Speaking Engagements & Private Workshops - Get Dean Bubley to present or chair your event

Need an experienced, provocative & influential telecoms keynote speaker, moderator/chair or workshop facilitator?
To discuss Dean Bubley's appearance at a specific event, contact information AT disruptive-analysis DOT com

Friday, August 06, 2010

BlackBerry BBM intercept - workarounds probable?

Quick post / question here.

This week has seen half the world's more paranoid and authoritarian countries make announcements about intercepting BlackBerry traffic. The main concern seems to be a belated recognition that the proprietary BBM IM service currently encrypted end-to-end from device to device - and in any case transits the RIM network and is processed in its data centres. Therefore unlike SMS traffic, it's not observable by the spooks - particularly those in countries without access to vaults-full of supercomputers.

It's conspicuous that RIM's announcements appear to have focused on damage-limitation in terms of any feares of its corporate customer base using BES/email service - whereas my read is that most of these governments are more worried about the new army of young BlackBerry *BIS* (Internet service) customers.

Presumably though, the fact that the data transits RIM's network is actually less of an issue than the fact that it's encrypted on the way.

Now, a question for BlackBerry developers: is there a BBM API on the handset in the new SDK and OS version? Because if so, presumably someone will just create a lightweight 3rd-party app front-end to BBM, which encrypts/decrypts everything locally? At which point it doesn't matter whether RIM routes the traffic to Canada or straight through the operator's core network, as it'll still look like gibberish. Come to think of it, the same app could probably do SMS crypto as well.

I have a feeling that this whole "interception" approach may backfire spectacularly on those governments trying to enforce it. This could just catalyse the whole market for private crypto solutions, not just on BlackBerries, but on all smartphones. Next up, massmarket encrypted voice - it's already available for BlackBerries for corporate usage.

It would be deeply ironic if such an authoritarian move prompted a huge shift which ultimately resulted in more privacy rather than less.

Edit - looks like the Bahrain government has a more realistic view of the situation

1 comment:

OutsideTheBox said...

Completly agree, considering developing a front end for BBM with AES 256 just for the fun of it and distributing free of charge for UAE and other contries that want to be as Big brother as possible.