BlackBerry Offers Glomar, 'Bad Guys Got Caught,' In Non-Comment On Canadian Law Enforcement's Full Access To Encrypted Messages
from the 'in-conclusion,-Blackberry-is-a-land-of-contrasts' dept
BlackBerry has finally responded to Motherboard’s story on the Royal Canadian Mounted Police’s apparent full access to encrypted communications — something that hinted the RCMP may have been given BlackBerry messaging’s “Golden Key.” Sort of. It’s mostly an indirect Glomar followed by a statement that confirms something people already know.
BlackBerry still has not commented directly to Motherboard or VICE News on the specifics of the investigation, but CEO John Chen published a blog post on Monday addressing the report in broad strokes… very broad strokes.
[…]
“Regarding BlackBerry’s assistance,” Chen wrote instead, “I can reaffirm that we stood by our lawful access principles. Furthermore, at no point was BlackBerry’s BES server involved.”
BES is BlackBerry Enterprise Server — the only option available where customers can lock BlackBerry out of access to communications. With BES, encryption keys are set by users, which means BlackBerry can no longer decrypt messages using its global PIN encryption key. Notably, this option is only available to corporate or government customers. Everyone else gets vanilla encryption, which can be decrypted by BlackBerry for law enforcement. Or, as appears to be the case in Canada, the key can be handed out to law enforcement agencies, allowing them to decrypt at will… because there’s only one encryption key for all non-BES users.
According to BlackBerry CEO John Chen, the ends justify the means he pointedly won’t be discussing in detail.
We have long been clear in our stance that tech companies as good corporate citizens should comply with reasonable lawful access requests.
[…]
This very belief was put to the test in an old case that recently resurfaced in the news, which speculated on and challenged BlackBerry’s corporate and ethical principles. In the end, the case resulted in a major criminal organization being dismantled.
BlackBerry continues to play both sides of the equation, providing “regular” users with less secure communications while claiming to be the “gold standard” in encrypted communications — a privilege it only extends to some of its customers, unlike Apple or Google, which provide encryption to all of their customers.
The company has nothing to offer customers in the way of assurances, but it does seem to be going out of its way to soothe the nerves of law enforcement officials frustrated by smartphone encryption. It may make a big deal about its fight against Pakistan and its demands for access (Chen highlights this in his blog post), but it seems less than likely to go to bat for a majority of its users when faced with overreach by more “acceptable” governments.
Filed Under: backdoor, blackberry, canada, encryption, glomar, john chen, key, rcmp
Companies: blackberry
Comments on “BlackBerry Offers Glomar, 'Bad Guys Got Caught,' In Non-Comment On Canadian Law Enforcement's Full Access To Encrypted Messages”
“This very belief was put to the test in an old case that recently resurfaced in the news, which speculated on and challenged BlackBerry’s corporate and ethical principles. In the end, the case resulted in a major criminal organization being dismantled.”
As well as dismantling the public’s trust in Blackberry. Good going John. Weren’t those the funny little devices with the minuscule keyboard? I’ve seen one once or twice… before all Execs wanted iPhones.
Blackberry is still around????
Re: Re:
was still around…
After this, the very small spec representing BlackBerry has now disappeared in a small puff of smoke.
In other words, governments and corporations can have secrets, while private citizens are not allowed that luxury.
Here’s hoping this particular key gets released into the wild.
That would be a pretty strong argument for encryption that isn’t backdoored (or has ‘golden keys that only the good guys will use’).
Server Server?
“BES Server” <==> “Blackberry Enterprise Server Server”
Brought to you by the redundant Department of Redundancy.
Really?
Really? So, this is like the FBI using the one gut wrenching “because Terrorism!” case to show a need to crack an iPhone and be handed a tool to crack all iPhones (and then they would have it in their tool chest without needing to get one of those pesky warrant thingies for the “next” one).
…and since one government agency is just a part of the government, it means that effectively all government agencies would have it (like the NSA wouldn’t be able to get it from the FBI if it wanted it?)
So, in Canada, it probably means *all* law enforcement agencies would have the non-BES key available, with no need to go to the courts (or Blackberry) to get permission. I thought Blackberry was stupid, but I didn’t think they were *that* stupid. At least with keeping it to themselves, they would have a revenue stream from the requests for decryption.
Re: Really?
5 eyes means all of the US agencies will get it as well.
Bye Bye, Blackberry. The nail is on the coffin and the hammer is raised.
Won't buy Blackberry
I won’t buy a blackberry now. And I really wanted one
Furthermore, at no point was BlackBerry’s BES server involved.”
Because ALL blackberry models pump data directly to the RCMP’s server via their IP address*
*Includes but not limited to:
Text messages, documents (including contents), pictures of your wife’s boobs, dick pics, personal and business emails, contact details, bank passwords (as they’re typed into Bank apps – BB OS has detection code to known when running BofA and HSBC app etc).
BES loaded – text message is being typed…
I think we should blow up …message interrupted…
RCMP says “are you SURE you want to commit this terrorist act?”
continues typing the waving tube man and put it outside the car salesroom….
WTF is "an indirect Glomar"?
Are you trying to say that RIM “indirectly” built a huge salvage ship, which they claimed was for deep-sea research, but was actually intended for use by the CIA to secretly recover a foundered Russian nuclear sub in the mid-Pacific?
If not, I have no idea what you were trying to say at the end of your first paragraph.
BES
Pronounced B S