed to be President of the US. But unless everybody else in the world totally screws up to comically-negligent degree (what the fuck were you thinking, voting for me?!), it can't possibly happen.
Cops are allowed to travel to Alpha Centauri. FBI employees are allowed to live to be a thousand years old. NSA crackers are allowed to have unlimited antimatter-reactor energy for free. Our laws shoul
Re: (Score:1)
Do you also think that they should be allowed to probe your thoughts and memories with a mind probe with due cause and a legally obtained warrant issued by a judge? Or should they be able to torture you with a legally obtained warrant issued by a judge? Can they slowly drill a hole into your child's head in front of you until you sign a confession with due cause and a legally obtained warrant issued by a judge? Can they do those things to everyone in an entire town or city with with due cause and a _one_ le
Re: (Score:2)
The really funny part... (Score:1)
Re: (Score:3)
You mean like the full encryption on lock, and the end-to-end encryption for iMessage?
Re: (Score:3)
Sarcasm aside, that's pretty much the goal, yes.
Now, I (thankfully) haven't worked with BlackBerry products in many years, and I had hoped/expected that things had changed, but pretty much all phone data used to be stored on company-managed servers. The government wouldn't have direct access, but corporate IT staff would.
From the little information in TFS, it sounds like the phones are not the vulnerability, but a central server under corporate control would be a suitable target for court-ordered surveillan
Re: (Score:2)
You know, I actually do feel that way? There's a reason they put the fourth amendment in the constitution. There are people we as a society want the government to be able to catch, if they do it properly.
That's the thing though - they fucked up. They had this interception treasure trove and were caught with their hands in the cookie jar because they're too afraid of the public to stick to what they're... you know, allowed to do. Their lawyers can explain until they're blue in the face how it's not technical
How secure is the backdoor? This is my worry. (Score:2, Informative)
My worry isn't lawful interception. However, backdoors and such mean that -someone- out there has a master key. And who knows how it is stored? If it falls into the wrong hands, it can utterly destroy a product, or even destroy companies if the backdoor winds up being used for advantages (knowing what competitors are bringing to the table, finding weak points to attack the company, or good old fashioned extortion/blackmail.)
Let's say the backdoor is a large RSA key. There will be organizations, includin
Re: (Score:3)
After all, who wouldn't want all governments to be able to spy on you?
FTFY.
The claim that there isn't a backdoor suggests that they are keeping the key in escrow, so eventually you can expect a .torrent to appear with an SQL database full of Blackberry keys, at which point you will know that several national intelligence services have had full access for a few years before some amateur got in.
Re: (Score:2)
Even if you were to trust the gonernment having a back door means there is one more spot for a hacker to target. How long do you think it will take for it to be exposed than abused by the bad guys.
Re: This makes me want to run out and get a Blackb (Score:2)
The annoying thing is I was actually considering the priv for my next phone. Because they actually went through the effort of getting it fips 140 acredited. This stance just makes me want them to die.
Re: (Score:2)
And depending on which government you are under it may vary what's lawful.
What Blackberry says is just "We aren't secure anymore, so if you have concerns pick Android or Apple".
Nail, meet coffin (Score:5, Insightful)
It's really hard to put nails into your own coffin from the outside, but DAmn are they trying.
Re:Nail, meet coffin (Score:5, Insightful)
I think this is some sort of wild Hail Mary Pass gambit where somehow the US and UK will outlaw all phones that don't have back doors, and Blackberry will become the only legal smartphone and... PROFIT!!!!
It sounds stupid, but just about everything RIM/Blackberry has done for the last five years has been just unmitigated stupidity.
China, N. Korea are the target market (Score:3)
Interesting comment, made me think...
So, thinking of this as a phone specifically enabled with spying capabilities as a feature you're right, the logical customer for such a phone is an oppressive government.
I can think of several totalitarian governments that would love a phone with baked-in spyware!
FBI could not use it (Score:1)
What if the FBI had to investigate the NSA? Could they do it? With these phones? Because law is multi-layered and often ignored (as Snowden leaks showed). They could not usethese phones if the target is a suspected lawful agency gone rogue.
Re: (Score:2)
Or a company. Having everything done with the phone recorded could easily become a hit amongst the control freak wing of the HR.
Re: (Score:2)
Re: (Score:1)
I know surveillance is bad, but necro-surveillance is just ... disturbing.
Re: (Score:1)
Part of the FCC code is that you can't create devices that prevent interference by other devices...
That's a misinterpretation.
Re: (Score:3)
This isn't something new for them, they've always been right at the front of saying: 'Yes, here are the ways you get direct access to our system'
Its been noted in several slashdot articles in the past, mostly revolving around how they actively support oppressive governments spying on citizens and suppression of free speech by monitoring and disappearing violators.
Blackberry has done this since day one.
Re: (Score:2)
Not really, there are many people who don't care about this. I've got a friend who has a Blackberry and she's been sold on it's security. Even when I've told her that they aren't as secure as the latest Android and iOS devices (at least she doesn't look at me as if I'm wearing a tin foil hat) she replies doesn't care if the government can get her data because she has nothing to hide. The end to end encryption doesn't matter to her.
The thing the might convince her to change is the camera. The other day we
And just as quickly as they gained my interest... (Score:2)
The new BB with slide-out keyboard running Android looked quite interesting to me and was potentially going to be my next phone.
Looks like that's not going to happen now.
BBRY.OTCBB (Score:2)
Pink sheets anyone?
Re: (Score:2)
Re: (Score:2)
And by implication... (Score:2)
Blackberry Offers 'Unlawful Device Interception Capabilities', since the capability is entirely orthogonal to the legality. Sounds like a great selling point to... who, exactly? Those who don't see it as problematic (insert Benjamin Franklin quote here) won't care and those who do care for sure won't buy a Blackberry. Then again, Blackberry was probably running out of ways to scare away customers and needed to add a few more. They're down to 0.3% [idc.com], almost there...
Re: (Score:2)
I'm thinking that the ideal candidates are the NSA, CIA, and other anti-constitution, anti-privacy TLAs. They would love to give these to all their employees, and forbid them from using any other devices.
I like Blackberry..... (Score:2)
.... still use one. This makes me want to go get an iPhone.
Isn't this the same policy they always had? (Score:2)
.... still use one. This makes me want to go get an iPhone.
Why, isn't this the same policy they always had? They have a copy of the encryption keys and release them when a lawful warrant is received?
Re:Isn't this the same policy they always had? (Score:5, Funny)
>> .... still use one. This makes me want to go get an iPhone.
> Why, isn't this the same policy they always had?
Correct, it has always been Blackberry policy to make you want to go get an iPhone.
Re: (Score:2)
Re: (Score:2)
And they've always handed over all the data when the government threatened to stop their sales in the country.
India - http://articles.economictimes.... [indiatimes.com]
Saudi Arabia - http://www.reuters.com/article... [reuters.com]
I don't get it (Score:2)
I thought the big selling point of Blackberry was security. This is anything but.
Oh well, it's not like they haven't caved to national governments before.
Re: (Score:3)
Re: (Score:2)
If they are selling to the US government, they can privately tell the buyers about this "feature" (or is it a "misfeature"?), otherwise, I think that the CEO of Blackberry is about to become good friends with Gerald Ratner and Adam Osborne.
Re: (Score:2)
BlackBerry rolled over to governments years ago.
Any claims they make about security really only mean "we will capitulate to any government security agency".
If the ever-declining BlackBerry thinks doing this will sell their phones to consumers ... well, that's why BB is ever-declining, because they've long since lost track of what consumers want.
Gotta Quit Getting High.... (Score:1)
Re: (Score:2)
Re: (Score:2)
Why are you not getting a Blackberry? Do you have anything to hide?
Re:Lel (Score:4, Interesting)
Ya no ty. I pay my taxes, if I buy a product it is supposed to be mine.
The concept of personal property is being phased out.
Everything, from what you can say and what views you can express in public/online without being fired, being threatened with death, sued, even jailed, what you may do with things you've 'bought', right down to the money in your pocket and even you, yourself, are property of and/or controlled by the policies and agendas of the collective as dictated by a government/corporate/banking oligarchy and their sycophants and useful idiots in positions of influence in society.
I highly recommend reading "The Creature From Jekyll Island" by G. Edward Griffin to begin to understand the power structure in the US. The most powerful players are rarely mentioned in the MSM.
https://archive.org/details/Cr... [archive.org]
Strat
FBI's response to Blackberry's statement (Score:2)
Stalking Horse? (Score:3)
I take Mr Beard's comments at face value, that his company can offer lawful intercept without back doors. Unfortunately this has nothing whatsoever in common with the statements made by Apple and others.
You see Blackberry has a unique position in the market, it being not just the manufacturer but also the network operator. Thus for most normal Blackberry users (non-corporate), their secure end to end communications begin and end at Blackberry's servers. Also their device encryption software has at least one known weakness to offline brute force cracking so perhaps there are more.
All this means that what Blackberry is really saying is that, since they control the communication keys and made a less than perfect encryption product they can offer lawful interception where other vendors had to rely of real hardware device encryption and end-too-end communications.
BTW, Apple does not get off scot free here as its Imessage product can offer lawful intercept, just not decryption after the fact because they too control which keys are used to encrypt which iMessage.
Re: (Score:2)
That's actually an interesting point. In years past, the Blackberry fanboys used to tout how secure BB devices were when used with a BB enterprise server. It appears now that this claim was never true.
Re: (Score:2)
That's actually an interesting point. In years past, the Blackberry fanboys used to tout how secure BB devices were when used with a BB enterprise server. It appears now that this claim was never true.
Blackberries have to connect to a BES in order to work, IIRC. For a corporate user, that would be the company's own server. Joe Public would normally connect to a BES run by RIM and under their control, and thus amenable to government intercepts.
Re: (Score:2)
You missed my point. The article does not state that BB's interception capabilities are limited to intercepting Joe Public's communications. This implies that BB can also intercept communications when a corporate BES is in use.
Re: Stalking Horse? (Score:1)
That's actually not correct .
iMessage is PKI, and Apple only possesses the public keys of the users and the SSL session key used to request a session.
If you backup to iCloud, then yes, they can read your saved/old messages, but they can't real time intercept
Re: (Score:2)
Thus for most normal Blackberry users (non-corporate), their secure end to end communications begin and end at Blackberry's servers.
That's not a definition of "end to end" that I'm familiar with. Beyond that, how does Blackberry's "network operator" setup differ from Apple's Messages where Apple handles the message routing and delivery, except that Apple devices encrypt and decrypt on the user's hardware (which is the normal definition of "end to end")?
1, 2, 3,... I want to buy one now!!! (Score:2)
Re: (Score:2)
I'd rather donate them to my fellow police station. For oversight reasons.
Differentiate? (Score:5, Informative)
>"The company may see this as a way to differentiate themselves from the competition."
Um, yeah- "Buy our phones! They are better because we allow the government to spy on you!" What a great selling feature to differentiate yourself from your competition. I bet consumers will flock to that ?!!?!?!!
Re: (Score:2)
Counterintelligence awareness, Internal affairs might like the look at features that keep out other governments out but give total access.
Re: (Score:2)
Think. The governments could see this feature and mandate that all government employess must use Blackberry. Meaning: PROFIT
Re: (Score:2)
I am left wondering about that claim as well. Even people who are okay with the lawful interception of communications are unlikely to buy a phone for this reason, and people who deal with confidential (albeit legal) communications will not want be able to purchase these phones for that reason. Then there are people who expect their privacy to be respected, who are almost certainly going to avoid these devices for that reason. Then you have the paranoid crowd who won't touch it. And all of that is before
Re: (Score:2)
>"The company may see this as a way to differentiate themselves from the competition."
Um, yeah- "Buy our phones! They are better because we allow the government to spy on you!" What a great selling feature to differentiate yourself from your competition. I bet consumers will flock to that ?!!?!?!!
Government at all levels, as a consumer, may support this - and they buy rather a lot of phones.
Wording indicates the problem (Score:5, Insightful)
Re: (Score:2)
"Lawful intercept" is a term used in telecoms to refer to a feature of a communications system that allows the police or the government or the TLAs to monitor the communications of a specific endpoint (a person or an address or a device). The implication is that there's some judicial oversight to stop the authorities from abusing it, and some security to stop anyone who isn't the authorities from gaining access to it. The term also implies that the feature is there by design - it can't (or shouldn't) "accid
The Blackberry "Priv" ad blurb... (Score:3)
The Blackberry "Priv" ad blurb...
"At BlackBerry we are passionate about raising the bar for security and privacy. Extra steps are taken at both a hardware and software level to authenticate Android in order to help protect you from malware and any attempts to temper with your OS."
I thought that some idiot had misspelled "tamper". After reading this article, I am not so sure that this was not in fact the intended word choice here.
Back door (Score:2)
"Lawful interception for devices, but no backdoors"
Interception is a fucking back door! It's an alternative way to make encryption useless. It's like having a heavy duty front door and deadbolt but leaving the key under the welcome mat.
Re: (Score:2)
"Lawful interception for devices, but no backdoors"
Interception is a fucking back door! It's an alternative way to make encryption useless. It's like having a heavy duty front door and deadbolt but leaving the key under the welcome mat.
More like leaving the key in the lock with a PLB (personal locator beacon for emergency) a flashing strobe light with a 120 decibel siren as a fob.
Another in a long series of marketing mistakes (Score:3)
Re: (Score:2)
> And now on an insecurity feature that the customer won't be allowed to use.
An often overlooked but critically important corollary to keeping your customers happy is knowing who your real customers are.
Re: (Score:2)
You'd need a popular product to pull off obtaining second-clientage from governments, and you'd need not to reveal that your device had legal intercept.
This is just a poorly-directed company continuing to shoot itself in the foot. It's not made its product desirable for government, or for anyone else.
I buy my devices not the government (Score:2)
So after all these years let's check to see what their market share is: Oh look it is within a statistical margin of error of zero. Yup the one time king of the smartphone is so close to zero market share as to effectively be zero.
lawful ? (Score:2)
What will determine if the break of privacy is authorized? Is it automated? Then it is a plain backdoor, there is nothing lawful in it. Machines don't know law. Is it a human who decides? No way they can process the amount of requests, they will automate this like Google does for DMCA take-downs.
Which government? (Score:2, Interesting)
The Canadian government?
The US Government?
The governments of "five eyes" countries?
The Egyptian government?
The Russian government?
The Syrian government?
The Islamic State's government?
The Chinese government?
all of them?
Re: (Score:2)
All of them and so much more.
Isn't that what all users want? More?
There is no "government only" backdoor (Score:2)
Anything that can be used by the average computer illiterate government goon can be used by the average hacker.
Define "lawful" for me. I dare you to. (Score:2)
Yes, feel free to toss up the black-and-white definition of "lawful" these days, because it's so clear in the post 9/11 era, right?
Even our elected leaders don't know what the hell "lawful" is anymore, much like our Constitution. All that matters is sales, as demonstrated by the ass-kissing COO of Blackberry who wants to claim this crap as a "way to differentiate".
Yeah, you're different alright. You're the brand no one really wanted before due to technology.
Now you're the brand to avoid completely, regard
They know which side the butter is on (Score:4, Insightful)
From what I understand a large number of their clients these days are governmental, so this move isn't all that surprising. If they took a different stance they probably would end up like QWest when they told the government to shove it when they started their illegal wiretaping program suddenly all of QWests government contracts were canceled and they found themselves under "investigation".
This is what caused BB to become 5th bananana (Score:2)
They gleefully gave the keys to the servers to governments, now they are talking about, "here have access to the data on the devices!"
They dont get it. that is why blackberry is a failure and will stay a failure. NOBODY wants them anymore. Hell they are more rare than a windows phone now.
No Backdoor (Score:2)
Blackberry has clarified that there are no backdoors in their equipment. Major slip up by COO Marty Beard and it just exemplifies the terrible Communications and Marketing strategy that Blackberry has always suffered under. Every company Apple, Alphabet (Google), Samsung will cooperate with law enforcement. Just don't give them your encryption keys and you are fine. Blackberry is no different and wouldn't be used by Obama and Merkel if it wasn't secure. Don't be fooled any company will give up whatever
Re: (Score:2)
If Apple (and I assume Google) don't possess the private keys that are used to encrypt the messages and only facilitate the exchange of public keys, how can they cooperate with law enforcement even if they wanted to?
Re: (Score:2)
Your iPhone contains the private key or it couldn't decrypt the messages, and it is backed up in Apple's cloud. Authorities with Apple cooperation could Trojan horse every app in the Apple universe and easily extract your key. If teenage hackers can root or jailbreak phones do you seriously doubt the NSA can?
Re: (Score:3)
Yes my iPhone contains the private key. Apple doesn't have it.If I turn off iCloud backup --- something I would do if I were worried about hiding from the government. I'm not aware of any untethered jailbreaks that have come out in the last few years -- meaning someone would first have to have physical access to my phone and then unlock it -- after 10 attempts it is not only erased, the private key used to decrypt the local data is erased.
Re: (Score:2)
If someone can compromise any app that they know you use and update it then the compromised app can copy the key and send it to an outside server without you knowing. Unless you personally write or audit all the code in all the apps you use you are just trusting that they are safe. The compromised code could be hidden in any app update or bug fix from Apple or any other Application developer. With the authorization of the government this is exactly how NSA has been able to intercept devices in transit and
Re: No Backdoor (Score:2)
First the third party app would have to figure out how to read the private keys from the Secure Element which there haven't been any reports of being hacked in over 5 years.
Its a gamble on their part (Score:1)
The see the day when non-backdoored encryption is outlawed, so they want to be positioned to be the only company left standing. Problem is when that day comes ( and it will ), they will be long gone.
Nice try tho. Have to give them that much credit.