Saturday, 7 August 2010

Why so much fuss about RIM in middle east?

Who has not heard of the story about RIM and UAE, Saudi Arabia and potentially other countries.

Now it seems, at least reported here

I wonder what this actually means:
1. Has RIM given in and allowed access to the data? That is something they say IS NOT possible (encryption key is in the device only and there is not additional decryption key)
2. Have they secretly pushed put an application on RIM devices to spy on users?

But more importantly the questions should be raised why is Saudi Arabia not targeting other mobile platforms? I am concerned that they already know how to spy on the traffic. Remember, that other mobile services, namely iPhone, Android and Nokia phones to name few use POP3 and IMAP to receive emails. That means it is not data that is encryption, just a network connection. Splitting SSL connection on a border gateways is not new, so the question is. Is it being already done? Would device give any warnings of untrusted certificate? And even if they did, users might not have any other choice than accept it in order to receive and send emails.

This reinforces the security principle that secure should be applied oat various levels, more where it actually protects data. Seems like RIM approach to email security is paying off.

What are your thoughts?

- Posted using BlogPress from my iPad


Post a Comment