India and communications companies are still (were?) at loggerheads over the use of encryption technology, the same technology that powers AlertBoot endpoint encryption software. It was reported today that, in addition to RIM–the operators of BlackBerry devices–and Skype, Google has been asked to provide access to encrypted information.
Issue Ongoing from July
I’ve already covered the story back in early July, when there were rumors that BlackBerries would be banned in India as well as Saudi Arabia; the latter relented from banning BlackBerry service, although it looks like some kind of compromise was reached in August.
Not so with India. As I noted in my post from July, India’s Department of Telecommunications had initially denied the rumors of a BlackBerry ban. Today, we find the Union Home Secretary stating that “People who operate communication services in India should have a server in India and give data and communication access to law enforcement agencies,” per tribuneindia.com, essentially confirming the original rumors (personally, I don’t think too many believed the initial statements regarding the rumors.)
It was pointed out that Skype and Google would also have to do the same. Nokia has already agreed to set up their servers within India. And, it looks like RIM has agreed to do the same. You can read here what that means for people who rely on their BlackBerry devices for communications security.
Google’s presence in the latest news surrounding the issue is of note: it’s probably due to their recent debut of Google Voice in Gmail.
If you’re a casual reader of data security news, you might have come across statements such as, “encryption is worthless. I could crack that stuff in less than a day. Proof: all those DVDs that are supposedly protected with encryption but have been cracked, time and again.”
Sure. And there’s no difference between a Ford Focus and a Hummer, because they’re both vehicles available to civilians. You could totally crack open a Hummer with a can opener, just like the Focus. (I’m being sarcastic, by the way.)
In a sense, the encryption that protects DVDs from piracy is the same technology that protects the above companies’ communication channels. However, a DVD player is not the most powerful of devices. Using strong encryption would severely slow down the performance of the device for what is an entertainment device that needs to be cheap enough for the masses.
Long story short: there is such a thing as weak encryption out there, and it has its use. In communications devices designed for professionals or with security in mind, strong encryption is used. The difference between them is night and day.
Which is why you’ve got governments “asking” for access. So much for encryption being worthless.
Related Articles and Sites: