On the surface, it seems nice that RIM averts BlackBerry ban in UAE. For those who actually knows more about security like Bruce Schneier, here he talked about the possible price RIM might have paid in detriment to RIM users’ secure communications. Have a read of this telling excerpt,
“Am I missing something here? RIM isn’t providing a file storage service, where user-encrypted data is stored on its servers. RIM is providing a communications service. While the data is encrypted between RIM’s servers and the BlackBerrys, it has to be encrypted by RIM — so RIM has access to the plaintext.
In any case, RIM has already demonstrated that it has the technical ability to address the UAE’s concerns. Like the apocryphal story about Churchill and Lady Astor, all that’s left is to agree on a price.”
Without transparency of the compromises made, reading the following gives me no additional confidence of RIM’s “promise”,
“In a response to news of the agreement with the UAE, a RIM spokesperson e-mailed CNET the following statement dated today:
“RIM cannot discuss the details of confidential regulatory matters that occur in specific countries, but RIM confirms that it continues to approach lawful access matters internationally within the framework of core principles that were publicly communicated by RIM on August 12.””
The following excerpted opinion makes sense to me,
“I’m actually sympathetic to the need for government to engage in surveillance where appropriate. But even if you think you can trust the government not to abuse this access—and I don’t think you can—backdoors in systems like RIM’s Blackberry e-mail may become available to other parties, including criminal enterprises.”