The Guardian has continued with its promised leaks from NSA whistleblower Edward Snowden. The latest ones talk about data the NSA accessed at the 2009 G20 Summit and includes mention of accessing delegates email and phone calls. I am confident that any BES emails would not be able to be tapped by the NSA unless they magically managed to break 3DES or BlackBerry has given them a backdoor that they vehemently deny doing and would be technically improbable.
My guess is that there were delegates using BIS email that is sent in clear text between the BIS infrastructure and email providers like Gmail that anyways send email unencrypted. BlackBerry put out this response in regard to the allegations:
"While we cannot comment on media reports regarding alleged government surveillance of telecommunications traffic, we remain confident in the superiority of BlackBerry’s mobile security platform for customers using our integrated device and enterprise server technology," a BlackBerry spokeswoman said in a statement. "Our public statements and principles have long underscored that there is no ‘back door’ pipeline to that platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications."
In short I would not worry about BES emails being decrypted unless you are sending them outside of your organization after which it really is out of BlackBerrys hands. Also once you realize how the internet backbone works and how much data carriers are storing or buffering (loads of netflow data) then you start becoming a little disenchanted by the government snooping in your personal information. I am just hoping this revelation about the total invasion of privacy by spy organizations will lead to a limitation in the scope of such unwarranted invasions.
Will Cooper ( View Profile) - Posts: