1. donnation's Avatar
    Has BB ever come it and said "the NSA has no way of tracking your data through our phones."

    To me this could be a huge selling point for them as there are plenty of people out there that this would be a big deal to.

    If they haven't commented on this or outright said "the NSA has no way of getting your data through our phones" then why haven't they said this?
    03-22-14 11:09 PM
  2. anon721037's Avatar
    Has BB ever come it and said "the NSA has no way of tracking your data through our phones."

    To me this could be a huge selling point for them as there are plenty of people out there that this would be a big deal to.

    If they haven't commented on this or outright said "the NSA has no way of getting your data through our phones" then why haven't they said this?
    Are you quite sure they can't,
    03-22-14 11:11 PM
  3. BigBadWulf's Avatar
    Probably because the only thing that can stop the NSA, is an act of Congress.
    MADBRADNYC likes this.
    03-22-14 11:12 PM
  4. BlackBerry Guy's Avatar
    I'm not sure it would be completely accurate if they just came out and said it in a blanket statement. The device and it's setup (ie. BES) provide for varying levels of security. The biggest disservice you can do your customers is having them buy a device on a consumer plan, yet allow them to falsely believe they have enterprise grade security.


    Posted via CB10
    03-22-14 11:25 PM
  5. Mangelhaft's Avatar
    I'm not sure it would be completely accurate if they just came out and said it in a blanket statement. The device and it's setup (ie. BES) provide for varying levels of security. The biggest disservice you can do your customers is having them buy a device on a consumer plan, yet allow them to falsely believe they have enterprise grade security.
    Posted via CB10
    First of all, the NSA would need a FISA or other warrant to collect. If a warrant were obtained, they would not collect from the device itself, but from the radio transmissions. Though it would be much easier to present the warrant to the mobile carrier and have them funnel the transmissions to the NSA, much like Law enforcement does when wire tapping POTS lines directly from the central office. Digital transmissions are only as secure as the encryption, but if they are flying through the air, anyone can collect, and with the right equipment and knowledge, they can be monitored. This is why Government and Military COMMS are encrypted before transmission.

    Motto from a previous profession: "If you do not want us listening, don't transmit."
    03-22-14 11:39 PM
  6. Alain_A's Avatar
    First of all, the NSA would need a FISA or other warrant to collect. If a warrant were obtained, they would not collect from the device itself, but from the radio transmissions. Though it would be much easier to present the warrant to the mobile carrier and have them funnel the transmissions to the NSA, much like Law enforcement does when wire tapping POTS lines directly from the central office. Digital transmissions are only as secure as the encryption, but if they are flying through the air, anyone can collect, and with the right equipment and knowledge, they can be monitored. This is why Government and Military COMMS are encrypted before transmission.

    Motto from a previous profession: "If you do not want us listening, don't transmit."




    right
    03-22-14 11:51 PM
  7. mscooley's Avatar
    Logically, it would make sense to capitalize on such, BUT remember this....the US government is a key area for BlackBerry enterprise wise, so strategically it's better to flex their solutions in action than on TV and in ads.

    @kmcooley | Channel: C00219967
    03-22-14 11:52 PM
  8. Bla1ze's Avatar
    First of all, the NSA would need a FISA other warrant to collect.
    Has BB ever commented on the NSA?-youre-serious.jpg
    03-22-14 11:54 PM
  9. Omnitech's Avatar
    Has BB ever come it and said "the NSA has no way of tracking your data through our phones."

    To me this could be a huge selling point for them as there are plenty of people out there that this would be a big deal to.

    If they haven't commented on this or outright said "the NSA has no way of getting your data through our phones" then why haven't they said this?

    No doubt it could be a "huge selling point".

    There's a billboard up near the freeway in SF by a cloud storage company who claims to be "NSA Proof". I almost laughed my head off.

    First of all, there is the problem that making such bold claims entails a leap of faith that is not credible. There are too many potential methods for an agency like the NSA to get their hands on your data that someone making such a claim simply cannot know all of them.

    The cloud provider whose billboard I was laughing at apparently bases their claim upon the fact that they AES encrypt customer data and don't possess the AES key, only the customer does. (Well, in theory anyway. )

    But what if it turns out - and some have speculated upon this - that the NSA has some sort of technique that allows them to break AES encryption? What if the cloud provider - as I suspect is true in the case I'm thinking of - has one or more weaknesses in the way they pass the customer's AES key to their system, or in how they encrypt the incoming data?

    So in a nutshell, it's probably pretty irresponsible for anyone to make a claim like "We are NSA proof".

    Then the second issue with BlackBerry in particular is - government, military and law-enforcement organizations are key clients of BlackBerry. I've seen quite a bit of evidence that BlackBerry is none too interested in tweaking these key customers of theirs by promoting their products as a way to circumvent the mission of those customers of theirs.

    And if you did not already know - the NSA actually licenses certain types of encryption technology from BlackBerry - the NSA is a direct customer of theirs.

    So as much as I would love to see it myself, I rather doubt we will be seeing BlackBerry promoting their products as perfect for subverting the NSA.
    Bungalow_Bill likes this.
    03-22-14 11:58 PM
  10. Omnitech's Avatar
    Click image for larger version. 

Name:	youre-serious.jpg 
Views:	561 
Size:	125.2 KB 
ID:	257504

    Haha, you beat me to it.
    03-22-14 11:58 PM
  11. Bla1ze's Avatar
    I'm not sure it would be completely accurate if they just came out and said it in a blanket statement. The device and it's setup (ie. BES) provide for varying levels of security. The biggest disservice you can do your customers is having them buy a device on a consumer plan, yet allow them to falsely believe they have enterprise grade security.


    Posted via CB10
    ^^

    This. Enough people already believe their regular off the shelf BlackBerry is 'secure' when that's not reality. It needs BES backing to ensure what people think BlackBerry offers exists on THEIR BlackBerry. Long story short, BlackBerry could never come out and say anything definitive because realistically, they don't even know. It's not as if the NSA is willingly handing out lists of things that aren't secure.
    03-22-14 11:59 PM
  12. ravenskman1's Avatar
    That's probably a fight they don't want to pick.
    03-23-14 12:11 AM
  13. Mangelhaft's Avatar
    "Any lock can be picked."

    Hardware is only one part. It is the software that does the encrypting/decrypting. There are many different methods. BlackBerry's hardware is great coupled with their OS. Has anyone successfully "gone root" on a BlackBerry Device? Not in a while. The US Government and Military, as well as those of other countries, use BlackBerry devices because of their hardware security and the ability to load additional encryption keys.

    There are many types of encryption keys: Civilian/consumer/commercial, Enterprise, and Government/DoD. Each type has certain restrictions, uses, and complexity. I find it interesting when people brag about 128-bit encryption when I dealt with 1024-bit encryption schemes. It is a matter of method and complexity of encryption.

    Why are so many people concerned about the NSA, anyway? They are really not that interested. I would be more worried about local law enforcement. I have nothing to hide, but that is not consent for monitoring. However, if anyone were to collect my transmissions, they would be quite bored.

    And yes, warrants are required. If any of the conspiracy theorists of those who doubt the use or need of warrants, ever worked with the NSA and experienced the oversight, they would change their thinking.
    03-23-14 12:37 AM
  14. BlueStreak67's Avatar
    Are you quite sure they can't,
    The strange connection between the NSA and an Ontario tech firm - The Globe and Mail

    Interesting article linking BlackBerry and NSA.
    03-23-14 12:55 AM
  15. Omnitech's Avatar
    I find it interesting when people brag about 128-bit encryption when I dealt with 1024-bit encryption schemes. It is a matter of method and complexity of encryption.
    I hope you're not thinking about the assymetric public key algorithm used for encrypting the symmetric encryption key (ie RSA, can go up to 4096 bits or more) rather than the symmetric block cipher for the data stream. (ie AES, maximum bit size 256) The public key algorithm almost always has a much higher bit size because it is only dealing with a little tiny piece of (rather critical) data. They are often used together in public key cryptography, ie SSL.


    Why are so many people concerned about the NSA, anyway? They are really not that interested.
    Ah, another comedian.


    And yes, warrants are required. If any of the conspiracy theorists of those who doubt the use or need of warrants, ever worked with the NSA and experienced the oversight, they would change their thinking.
    Maybe you should update yourself on the current events over the last year or two.
    anon721037 likes this.
    03-23-14 01:41 AM
  16. Omnitech's Avatar

    Couple comments about that article:

    DUAL_EC_DRBG is not an "encryption algorithm", it is a random number generator. And while RNGs are surely a critical part of an encryption system, they are not actually the "encryption algorithm".

    It also paints Microsoft as some kind of good guy because a couple of their employees wrote a paper about weaknesses in DUAL_EC_DRBG. What the article fails to point out is that Microsoft Windows ever since Vista has included DUAL_EC_DRBG in its set of available PRNGs. (Programmable Random Number Generators) If Microsoft was so convinced of the evilness of that algorithm (and assuming they are not interested in being evil - I know that's a leap ), one would have expected them to remove it.

    ECC (Elliptic Curve Cryptography) itself is quite secure, this is a key reason why the NSA licenses this from BlackBerry. The fact that DUAL_EC_DRBG is based on ECC concepts does not automatically mean that anything based on ECC is compromised, it is that specific PRNG algorithm that is thought to be compromised.

    I also have not seen any specific documentation from Snowden or anyone else that NSA absolutely and incontrovertibly possesses a "backdoor" to DUAL_EC_DRBG, though there have been some smoking guns. Re: the $10M that RSA was paid by NSA, as far as I know people simply assumed that this was directly connected to RSA's usage of DUAL_EC_DRBG, I've seen no actual proof of this and RSA specifically denies it.
    anon721037 likes this.
    03-23-14 02:00 AM
  17. sixpacker's Avatar
    The solution here is not a technological one. The nsa, and other agencies, need to be reformed do that they are democratically accountable and legally held to account for their actions. We need to make government serve the people once more, not their own self interest.
    medic22003 likes this.
    03-23-14 02:41 AM
  18. Mangelhaft's Avatar
    I hope you're not thinking about the assymetric public key algorithm used for encrypting the symmetric encryption key (ie RSA, can go up to 4096 bits or more) rather than the symmetric block cipher for the data stream. (ie AES, maximum bit size 256) The public key algorithm almost always has a much higher bit size because it is only dealing with a little tiny piece of (rather critical) data. They are often used together in public key cryptography, ie SSL.
    Not at all.

    Ah, another comedian.
    Just speaking from experience.



    Maybe you should update yourself on the current events over the last year or two.
    As I said, if anyone has worked for or with the NSA, they would know what oversight there is. Many people think of the NSA as a "Black Box". In many ways it is, for good reason, but it does not pose the threat that people think it does. It does have the capabilities, but there is no need, desire, nor authorization to do so. As I said before, One is more likely to be electronically surveilled by local law enforcement.
    03-23-14 03:06 AM
  19. Omnitech's Avatar
    As I said, if anyone has worked for or with the NSA, they would know what oversight there is.
    I cannot speak for others but I certainly never claimed there was no oversight, I know there's a lot of oversight.

    But the fact that there is a lot of oversight does not mean that everything that should be watched and controlled IS watched and controlled.

    This is the lesson the country has hopefully learned over the last year or two.

    If not, it needs to.
    03-23-14 03:29 AM

Similar Threads

  1. Crackling Sound While Playing Movie on TV using HDMI cable
    By SmileDahling in forum BlackBerry Q10
    Replies: 14
    Last Post: 10-26-14, 08:20 PM
  2. Windermere Concept, based on 4.5" 1:1 screen with toolbelt.
    By SenorPistachio in forum BlackBerry Concepts & Dream Devices
    Replies: 10
    Last Post: 04-05-14, 06:17 PM
  3. cache issue crackberry app for bb 10
    By masterful in forum General BlackBerry Discussion
    Replies: 6
    Last Post: 03-23-14, 11:48 AM
  4. I Cannot Download Snap on my Z30
    By Soda06 in forum More for your BlackBerry 10 Phone!
    Replies: 4
    Last Post: 03-23-14, 04:37 AM
  5. Replies: 4
    Last Post: 03-23-14, 02:11 AM
LINK TO POST COPIED TO CLIPBOARD