[AI] Picking on Blackberry, leaving out web based emails

renuka warriar erenuka at gmail.com
Wed May 21 21:46:07 EDT 2008

Date:22/05/2008 URL: http://www.thehindu.com/thehindu/seta/2008/05/22/stories/2008052250881600.htm 

Sci Tech 

Picking on Blackberry, leaving out web based emails 

On the eve of its tenth birthday, an icon of the Internet Age is making news in India - but for the wrong reasons 

Photo: special arrangement 
Latest model: Blackberry Pearl 8110 (left) the latest model to reach India and the original Blackberry 850 of 1999. - 

Students of English literature will remember the legend of the Viking king Canute who was egged on by sycophantic courtiers to try and stop the ocean's
tide from coming to the shore. When the waves continued to lap at his feet, he concluded: "Let all men know how empty and worthless is the power of kings."

No one could ever stop an ocean wave. There is a new wave today: unstoppable technology. King Canute was astute enough to learn the lesson written in the
wet sand beneath his feet. But it seems today's kings in India - our elected rulers - are yet to appreciate that the march of technology cannot be stopped
by the fiat of government - any government, anywhere. 

They may impose restrictions - admittedly in the public good - but technology will find a way around them. That is the beauty and the power of Internet.
In recent weeks, there has been a lot of media coverage about the efforts of the Indian government to obtain access to the email traffic that flows between
customers using the Blackberry device for their communications. 

It is not clear why government picked on Blackberry's enterprise users in the first place because in most respects they are no different from lakhs of Indian
users of Web based email services provided by international Web players. 

Blackberry is one of the true icons of the Internet Age: Research in Motion, a Canadian company has been around from 1988, but it is only in late 1998,
that it put together the device that we know as the Blackberry today, a hand held terminal that allowed users to write and edit text; send and receive
emails without being chained to a desktop computer. 

It was an idea slightly ahead of its time - but when the global cellular services matured and allowed RIM to combine a mobile phone with the email device,
the Blackberry suddenly became a 'must have' device for the peripatetic executive. 

This was not just the combo of email plus phone that made the Blackberry what it is today: From the very beginning the company, through the mobile service
providers in different geographies, offered a level of secure communications that hitherto was obtainable only if corporates created their own private

It was not enough to own a Blackberry: you had to subscribe to a service (typically costing about Rs.1,000 per month) which assured you state-of-the-art
communication security using encryption standards like the Data Encryption Standard (DES) algorithm and more recently an even more secure Advanced Encryption
Standard (AES), which used what is known as Symmetric Key cryptography. These were technologies first created for national security agencies . today you
and I have access to this level of encryption where the keys are 256 bits long. 

Blackberry users are assured that the servers which house and handle their mail - they are hosted by RIM - will provide them the comfort level that their
own company network could give. And for the money they pay to their service providers be it Airtel or Vodafone or Reliance or whoever - Blackberry customers
are able to keep on the cusp of technology: Last week RSA, the security specialists, created for Blackberry, a new 2-factor secure identification system
known as SecureID token.

WiFi hotspot 

This comes at a time when Blackberry is ready to add WiFi functionality to the cellular device - in other words, you can soon switch to a WiFi hotspot to
send and receive your mails rather than use the costlier cellular service. 

The RSA tool, ensures that by going wireless rather than cellular, the user does not degrade the security of his communication. Amuleek Bijral, RSA's Country
Manager India and SAARC, explained that in effect the SecureID has two components: a 4 to 6 character password that the user has created and the second
part which is a randomly generated number that changes with every use. 

If you lose your Blackberry, no one can crack your identity. Today this is available for Blackberry. Tomorrow RSA will offer it to other smart phones. that
is how technology marches.

"Government is barking up the wrong tree," says Prasanto Roy, Chief Editor of the Dataquest group of magazines. "If it wants complete security and control
on information, it needs to ban email, and thus Internet access. With a BlackBerry or similar services, the mail follows a clear route. It goes through
an Indian telco's server before it's pushed out. The mail can be captured; the origins established. It may not be easy or even possible to decrypt the
mail, but that is the aspect they can focus on, rather than questioning the service itself."

Mr Roy points out that many company mailservers used by Indians, are based in the U.S. "It's outside India's jurisdiction: they cannot legally access a
mailbox on a server outside India. But because I use the BlackBerry service, the mail actually gets routed locally through Airtel. Indian government agencies
have more control over my mail if I use my BlackBerry than if I don't!"

He adds that the real challenge for governments is not getting access to mail servers . But recognizing patterns in the millions of mails that flow through
to identify a threat. In any case there are hundreds of 'anonymizers' - sites which cloak the origin of your mail - and that is just another hurdle that
law enforcements agencies have to address. At the end of the day, technology will continue to empower the world's people - and that will include the good,
the bad and the ugly among them. Governments will need the humility to apreciate this - and the skills to work with it or around it, for the general good


More information about the AccessIndia mailing list