Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Blackberry Cellphones Communications Encryption Government Privacy

Blackberry Offers 'Lawful Device Interception Capabilities' (itnews.com.au) 137

An anonymous reader writes: Apple and Google have been vocal in their opposition to any kind of government regulation of cell phone encryption. BlackBerry, however, is taking a different stance, saying it specifically supports "lawful interception capabilities" for government surveillance. BlackBerry COO Marty Beard as much at a recent IT summit. He declined to explain how the interception works, but he denied the phones would contain "backdoors" and said governments would have no direct access to BlackBerry servers. The company may see this as a way to differentiate themselves from the competition.
This discussion has been archived. No new comments can be posted.

Blackberry Offers 'Lawful Device Interception Capabilities'

Comments Filter:
  • by Anonymous Coward on Saturday November 21, 2015 @11:12PM (#50978787)
    After all, who wouldn't want the government to be able to spy on you? As long as it's lawful, that is.
    • Yep. As long as the government has gone through the proper procedures and has a lawfully obtained warrant, then I most certainly want to make sure they can access my private communications. Smart move by Blackberry to differentiate their product that way! I'll get rid of my iPhone next chance I get and proudly buy a Blackberry.

      For the sarcasm impaired, please disregard my comment.

      • by Mitreya ( 579078 )

        Smart move by Blackberry to differentiate their product that way!

        Blackberries are still being made? Rather, are they still being sold??
        I thought that they had a historical hold on corporate world -- and I thought that even that was pretty much gone (Liberty Mutual has made a switch, at least in some departments, a couple of years ago).

        • The funny thing is....now BB's biggest customers are governments. So this should put the final nail in the coffin for them, as governments would definitely not want a backdoor in their devices...

        • Blackberry is relying on the corporate world's reluctance to change. So long as Blackberry is the tried and true, management will keep on buying them. After all, spying by the government is not a concern for them.

          This attitude will change the first time some corporate spy, Chinese or otherwise, slips through that backdoor.

        • <quote>Blackberries are still being made? Rather, are they still being sold?? I thought that they had a historical hold on corporate world -- and I thought that even that was pretty much gone</quote>

          Yep, they used to have a stranglehold on the corporate world, mostly because the executives always had Blackberries (and absolutely loved them) and IT refused to support anything else.

          Then the execs all got iOS devices and ditched their blackberries and told IT to support iOS devices (or look for a
        • by swalve ( 1980968 )
          They just brought out a new one that actually sold out at my local ATT store.
      • I am very much in favour of the government being allowed to access private communications in individual cases with due cause and a legally obtained warrant issued by a judge. However, "being allowed" should in no way shape or form imply that zero knowledge encryption should be forbidden. Security issues aside, various governments, including my own, have time and time again shown that they absolutely cannot be trusted with such power, or trusted to play by their own rules.

        Maybe BB thinks to cater to the
        • Even the "nothing to hide" group would fear this. If the handset can intercept comms, and its not done in the network, then it can be done across jurisdictions. e.g. Russian user is spied on by US using US warrant against Blackberry. China spies on foreign dissidents using it. Journalists targetted in Europe based on US warrant etc.

        • "I am very much in favour of the government being allowed to access private communications in individual cases with due cause and a legally obtained warrant issued by a judge"

          The problem is idiots try to use this idea to ignore enshrined rights. NO matter how badly you want into my computers, you have no right to tell me that i HAVE to give you a way to read my work. Thats not a power my government has. It should not be illegal to build a computer that cannot be read by anyone but me. Governments DO NOT
        • Right: they should be allowed, yet it should be impossible for them to actually do.

          It's sort of like how I'm allowed to be President of the US. But unless everybody else in the world totally screws up to comically-negligent degree (what the fuck were you thinking, voting for me?!), it can't possibly happen.

          Cops are allowed to travel to Alpha Centauri. FBI employees are allowed to live to be a thousand years old. NSA crackers are allowed to have unlimited antimatter-reactor energy for free. Our laws shoul

        • by Anonymous Coward

          Do you also think that they should be allowed to probe your thoughts and memories with a mind probe with due cause and a legally obtained warrant issued by a judge? Or should they be able to torture you with a legally obtained warrant issued by a judge? Can they slowly drill a hole into your child's head in front of you until you sign a confession with due cause and a legally obtained warrant issued by a judge? Can they do those things to everyone in an entire town or city with with due cause and a _one_ le

      • ...is where you cop to having an iPhone, as if that bitch weren't already more full of holes than your grandma's colander.
      • Sarcasm aside, that's pretty much the goal, yes.

        Now, I (thankfully) haven't worked with BlackBerry products in many years, and I had hoped/expected that things had changed, but pretty much all phone data used to be stored on company-managed servers. The government wouldn't have direct access, but corporate IT staff would.

        From the little information in TFS, it sounds like the phones are not the vulnerability, but a central server under corporate control would be a suitable target for court-ordered surveillan

      • You know, I actually do feel that way? There's a reason they put the fourth amendment in the constitution. There are people we as a society want the government to be able to catch, if they do it properly.

        That's the thing though - they fucked up. They had this interception treasure trove and were caught with their hands in the cookie jar because they're too afraid of the public to stick to what they're... you know, allowed to do. Their lawyers can explain until they're blue in the face how it's not technical

    • by Anonymous Coward

      My worry isn't lawful interception. However, backdoors and such mean that -someone- out there has a master key. And who knows how it is stored? If it falls into the wrong hands, it can utterly destroy a product, or even destroy companies if the backdoor winds up being used for advantages (knowing what competitors are bringing to the table, finding weak points to attack the company, or good old fashioned extortion/blackmail.)

      Let's say the backdoor is a large RSA key. There will be organizations, includin

    • by AmiMoJo ( 196126 )

      After all, who wouldn't want all governments to be able to spy on you?

      FTFY.

      The claim that there isn't a backdoor suggests that they are keeping the key in escrow, so eventually you can expect a .torrent to appear with an SQL database full of Blackberry keys, at which point you will know that several national intelligence services have had full access for a few years before some amateur got in.

    • Even if you were to trust the gonernment having a back door means there is one more spot for a hacker to target. How long do you think it will take for it to be exposed than abused by the bad guys.

    • The annoying thing is I was actually considering the priv for my next phone. Because they actually went through the effort of getting it fips 140 acredited. This stance just makes me want them to die.

    • by Z00L00K ( 682162 )

      And depending on which government you are under it may vary what's lawful.

      What Blackberry says is just "We aren't secure anymore, so if you have concerns pick Android or Apple".

  • Nail, meet coffin (Score:5, Insightful)

    by Jadecristal ( 135389 ) on Saturday November 21, 2015 @11:16PM (#50978803)

    It's really hard to put nails into your own coffin from the outside, but DAmn are they trying.

    • by MightyMartian ( 840721 ) on Saturday November 21, 2015 @11:26PM (#50978831) Journal

      I think this is some sort of wild Hail Mary Pass gambit where somehow the US and UK will outlaw all phones that don't have back doors, and Blackberry will become the only legal smartphone and... PROFIT!!!!

      It sounds stupid, but just about everything RIM/Blackberry has done for the last five years has been just unmitigated stupidity.

      • somehow the US and UK will outlaw all phones that don't have back doors, and Blackberry will become the only legal smartphone and... PROFIT!!!!

        Interesting comment, made me think...

        So, thinking of this as a phone specifically enabled with spying capabilities as a feature you're right, the logical customer for such a phone is an oppressive government.

        I can think of several totalitarian governments that would love a phone with baked-in spyware!

        • by Anonymous Coward

          What if the FBI had to investigate the NSA? Could they do it? With these phones? Because law is multi-layered and often ignored (as Snowden leaks showed). They could not usethese phones if the target is a suspected lawful agency gone rogue.

        • So, thinking of this as a phone specifically enabled with spying capabilities as a feature you're right, the logical customer for such a phone is an oppressive government.

          Or a company. Having everything done with the phone recorded could easily become a hit amongst the control freak wing of the HR.

        • I have a client at a big financial firm who keep sticking with RIMM devices. This new feature will finally pry it from his cold dead hands.
          • by Anonymous Coward

            I know surveillance is bad, but necro-surveillance is just ... disturbing.

    • This isn't something new for them, they've always been right at the front of saying: 'Yes, here are the ways you get direct access to our system'

      Its been noted in several slashdot articles in the past, mostly revolving around how they actively support oppressive governments spying on citizens and suppression of free speech by monitoring and disappearing violators.

      Blackberry has done this since day one.

    • Not really, there are many people who don't care about this. I've got a friend who has a Blackberry and she's been sold on it's security. Even when I've told her that they aren't as secure as the latest Android and iOS devices (at least she doesn't look at me as if I'm wearing a tin foil hat) she replies doesn't care if the government can get her data because she has nothing to hide. The end to end encryption doesn't matter to her.

      The thing the might convince her to change is the camera. The other day we

  • The new BB with slide-out keyboard running Android looked quite interesting to me and was potentially going to be my next phone.
    Looks like that's not going to happen now.

  • Pink sheets anyone?

  • Blackberry Offers 'Unlawful Device Interception Capabilities', since the capability is entirely orthogonal to the legality. Sounds like a great selling point to... who, exactly? Those who don't see it as problematic (insert Benjamin Franklin quote here) won't care and those who do care for sure won't buy a Blackberry. Then again, Blackberry was probably running out of ways to scare away customers and needed to add a few more. They're down to 0.3% [idc.com], almost there...

    • I'm thinking that the ideal candidates are the NSA, CIA, and other anti-constitution, anti-privacy TLAs. They would love to give these to all their employees, and forbid them from using any other devices.

  • .... still use one. This makes me want to go get an iPhone.

  • I thought the big selling point of Blackberry was security. This is anything but.

    Oh well, it's not like they haven't caved to national governments before.

    • It makes perfect sense if Blackberry's main customer is the US govt. In that case, they're saying that the US doesn't have to install third party spying apps to keep tabs on their employees, the hardware vendor will do this service for them. Sounds like a useful differentiating feature from the competition. Moreover, if the govt likes it, they might require all the contractors in the military industrial complex to use Blackberries too, purely for interoperability of course. If that happens, then Blackberry
      • It makes perfect sense if Blackberry's main customer is the US govt.

        If they are selling to the US government, they can privately tell the buyers about this "feature" (or is it a "misfeature"?), otherwise, I think that the CEO of Blackberry is about to become good friends with Gerald Ratner and Adam Osborne.

    • BlackBerry rolled over to governments years ago.

      Any claims they make about security really only mean "we will capitulate to any government security agency".

      If the ever-declining BlackBerry thinks doing this will sell their phones to consumers ... well, that's why BB is ever-declining, because they've long since lost track of what consumers want.

  • Thought for a minute there the headline read "Blackberry OFFERS lawful device interception capabilities."
  • Comment removed based on user account deletion
  • Thanks, we appreciate your cooperation. What's a Blackberry?
  • by ramriot ( 1354111 ) on Saturday November 21, 2015 @11:59PM (#50978943)

    I take Mr Beard's comments at face value, that his company can offer lawful intercept without back doors. Unfortunately this has nothing whatsoever in common with the statements made by Apple and others.

    You see Blackberry has a unique position in the market, it being not just the manufacturer but also the network operator. Thus for most normal Blackberry users (non-corporate), their secure end to end communications begin and end at Blackberry's servers. Also their device encryption software has at least one known weakness to offline brute force cracking so perhaps there are more.

    All this means that what Blackberry is really saying is that, since they control the communication keys and made a less than perfect encryption product they can offer lawful interception where other vendors had to rely of real hardware device encryption and end-too-end communications.

    BTW, Apple does not get off scot free here as its Imessage product can offer lawful intercept, just not decryption after the fact because they too control which keys are used to encrypt which iMessage.

    • You see Blackberry has a unique position in the market, it being not just the manufacturer but also the network operator. Thus for most normal Blackberry users (non-corporate),

      That's actually an interesting point. In years past, the Blackberry fanboys used to tout how secure BB devices were when used with a BB enterprise server. It appears now that this claim was never true.

      • You see Blackberry has a unique position in the market, it being not just the manufacturer but also the network operator. Thus for most normal Blackberry users (non-corporate),

        That's actually an interesting point. In years past, the Blackberry fanboys used to tout how secure BB devices were when used with a BB enterprise server. It appears now that this claim was never true.

        Blackberries have to connect to a BES in order to work, IIRC. For a corporate user, that would be the company's own server. Joe Public would normally connect to a BES run by RIM and under their control, and thus amenable to government intercepts.

        • Blackberries have to connect to a BES in order to work, IIRC. For a corporate user, that would be the company's own server. Joe Public would normally connect to a BES run by RIM and under their control, and thus amenable to government intercepts.

          You missed my point. The article does not state that BB's interception capabilities are limited to intercepting Joe Public's communications. This implies that BB can also intercept communications when a corporate BES is in use.

    • by Anonymous Coward

      That's actually not correct .

      iMessage is PKI, and Apple only possesses the public keys of the users and the SSL session key used to request a session.

      If you backup to iCloud, then yes, they can read your saved/old messages, but they can't real time intercept

    • Thus for most normal Blackberry users (non-corporate), their secure end to end communications begin and end at Blackberry's servers.

      That's not a definition of "end to end" that I'm familiar with. Beyond that, how does Blackberry's "network operator" setup differ from Apple's Messages where Apple handles the message routing and delivery, except that Apple devices encrypt and decrypt on the user's hardware (which is the normal definition of "end to end")?

  • I mean, who wouldn't want to have a system that makes it easier for anyone to spy on you. Count me in! Perhaps I will even buy a few to help my beloved police state.
  • Differentiate? (Score:5, Informative)

    by markdavis ( 642305 ) on Sunday November 22, 2015 @12:21AM (#50979007)

    >"The company may see this as a way to differentiate themselves from the competition."

    Um, yeah- "Buy our phones! They are better because we allow the government to spy on you!" What a great selling feature to differentiate yourself from your competition. I bet consumers will flock to that ?!!?!?!!

    • by AHuxley ( 892839 )
      "What a great selling feature to differentiate yourself from your competition."
      Counterintelligence awareness, Internal affairs might like the look at features that keep out other governments out but give total access.
    • Think. The governments could see this feature and mandate that all government employess must use Blackberry. Meaning: PROFIT

    • by MacTO ( 1161105 )

      I am left wondering about that claim as well. Even people who are okay with the lawful interception of communications are unlikely to buy a phone for this reason, and people who deal with confidential (albeit legal) communications will not want be able to purchase these phones for that reason. Then there are people who expect their privacy to be respected, who are almost certainly going to avoid these devices for that reason. Then you have the paranoid crowd who won't touch it. And all of that is before

    • >"The company may see this as a way to differentiate themselves from the competition."

      Um, yeah- "Buy our phones! They are better because we allow the government to spy on you!" What a great selling feature to differentiate yourself from your competition. I bet consumers will flock to that ?!!?!?!!

      Government at all levels, as a consumer, may support this - and they buy rather a lot of phones.

  • by gurps_npc ( 621217 ) on Sunday November 22, 2015 @12:40AM (#50979055) Homepage
    The fact they felt it necessary to put the word lawful in that description is kind of like a mobster using the phrase "legitimate businessman". Real legitimate businessmen call themselves 'businessmen'. They don't need to add the word legitimate, because they are legitimate. You don't add the word 'lawful' unless deep down in your heart, you have questions about it being lawful.
    • by Pembers ( 250842 )

      "Lawful intercept" is a term used in telecoms to refer to a feature of a communications system that allows the police or the government or the TLAs to monitor the communications of a specific endpoint (a person or an address or a device). The implication is that there's some judicial oversight to stop the authorities from abusing it, and some security to stop anyone who isn't the authorities from gaining access to it. The term also implies that the feature is there by design - it can't (or shouldn't) "accid

  • by tlambert ( 566799 ) on Sunday November 22, 2015 @12:52AM (#50979073)

    The Blackberry "Priv" ad blurb...

    "At BlackBerry we are passionate about raising the bar for security and privacy. Extra steps are taken at both a hardware and software level to authenticate Android in order to help protect you from malware and any attempts to temper with your OS."

    I thought that some idiot had misspelled "tamper". After reading this article, I am not so sure that this was not in fact the intended word choice here.

  • by Anonymous Coward

    "Lawful interception for devices, but no backdoors"

    Interception is a fucking back door! It's an alternative way to make encryption useless. It's like having a heavy duty front door and deadbolt but leaving the key under the welcome mat.

    • "Lawful interception for devices, but no backdoors"

      Interception is a fucking back door! It's an alternative way to make encryption useless. It's like having a heavy duty front door and deadbolt but leaving the key under the welcome mat.

      More like leaving the key in the lock with a PLB (personal locator beacon for emergency) a flashing strobe light with a 120 decibel siren as a fob.

  • There's a truism in marketing that you can only differentiate your product on the parts that the customer sees and uses. Blackberry just can't learn this lesson. They tried differentiating on the OS kernel, which the customer never sees. And now on an insecurity feature that the customer won't be allowed to use. It's been a protracted death spiral, but it's a continuing one.
    • by nadaou ( 535365 )

      > And now on an insecurity feature that the customer won't be allowed to use.

      An often overlooked but critically important corollary to keeping your customers happy is knowing who your real customers are.

      • You'd need a popular product to pull off obtaining second-clientage from governments, and you'd need not to reveal that your device had legal intercept.

        This is just a poorly-directed company continuing to shoot itself in the foot. It's not made its product desirable for government, or for anyone else.

  • I don't think that Blackberry has ever fully understood that the end user is their actual customer. For years they have allowed IT departments and Telcos to cripple their devices. So it is basically zero surprise when they allow the government to cripple the device some more.

    So after all these years let's check to see what their market share is: Oh look it is within a statistical margin of error of zero. Yup the one time king of the smartphone is so close to zero market share as to effectively be zero.
  • What will determine if the break of privacy is authorized? Is it automated? Then it is a plain backdoor, there is nothing lawful in it. Machines don't know law. Is it a human who decides? No way they can process the amount of requests, they will automate this like Google does for DMCA take-downs.
     

  • Which government? (Score:2, Interesting)

    by Anonymous Coward

    The Canadian government?
    The US Government?
    The governments of "five eyes" countries?
    The Egyptian government?
    The Russian government?
    The Syrian government?
    The Islamic State's government?
    The Chinese government?

    all of them?

  • Anything that can be used by the average computer illiterate government goon can be used by the average hacker.

  • Yes, feel free to toss up the black-and-white definition of "lawful" these days, because it's so clear in the post 9/11 era, right?

    Even our elected leaders don't know what the hell "lawful" is anymore, much like our Constitution. All that matters is sales, as demonstrated by the ass-kissing COO of Blackberry who wants to claim this crap as a "way to differentiate".

    Yeah, you're different alright. You're the brand no one really wanted before due to technology.

    Now you're the brand to avoid completely, regard

  • by Dereck1701 ( 1922824 ) on Sunday November 22, 2015 @07:07AM (#50979587)

    From what I understand a large number of their clients these days are governmental, so this move isn't all that surprising. If they took a different stance they probably would end up like QWest when they told the government to shove it when they started their illegal wiretaping program suddenly all of QWests government contracts were canceled and they found themselves under "investigation".

  • They gleefully gave the keys to the servers to governments, now they are talking about, "here have access to the data on the devices!"

    They dont get it. that is why blackberry is a failure and will stay a failure. NOBODY wants them anymore. Hell they are more rare than a windows phone now.

  • Blackberry has clarified that there are no backdoors in their equipment. Major slip up by COO Marty Beard and it just exemplifies the terrible Communications and Marketing strategy that Blackberry has always suffered under. Every company Apple, Alphabet (Google), Samsung will cooperate with law enforcement. Just don't give them your encryption keys and you are fine. Blackberry is no different and wouldn't be used by Obama and Merkel if it wasn't secure. Don't be fooled any company will give up whatever

    • by Karlt1 ( 231423 )

      Every company Apple, Alphabet (Google), Samsung will cooperate with law enforcement.

      If Apple (and I assume Google) don't possess the private keys that are used to encrypt the messages and only facilitate the exchange of public keys, how can they cooperate with law enforcement even if they wanted to?

      • Your iPhone contains the private key or it couldn't decrypt the messages, and it is backed up in Apple's cloud. Authorities with Apple cooperation could Trojan horse every app in the Apple universe and easily extract your key. If teenage hackers can root or jailbreak phones do you seriously doubt the NSA can?

        • by Karlt1 ( 231423 )

          Yes my iPhone contains the private key. Apple doesn't have it.If I turn off iCloud backup --- something I would do if I were worried about hiding from the government. I'm not aware of any untethered jailbreaks that have come out in the last few years -- meaning someone would first have to have physical access to my phone and then unlock it -- after 10 attempts it is not only erased, the private key used to decrypt the local data is erased.

          • If someone can compromise any app that they know you use and update it then the compromised app can copy the key and send it to an outside server without you knowing. Unless you personally write or audit all the code in all the apps you use you are just trusting that they are safe. The compromised code could be hidden in any app update or bug fix from Apple or any other Application developer. With the authorization of the government this is exactly how NSA has been able to intercept devices in transit and

            • If someone can compromise any app that they know you use and update it then the compromised app can copy the key and send it to an outside server without you knowing

              First the third party app would have to figure out how to read the private keys from the Secure Element which there haven't been any reports of being hacked in over 5 years.

  • by Anonymous Coward

    The see the day when non-backdoored encryption is outlawed, so they want to be positioned to be the only company left standing. Problem is when that day comes ( and it will ), they will be long gone.

    Nice try tho. Have to give them that much credit.

If all the world's economists were laid end to end, we wouldn't reach a conclusion. -- William Baumol

Working...