Michael Ale,
I gave numerous interviews back in 2010 when Blackberry started openly
co-operating with governments to keep their service online. The concerns
raised then, to this day then remain unanswered by the company.
Given the company's unwillingness to constructively engage and be open
regarding on their practices regarding data sharing has led me to recommend to
activists to AVOID their devices and services at all costs. Other far more
secure solutions exist, such as the open source Guardian Project. Their secure
solutions for Android are excellent and quite respected by digital security
practitioners.
regards
Robert
Refs:
BlackBerry has reportedly reached an agreement with Saudi Arabia to continue
messaging services in the country. It's unclear what data will now be shared.
(August 10, 2010)
http://www.csmonitor.com/World/Global-News/2010/0810/BlackBerry-caved-to-Saudi-demands-rights-group
The Guardian Project: Secure Mobile Apps and Open-Source Code for a Better
Tomorrow
https://guardianproject.info/
--
R. Guerra
Phone/Cell: +1 202-905-2081
Twitter: twitter.com/netfreedom
Email: rgue...@privaterra.org
On 2013-06-12, at 9:51 AM, ale fernandez wrote:
I remember also during the UK riots last year people started using BBM and it
was much more effective than other networks also partly due to not being as
obvious or closely tracked as facebook posts etc.
Ale
On Wed, 12 Jun 2013 14:15:33 +0100
Michael Rogers mich...@briarproject.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12/06/13 09:14, michael gurstein wrote:
I haven`t been watching that closely but in the course of my
following the current discussions on surveillance I have yet to see
a reference to RIM/Blackberry...
Is this because it`s recent loss of market share means it isn`t of
particular interest (I would have thought the up to recent user
demographics would rather make it of particular interest), because
of some features which put it outside of the current surveillance
stream, have I missed it in the current discussion, other?
Hi Mike,
As far as I know, the situation with BlackBerry is as follows. If
you're an enterprise customer, you generate your own encryption key
for BBM (I don't know whether it's used for email too), and run your
own server. RIM claimed in August 2010 that it didn't have access to
the encryption keys generated by enterprise customers and couldn't
observe the content of their communication. The statement didn't say
whether RIM could observe metadata.
http://blogs.thenational.ae/business/beep-beep/full-rim-customer-statement-on-blackberry-security-issues
If you're a non-enterprise customer, your BBM messages are scrambled
with a key that's built into all BlackBerry devices and known to RIM.
https://mailman.stanford.edu/pipermail/liberationtech/2013-April/008293.html
RIM has come under pressure from several governments to decrypt BBM
messages, so I think it's safe to assume that the key used for
scrambling non-enterprise BBM messages is widely known by now.
For both enterprise and non-enterprise customers, if you use a
third-party email provider, that provider will have access to content
and metadata regardless of what device you're using.
I don't know whether wireless carriers can observe the metadata of BBM
messages; they could collect the scrambled messages of non-enterprise
customers, for descrambling by anyone who knows the key.
Cheers,
Michael
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJRuHR1AAoJEBEET9GfxSfMfm4IAJYUc9eD5yZJr4G7kAC5wJSl
ZXwrATajTYS+VIxY6yHPe5tQoOMHBXbMF/41No/oua6CoOoU2UU++BHAtGsVarHE
koKujVdtn3Tp18Jy6uEru/5qHaNx7+n8FF7lcr72k/yRfgzBKREVH2hge6s2pCYO
NcEya2PxKGcwiCk1f3901JwqVoeYxjEVNn2Wjx65lFppX0imn23UALZgnPHQaxX3
t20BYNwz1g1iSiJg2ngxkdOgTeSXelwI0do4h1mEZtFtapfChdjRb9/rAWi1NOwS
T8Kos128nDk/0cDuqObONxZD01UjgPIUFxBVVnfjJnKm220r6z7IBpelmrgWi6Y=
=9cNa
-END PGP SIGNATURE-
--
Too many emails? Unsubscribe, change to digest, or change password by
emailing moderator at compa...@stanford.edu or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by
emailing moderator at compa...@stanford.edu or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing
moderator at compa...@stanford.edu or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
