Strange Connection between NSA and Ontario Tech firm [Globe]
-
This. If BlackBerry caves when lesser players like India and Arab governments squawk in order to gain access to their markets, why would anyone think that BlackBerry doesn't cooperate with the the US/Brit world superspy engine? The regulated carriers all cooperate with the spies, why wouldn't FCC approved manufacturers cooperate? They probably must ... or no approval for access to the market!01-20-14 10:29 AMLike 3 - Unfortunately if you have followed the ongoings with BlackBerry over the last couple years, you will see a trend with bad news and bash articles following any sort of good news. And I'm not saying the Globe and Mail wrote this to undermine the DOD decision (if in fact those rumors are true).
Many people in great positions of power and influence (many who are short on bb) stand to lose a lot if Blackberry were to make a comeback and market rally. Likely the same people who have influence over what articles and stories are pushed in the media. Call it a conspiracy theory if you want but if you don't believe that stuff happens all the time then you are very naive my friend. Do some research and you will find out that it's a small hand full of people in the US who control over 80% of the media. It's not hard to influence the masses when this is the case.
Posted via CB10
I completely agree with you that there are machinations occurring in our society, even at this very moment, that certain individuals would not want the public-at-large to know about. I am definitely not unaware of the world's lack of altruism, especially when it comes to government and corporate entities. However, I still have to disagree with you about The Globe and Mail's intentions here. To say that they published this article in response to the recent DOD decision just seems far-fetched to me. Sorry; just differing opinion, I suppose.01-20-14 10:29 AMLike 0 -
Count on the statements being incomplete, as they have been in the past, yet enough to satisfy less insightful (most) people:
"BlackBerry does not have the keys to encryption or access to a back door."
Okay. Fine. Does anyone else have keys to the encryption or access to a back door? Some "secret court" perhaps?KoreyTM and Grumblegrumble like this.01-20-14 10:35 AMLike 2 - I completely agree with you that there are machinations occurring in our society, even at this very moment, that certain individuals would not want the public-at-large to know about. I am definitely not unaware of the world's lack of altruism, especially when it comes to government and corporate entities. However, I still have to disagree with you about The Globe and Mail's intentions here. To say that they published this article in response to the recent DOD decision just seems far-fetched to me. Sorry; just differing opinion, I suppose.
Posted via CB10KoreyTM likes this.01-20-14 10:39 AMLike 1 - Official response via my channels from Blackberry -
“BlackBerry does not use the Dual EC DRBG algorithm in our products. We work closely with certification authorities around the world to validate the security of our products, and remain confident in the superiority of our mobile platform for customers using our device and enterprise server technology. BlackBerry public statements and principles have long underscored that there is no 'back door' to our platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications.”01-20-14 11:15 AMLike 2 - Official response via my channels from Blackberry -
�BlackBerry does not use the Dual EC DRBG algorithm in our products. We work closely with certification authorities around the world to validate the security of our products, and remain confident in the superiority of our mobile platform for customers using our device and enterprise server technology. BlackBerry public statements and principles have long underscored that there is no 'back door' to our platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications.�
Posted via CB1001-20-14 11:17 AMLike 0 - Official response via my channels from Blackberry -
“BlackBerry does not use the Dual EC DRBG algorithm in our products. We work closely with certification authorities around the world to validate the security of our products, and remain confident in the superiority of our mobile platform for customers using our device and enterprise server technology. BlackBerry public statements and principles have long underscored that there is no 'back door' to our platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications.”
Edit: I just read the "my channels" part of your post. So there's no way to authenticate what you just wrote here.01-20-14 11:18 AMLike 0 - Sorry Folks,
I mean that I received the reply directly from BB to my email address. I have a T support contract with BB and asked my support account manager for an official response today. The article states that BES10 employs the algorithm so I had to find out.
According to the response I received they do not use the algorithm at all so the article is mostly moot aside from the fact that BB owns the patent on it.
Below is what I mailed in and follows in the response with names removed Feel free to ask BB yourself if you have a T support code.
Cheers
From: xxxxx
Sent: Monday, January 20, 2014 10:59 AM
To: xxxxx
Subject: Globe and Mail
Quite the bombshell in the paper today – Does BB have an official statement to this?
The strange connection between the NSA and an Ontario tech firm - The Globe and Mail
It essentially says BES10 is compromised as it employs Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator).
Can I get a technical statement if possible to let me know what part of BES10 employs DEC?
Thanks,
xxxx
From: xxx [mailto:[email protected]]
Sent: Monday, January 20, 2014 xxxxx PM
To: xxxxx
Subject: RE: Globe and Mail
Hey sentin709 (changed),
Here is the official reply from our Security team:
“BlackBerry does not use the Dual EC DRBG algorithm in our products. We work closely with certification authorities around the world to validate the security of our products, and remain confident in the superiority of our mobile platform for customers using our device and enterprise server technology. BlackBerry public statements and principles have long underscored that there is no 'back door' to our platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications.”01-20-14 11:31 AMLike 4 - Sorry Folks,
I mean that I received the reply directly from BB to my email address. I have a T support contract with BB and asked my support account manager for an official response today. The article states that BES10 employs the algorithm so I had to find out.
According to the response I received they do not use the algorithm at all so the article is mostly moot aside from the fact that BB owns the patent on it.
Below is what I mailed in and follows in the response with names removed Feel free to ask BB yourself if you have a T support code.
Cheers
From: xxxxx
Sent: Monday, January 20, 2014 10:59 AM
To: xxxxx
Subject: Globe and Mail
Quite the bombshell in the paper today – Does BB have an official statement to this?
The strange connection between the NSA and an Ontario tech firm - The Globe and Mail
It essentially says BES10 is compromised as it employs Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator).
Can I get a technical statement if possible to let me know what part of BES10 employs DEC?
Thanks,
xxxx
From: xxx [mailto:[email protected]]
Sent: Monday, January 20, 2014 xxxxx PM
To: xxxxx
Subject: RE: Globe and Mail
Hey sentin709 (changed),
Here is the official reply from our Security team:
“BlackBerry does not use the Dual EC DRBG algorithm in our products. We work closely with certification authorities around the world to validate the security of our products, and remain confident in the superiority of our mobile platform for customers using our device and enterprise server technology. BlackBerry public statements and principles have long underscored that there is no 'back door' to our platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications.”01-20-14 11:46 AMLike 0 - While that's helpful, I've dealt with many account managers in my time, some better than others. I just can't, in good conscience, take the word of one man as gospel without the company itself (or maybe a Blackberry white paper?) backing up his claims. I'd rather get a definitive response from Blackberry in regards to The Globe and Mail's article.01-20-14 12:06 PMLike 3
-
Posted via CB10. Join C001A8DC6 for bento-inspired lunch ideas01-20-14 12:14 PMLike 0 - Official response via my channels from Blackberry -
“BlackBerry does not use the Dual EC DRBG algorithm in our products. We work closely with certification authorities around the world to validate the security of our products, and remain confident in the superiority of our mobile platform for customers using our device and enterprise server technology. BlackBerry public statements and principles have long underscored that there is no 'back door' to our platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications.”CerveloJohn likes this.01-20-14 12:35 PMLike 1 -
and I agree with the previous statements of what would make you think BB does not work with the US/Brit gov. Not for spying, but to even be allowed to sell in the US. If you dig around the net you can find past articles of BB almost- to being banned in some countries for failing to give up the keys to their system.
The problem does still lay at hand: The fact that BB knew of this flaw before the purchase and continued to implement it anyway. (was/is this part of a gov. requirement?)
A statement will be nice to hear indeed.
edit:cleanupLast edited by Grumblegrumble; 01-20-14 at 01:35 PM.
01-20-14 12:37 PMLike 0 - And for those whose heads are completely buried in the sand who think we in the US are protected against spying by our courts which are vigilantly upholding our Constitution, from the Guardian/Snowden revelations it's clear that the Anglo-American/NSA spying is exponentially more Orwellian than any spying by the small-time governments considered "less free" by the West that were demanding access to the big kids' table.savvy_cowgirl likes this.01-20-14 01:21 PMLike 1
- That's true, but BlackBerry could also decline to license ECC to them.
Posted via CB10. Join C001A8DC6 for bento-inspired lunch ideas
http://www.theguardian.com/business/...nessofresearch
Posted via CB1001-20-14 01:31 PMLike 0 - Blackberrry is using the same stuff but they using different keys and they have another algorithm witch is not breakable with some keys which seems to be the sum for all information.01-20-14 01:32 PMLike 0
-
But in light of that, if you're making a claim here that Blackberry is using an "algorithm witch [sic] is not breakable", then I'd like to see your source for this information.Grumblegrumble and Karan Mohal like this.01-20-14 01:45 PMLike 2 - Interesting article from January 15th
Digital Dao: Guess Who Owns The Patent to RSA's Backdoor Algorithm? Blackberry01-20-14 03:14 PMLike 0 - Make it so. We need more transparency. BlackBerry should come clean, make this 100% clear. It's too important to have half-assed answers and obfuscation. Come out with it, officially, clearly, 100%, no Clintonesque answers. Without coming clean 100% there will always be doubt.01-20-14 03:31 PMLike 0
- SMH!! These stupid media will never give up until they destroy BlackBerry. What a timing and coincidence for Globe & Mail to write this article as soon as BBRY stocks has began going up.
The onus is not on BlackBerry to prove or disprove this purported allegation. Globe should prove it beyond any shadow of doubts.CerveloJohn likes this.01-20-14 03:34 PMLike 1 -
- You are right about the purchase being made after the patent for the flawed encryption was already established. However:
"In 2007, two Microsoft researchers showed that the algorithm contained a set of constants that, when combined with a secret key, could essentially break the encryption generated by Dual_EC. In effect, Dual_EC implemented in the real world a version of the backdoor described in the Certicom patent.
Nobody could say for certain who had the secret key. But the very existence of such a backdoor caused security researchers to strongly urge a boycott of Dual_EC.
�While we were saying don�t use it, don�t use it, government contractors were demanding it,� security researcher Bruce Schneier said."
If you noticed, before BBRY's purchase of Certicom in 2009, the cryptography community already knew the backdoor existed since 2007 and was actively trying to fight against the use of the compromised encryption. So while Blackberry did buy Certicom after Certicom had already created the compromised encryption, Blackberry purchased the company and the patent knowing that the problem existed. Not only that, but Blackberry exacerbated the problem by also knowingly including a compromised form of encryption into their BES services. This is the actual issue, and it's quite a problem.
1. You are making assumption that BlackBerry ought not to buy Certicom just because of one perceived faulty encryption method. This, I challenge because I find such a notion flawed. It is not within BlackBerry's interest to purchase an entire company just for the intention for one spesific flawed algorithym.
2a. You are making assumptions that BlackBerry used the Certicom's BES certificates on the level with the intention of allowing NSA to break into BES encryption. Even BlackBerry had publicly admitted that it does not have backdoors into its own BES, and it would risk a lot to allow itself to have one.
2b *update*: another poster went all out and clarified that BlackBerry has not publicly stated whether they are or not using the dual_eg encryption in question, but reiterated the "no backdoors on our own product" stance.
3. Another reports made earlier stating that the entire dual_eg was designed somewhere in the 2000. Filed in 2005, granted in 2013. Are you saying that BlackBerry is now responsible for allowing NSA to snoop in on every other devices? BlackBerry did not promote dual_eg algorithym. Guess who did? However, BlackBerry *now* owned the company that hired the guys that co-owned the patterns that were co-holders of the patent, and therefore all the blame falls squarely on BlackBerry's shoulders, and BlackBerry is actively helping NSA to snoop upon others for *insert whatever unicorn reasons*. I find that thought ridiculous. What does it benefit BlackBerry to do so?01-20-14 03:58 PMLike 0 - The very real chance for glaring misinterpreted data to falsely be used to ruin a person's life aside, I prefer data to be collected by the government than by corporations and small "companies" (aka app makets). The government I'd less likely to sell the data to people who will use it to annoy or discriminate against people. That said, as we have seen with recent leaks, governments aren't doing a particularly wonderful job of safe guarding the data they collect, so I really don't support data collection by any entity. It is only a matter of time before it is used against "normal people" to extort even more money than we already are expected to hand over for goods services, fees, and taxes.
Remember that movie where the guy couldn't go to space and had to be a janitor, because his genes indicated he might be a liability? Sadly, all of that and more is on its way if folks let it happen. I feel for my kids, because this world has lost its sense and I really don't know if it will be recovered.01-20-14 04:05 PMLike 0 - The very real chance for glaring misinterpreted data to falsely be used to ruin a person's life aside, I prefer data to be collected by the government than by corporations and small "companies" (aka app makets). The government I'd less likely to sell the data to people who will use it to annoy or discriminate against people. That said, as we have seen with recent leaks, governments aren't doing a particularly wonderful job of safe guarding the data they collect, so I really don't support data collection by any entity. It is only a matter of time before it is used against "normal people" to extort even more money than we already are expected to hand over for goods services, fees, and taxes.
Remember that movie where the guy couldn't go to space and had to be a janitor, because his genes indicated he might be a liability? Sadly, all of that and more is on its way if folks let it happen. I feel for my kids, because this world has lost its sense and I really don't know if it will be recovered.
Posted via CB1001-20-14 04:08 PMLike 0
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
Strange Connection between NSA and Ontario Tech firm [Globe]
Similar Threads
-
Need a Bluetooth headset capable of pairing to two phones. (Z10 and iPhone 4S)
By danjv1 in forum BlackBerry Z10Replies: 19Last Post: 07-16-14, 12:23 PM -
Can't open links or even Browser on my Bold 9900
By ummusabbar in forum BlackBerry Bold SeriesReplies: 3Last Post: 01-21-14, 12:23 PM -
BB 10 and Corporate contact details
By smguy7 in forum BlackBerry 10 OSReplies: 2Last Post: 01-20-14, 05:02 PM -
Vector 27: Top tech trends of 2014!
By CrackBerry News in forum CrackBerry.com News Discussion & ContestsReplies: 0Last Post: 01-20-14, 04:30 PM -
[VIDEO] SIM Card Adapter HOW-TO for multiple devices and tips to avoid Kevin's costly mistake
By edyb in forum General BlackBerry News, Discussion & RumorsReplies: 6Last Post: 01-20-14, 02:04 PM
LINK TO POST COPIED TO CLIPBOARD