Encrypting mobile communication

This is very interesting to me:

More than a million BlackBerry users may have key services in Saudi Arabia and
the UAE cut off after authorities stepped up demands on smartphone maker
Research In Motion for access to encrypted messages sent over the device.

BlackBerry’s Messenger application has spread rapidly in the Gulf Arab region
but because the data is encrypted and sent to offshore servers, it cannot be
tracked locally.

“Certain BlackBerry services allow users to act without any legal
accountability, causing judicial, social and national security concerns,” the
United Arab Emirates’ Telecommunications Regulatory Authority (TRA) said in a
statement.

India raised similar security concerns last week, and Bahrain in April warned
against using BlackBerry Messenger to distribute local news. As far back as
2007, France cautioned officials about using the services.

Indian security officials were concerned that BlackBerry’s encrypted data
could be used to coordinate acts against the state. They have clamped down on
mobile phone operators in the wake of 2008 attacks that killed 166 people in
Mumbai.

Sure, secure communications can “be used to coordinate acts against the state”. But secure communications can be used to secure the Jews in your attic too.

There is a lot of secure communications that goes on with Windows Phone 7 too. I wonder if any of it will run afoul of repressive government laws.

I may have to write an app for defeating such laws if things progress to far in that direction. It consumes more bandwidth but it’s possible to create communication channels that are essentially invisible while in plain sight and encrypt them as well. I’ve done this before with another app but sort of lost interest when we started winning the gun rights war in this country. I might have to fire up that project again.

Share

13 thoughts on “Encrypting mobile communication

  1. And what would be the purpose of that? So that we could overthrow the government in this country? Or are you hoping others are going to overthrow the government in other countries, like, oh, India? Or maybe you just want to help terrorists plan their next bombing?

  2. Wow, the Wahabists are way behind the times. Our Infallible Legislature dictated years ago that any of this stuff is discoverable in a federal case, and furthermore those who accept federal funds are compelled to spy on any and all types of communications within their organization, and store those for an indefinite amount of time. Presumably the organization is also supposed to violate the DMCA and find a way to break the encryption, too.

  3. Doesn’t seem like they thought this through very well.

    Old school technology such as the Beale cipher and the Enigma machines have remained uncracked for decades. The Beale cipher is so simple I did it as a 1st year Computer Science project. Programs like Tor make it practically impossible to trace which packets went where. Of course, this is all excluding the fact that even better systems such as PGP are now available, along with complete tutorials and freely available packages. Even encrypting as a base64 string and stripping out unused characters often obfuscates enough that something cannot be easily read.

    “Brick walls” are only there to keep the people out that don’t want it bad enough. For a sufficiently motivated set of individuals, such things are easily overcome. Not to mention, in reality, they don’t have to make it impossible to decode, just impossible enough that it can’t be done with enough time to react.

  4. And just what is wrong, exactly, with co-ordinating acts against the State? Isn’t that what the Committees of Correspondence were for?

    Oh, that tea tax? That was the least of it. I don’t remember where, but I did read that the really swingeing new taxes in the 1770s were taxes on paper, which was used for, well, correspondence, and pamphlets. The State always wants to control information. One of the first things Abe Lenin did after his inauguration in 1861 was grab copies of everybodies’ emails. (Email was done manually then, and called telegraphy.)

  5. No cypher is proof against, um, “arm-twisting.”

    I mind a story from the last days at Corregidor, in 1942. The senior officer in the Navy (or crypto) tunnel was seen stripping and cleaning his 1911. One of his juniors asked if he was preparing for a last stand. The senior guy replied that no, he was preparing to shoot the questioner and the other staff, and then himself, if push came to shove. He didn’t have to do that; that bunch got out on one of the last subs.

  6. Ubu52 wrote:

    And what would be the purpose of that? So that we could overthrow the government in this country?

    No. In the most generic version is would enable one to “hide Jews in your attic” and protect them. Haven’t you read my Jews in the Attic Test?

    More specifically it would enable the exercise of the right to freely associate with others when that association is being infringed. Examples might include homosexuals, women seeking an abortion, oppressed religions, women seeking escape from an abusive spouse/boyfriend, etc.

    Secure communication is part of the right to free speech and freedom of association. Face to face communication is generally more secure than electronic communication but why should it be? Why should the government have the power to listen in on all your phone calls any more than it can listen in on all your face to face communications? Why shouldn’t an email I send to my kids be just as secure and private as a conversation I have with them while on a walk in the deep woods?

    If the government says they should have the power to listen in to all cell phone communications does that means once the technology exists to record (or transmit) all my utterances they should have access to everything I say too?

    I want to enable freedom. Sometimes that means building new tools. Tools can be abused but the problems associated with the abuse of those tools are much more benign and easily managed than the problems associated with the lack of freedom.

  7. Joe: You took the words out of my mouth. The benefits of strong crypto far, far outweigh any negative effects.

    To add to this discussion, I’d like to add Phil Zimmermann’s comments regarding strong crypto in the digital, post-9/11 world.

    If we ever meet up in person, care to exchange signature on PGP keys?

    /uses strong crypto wherever he can, from SSL/TLS connections for websites and mail servers, to PGP or S/MIME for email, to TrueCrypt full disk encryption on computer hard disks.
    //I have nothing to hide, but I still value my privacy.

  8. Quite. For several years, I’ve summarized my objections to some of the more onerous provisions of surveillance in the PATRIOT Act and other such legislation with the aphorism, “Never grant to a John Ashcroft the power and authority you wouldn’t want wielded by a Janet Reno.” In other words, just because you trust the good intentions of the person who will be exercising the office which you propose expanding, does not mean that expanding that office is a good idea, as the person you trust will not hold that office forever. (As an aside, I’ll admit to getting some amusement out of watching hard-right Republicans sputter over that aphorism…)

    Even granting arguendo their good intentions (debatable, but in a separate topic, please!) I wouldn’t even trust myself with some levels of power, let alone the officeholders of at least the past six administrations, and the historical record doesn’t recommend much for the administrations from before I can remember. Certainly, I do not trust the governments of Saudi Arabia, India, and the UAE. Why make it easy for them to read the mail of their dissidents?

  9. BTW, ubu52 – flag on the play for Logical Fallacy: to wit, a variation on ad Hominem, wherein you rhetorically limit the motives for ensuring privacy of individual communications to only nefarious ones, ignoring Mr. Huffman’s explicit citation of “Jews in the Attic”.

    Please. Do better…

  10. This simply illustrates what everyone familiar with crypto already knows: Windows Phone 7 crypto (and the rest of Microsoft’s crypto stack) is only legal in Saudi Arabia and the UAE because it is already compromised for state access. A few years ago there was a dust-up due to US government concerns about the Blackberry email servers being hosted in Canada. That concern was mitigated when RIM agreed to provide unlimited access to the US government for all Blackberry traffic worldwide.

  11. So ubu52 does not like arms or crypto. Is there anything you do like?

    Uby, when are you going to start attacking college math/engineering/physics education? After all, they can make scary thing like guns, drones, atomics, crypo tools. Education is scary, no? Ban it for the children.

  12. I belive I mentioned it here that anybody with a basic understanding of High school chemistry knows what was missing from the Time Square car bomb, and it is an ingredient ANYBODY can get their hands on with as little effort as he got the propane tanks.

    Joe makes explosives for fun, and while he’s a damn smart guy, I suspect he doesn’t need to use too much brain power to make a BIG BOOM.

    Hell most of my High school and College chemistry courses had large sections on what could easily be turned into bomb-making 101. Some units were “This is the difference between a primary and a secondary explosive, and why”, some were “Never do this this way as the end result would be a bomb and we don’t want anything blowing up”

    Hell a half-baked drop-out in my high school did some jail time for breaking into a science lab for bomb-making materials.

    Chris is right, we should ban schools, as well as books.

Comments are closed.