RIM and the Middle East: The journey continues

By Yousif Abdullah on 22 Nov 2010 12:31 pm EST
0
loading...
0
loading...
35
loading...
RIM and the Middle East

It has been a little over two months since I wrote my analysis of RIM in the Middle East. At that time, much was open to discussion and debate, and many questions were waiting for an answer. Now, a lot has changed.

RIM has done great progress in the Middle East and hopefully will continue to do so, but it can not always be good news. During the ongoing struggle between RIM and the needs of Middle Eastern governments, it seems that security and especially consumer privacy have become topics of interest in the media. I shall warn you of the technical content in this article, but do not hesitate to keep reading. Please, be my guest.

Fear, uncertainty, no doubt

The battle between RIM and the Middle East, this is where all began. Before getting to the more interesting stuff, I believe it is of great importance to first define the cause of the "problem" that surrounds my subject. Consumer privacy plays a minor role here, because in many countries, including the United States, citizen activity is already monitored in one way or another. This allows intelligence agencies and other government bodies to record and archive every single move we make - in both our social and digital life. At times, however, even intelligence agencies experience a headache or two.

Let me give you an example. Picture an important enterprise with thousands of employees working together with international clients on a critical project. To protect trade secrets and other vital information from leaking to the public, the enterprise may utilize security solutions that are very difficult to crack, thus making it hard for Big Brother to watch any steps this company may be taking. And this, ladies and gentlemen, is the infamous "problem" I am talking about. The problem extends to the point where in some cases lacking the ability to monitor a corporate network can actually pose a threat to national security. This is especially true for areas surrounded by tensions between bordering neighbors. This also is the point where BlackBerry comes into the picture.

I can almost hear you asking; "When it comes to security, why is BlackBerry always under the gun?". I am glad you asked and let me tell you what differentiates the BlackBerry from the rest: encryption, but not any kind of encryption. I am talking about end-to-end encryption, where data is never decrypted outside of the corporate firewall. Please notice that I mentioned corporate firewall, it is namely a BlackBerry Enterprise Server that can provide this type of encryption. And this is exactly what governments want access to; it is just too tough of a procedure to try and intercept the data that happens over a corporate BlackBerry network. It also is the reason why RIM is being pushed to come up with a "solution" to allow the monitoring of corporate e-mail - RIM came up with its encryption methods in the first place anyway.

Of course, it could be debated as to whether governments truly need that kind of access, but the problem is more complex than it sounds. In addition to fear of the enemy, misuse of a corporate network may occur in various forms such as exercising anti-social behavior, vandalism or engaging in illegal acts that go unnoticed by data monitoring devices used by intelligence agencies. Also, the potential for child pornography to exist on a corporate network is inevitable. Clearly, in the name of legitimate reasons, sometimes access to monitor a corporate network is mandatory. It should be noted, however, that no one - not even RIM - possesses any kind of master key or backdoor to a BlackBerry Enterprise Server. This explains why fulfilling the demands of governments is a task next to impossible for RIM. Or is it?

Stress, tensions and relief

A few weeks ago, when the Indian government pulled back from suspending BlackBerry services in the country, the words "for now" caused fear and anguish to many of us. On Wednesday, a report bearing important information on the subject came up and caused much buzz in the media. An agreement between India and RIM was soon to be reached on lawful access and monitoring of corporate e-mail, or so it was claimed.

According to the report, a series of meetings took place between RIM executives and officials from the Indian interior ministry and intelligence agency last week. The noteworthy? An interior ministry official was quoted for stating "[RIM] has in principle agreed to provide us recorded data from their servers." The news spread very quickly along with much speculation on the matter, but the claims were quickly denied. In an e-mailed statement, RIM said it "has once again found it necessary to address certain media reports in India containing inaccurate and misleading statements and information based on unsubstantiated claims from unnamed sources." To counter the claims of India being granted access to monitor corporate e-mail, RIM also added "the security architecture [for BlackBerry Enterprise Server] is the same around the world and RIM truly has no ability to provide its customers' encryption keys."

Now, the story gets flipped over once more. This time, RIM is confident in resolving the security concerns of the Indian government with mutual satisfaction; "our ongoing discussions with the government of India continue to be very positive and progressive, and we are confident that any outstanding concerns can be resolved to our mutual satisfaction." At the very least, this is proof of RIM actively trying to enhance its relationship with India, but a few questions come to mind requiring answers. For example, what does RIM actually mean with the words mutual satisfaction? Also, will India finally see its dream come true and be able to intercept corporate e-mail, or will perhaps a new regulation in the country require local companies to provide the Indian government with their BlackBerry Enterprise Server keys? Who knows, anything is possible.

For all I know, RIM has been very busy lately and internationally. And given that Indonesia saw the establishment of PT Research in Motion recently, I believe RIM has a few tricks up its sleeve to satisfy the home of parathas and gulab jamun as well. After all, India was blessed with an outstanding TV commercial a few days ago. I am fairly certain that a compromise will be agreed on very soon. And knowing RIM, the news will probably be very exciting. Remember when RIM co-CEO Jim Balsillie said the Emirates is a market that RIM is excited about? I do, and I am looking forward to the day I can report the same about India too!

Conclusions and thoughts

Another day, another struggle I say. Thanks to RIM's efforts in the Middle East, little is to be afraid of regarding the future of BlackBerry out there in this big and wild world. Whether India will give in and drop the need for monitoring corporate e-mail remains a mystery, but I am positive that RIM will find a way to settle any problematic situations. After all, emerging markets have become quite important for our beloved innovative company.

But there is more. To me, RIM has become more than a simple manufacturer of smartphones (and soon, tablets). I mean, have you not noticed? It seems that while everyone else is fighting over the market share pie, RIM is focusing on making BlackBerry available to more people in less technically advanced countries. I must say that RIM deserves my utmost respect for this quality alone. It used to be Nokia and still continues to be today, but very soon BlackBerry is going to surpass the numbers and make headlines everywhere for its success as an international brand. And a quality brand it is, I must add. Thank you.

34 comments

ohad_129

Since when india located at the middle-east?

Yousif Abdullah

I understand that the article is a bit hard to follow, but I am not going to apologize for that. There was a reason as to why I put a warning in the second paragraph in the first place. As the subject continues to be very volatile, it requires much intertextuality. This is the reason why I took India as a perfect example of how discussions between a government and RIM may progress.

I also stated that tighter control of communications is required especially in areas surrounded by tensions between bordering neighbors. Here I was thinking along the lines of Pakistan and India, where tensions continue to be strong due to the recent 2008 Mumbai attacks. And Pakistan is part of the Middle East; India is only a shy bit away from what we geographically mean as the Middle East, but from a cultural perspective India can be linked to the Middle East.

Should there be anything else causing confusion, please tell me and I will try to clarify the situation to the best I can.

Peace,
Yousif.

CurlyFatAngry

Pakistan is in the middle east, but India isn't?? What kind of education did you get man?

Yousif Abdullah

In the traditional sense, you are correct; Pakistan is not part of the Middle East. It is a bordering neighbor to Iran, though, which fits the traditional definition of the Middle East. Given how Pakistan is both religiously and culturally very near the actual Middle Eastern countries, it can be included to the definition of the Middle East as well, depending on context.

Also, ever heard of the term "Greater Middle East"?

Peace,
Yousif.

Ebscer

The fact that you think that things like "exercising anti-social behavior, vandalism" are worth monitoring communications about, and that you think India is in the Middle East, show that you have no clue whatsoever what you are talking about.

Yousif Abdullah

In Middle Eastern countries, social values and norms are vastly different to the Western world. Vandalism is increasingly becoming an issue affecting large groups of people in these areas. Here's a good example: http://f24.my/cFyPYy. The link will open up the story about the mosque near Bethlehem, and how vandalism has brought up flames of conflict between the different countries (in this case, Pakistan and Israel). You maybe had a different thought of what I meant with vandalism, but this particular issue is extremely imminent. Pakistan for example is known to follow Islamic aspects in a strict way, hence the reason why Internet service providers in Pakistan started limiting access to Facebook after the "Draw a Mohammed Day" dilemma.

I believe that I do know what I am talking about, as I am myself an Arabic person and have my roots in the Middle East. This article was written with help from my uncle, who was able to describe the current situation in these countries to me in great detail (I currently live in Europe, but did visit my family in Iraq few of months ago).

So, please, reconsider what you have said. It deeply saddens me that little is known about the true situation in Middle Eastern countries, and it is plain wrong to associate the same social values and norms you know here to the Middle East. They are not interchangeable.

Peace,
Yousif.

fmtaufiq

http://www.facebook.com/home.php?sk=group_160879060609336

and,

http://www.causes.com/causes/548074-restore-blackberry-internet-service-...

The rest is all self-explanatory once you get there I guess...

Thanks Yousif and keep posting the interesting stuff about the Middle-Eastern developments with regards to both RIM and the BlackBerry platform. Please visit these two links to find out how much of a hard-time I am facing (and giving) with the authorities here in Pakistan with regards to full restoration of the BIS which has been banned since May 20, 2010 following the Facebook Drawings controversy. Please do visit these pages, all of you. And find out why Pakistan is still living in the 19th century...

Thanks and take care,

Farrukh

habidz

The most important thing you didn't mention is that now, NOT A SINGLE USER IN THE UNITED ARAB EMIRATES can connect BIS services through WIFI, neither you can use BBM not any software on Blackberry which uses the BIS to connect.

Yousif Abdullah

I was not able to find any evidence that supports the statement. So far all that I have heard from my uncle (who currently is staying in Dubai) is that Zain works perfectly. One of his colleagues on Etisalat does have the same problem, so this lets me believe it actually is a problem on a service provider's end and not RIM. I will keep looking, though, there could be more to this.

Thank you for raising awareness of this issue. Peace, Yousif.

habidz

That's what I meant Etisalat and Du had blocked their users connecting BIS through Wifi in United Arab Emirate, you are right your Uncle could connect because his SIM is not from the UAE.

And for the evidence you can visit the following website:
http://www.emiratesmac.com/forums/mobiles-gadgets/12915-blackberry-over-...

Mummy2

More of the same from the writer(s) at Crackberry.com: Poor writing, poor research, questionable logic. Why not hire good writers, or at least good, knowledgeable editors?

Yousif Abdullah

Constructive criticism is much appreciated. So far, I have read comments about the flawed writing and research I have done, but none seem to address any particular or specific issue (as for the "is India part of the Middle East?" issue, please read my top most reply).

Peace,
Yousif.

LogicalRandom

This story is so skewed and has such poor research I literally just registered to write this comment.
Thanks..

Yousif Abdullah

What parts are you having a difficult time with? I understand that the article is tricky to follow, but the nature of the subject itself is volatile and this calls for much intertextuality to clarify some of the more complex problems relating to the subject.

I researched and continue to research on the subject to the best of my ability, but I too am prone to making errors, just like anyone else. Please do tell me where I went wrong and I shall correct the article in case there are real issues with it.

Looking forward to your reply. Peace, Yousif.

Valgi

Totally off topic, but I love the picture you used for the blog. It fits the scenerio, more or less. Zelda FTW!

Yousif Abdullah

Thank you for this, even though it doesn't relate to the article itself :)

Peace,
Yousif.

IchigoMochi

This Windwaker picture is honestly the only reason I read this article.

yogibearxxx

I for one agree with Yousif on some of the issues he has highlighted but in my opinion it does seem a little bit skewed.

While you have mentioned you rely on your uncle for most of the information you have been given I found it particularly strange that he never mentioned the BASIC fact that even before the measures threatened against RIM by the UAE government for at least a year we have been receiving a censored internet service routed thru Etisalat servers that more or less made independent and free browsing useless hence the attraction to BB service was via the BBmessenger. The government here in its efforts to monitor and despite the fact that 80% of residents here are expatriates from free speaking countries tried to fracture that connection or at least reap a bountiful financial dividend by the measures which it would impose under the guise of shaping the morality of this great muslim nation.

How persons see this issue would vary greatly depending on which background u are from. I am truly not trying to make this a war of religious web factions but it could be retooled to SEEM like it is simply that.

The real tragedy was that the initial move against BB capabilities came in a form that was no less than ridiculously humorous. For a nation where a 13 year old child can take his pocket money and buy his own first car a BB would be no challenge to own, bypassing even the measures instituted such that via responsible parenting a business tool of this nature would not be innately misused in the hands of a child. Money and privilege will get you anything from anyone at anytime here. So it truly surprised me that this was all started by the news report that stated that without browsing children were being subjected to pop-ups from adult porn sites while in possession of these phones. The very joke of the matter is that I sat for almost a week hoping to glimpse this very rare mythical spectacle of a BB generating a pop-up uncommanded much less one from restricted adult sites and further to that such that it would command my entire attention to silence such an occurrence.

They made fools of us and they're still trying to do it even now.

The fact is that whatever is said RIM provided a service that since then many have tried to duplicate or capitalize on if not control. It is no small wonder that in recent events there was such a huge surge in apple iphone 4 sales HOWEVER that soon levelled off when it was discovered that between the apple online store and the regional service providers FACETIME was disabled or removed from such phones.

Care to guess what the next chapter in this saga will be ?

Yousif Abdullah

Quick thing: I have a feeling what I wrote was different to what people have read! I agree with you that how one understands the issue depends on many factors, maybe I let in too much bias hoping that the message was clear enough, but I am grateful I did a mistake now and not later, so to everyone who has commented I truly respect your comments. Just remember that it is a mutual relationship between you and me, so anything you believe can make me a better writer, tell me about it. You will then see higher quality content, and that is what I strive for.

As far as the information my uncle has given me, I did not rely on him for the most part, but key information did come from him, so yes in a sense all critical information stems from him. I do trust my uncle in that he does not provide me with biased information, but please also know that I try to research any claims he makes to be absolutely sure nothing is missing.

Also, I have in the past mentioned a thing or two about Internet filtering, like in the first part of the "RIM and the Middle East" series: "As BlackBerry traffic is routed through the RIM network operations center (NOC), circumvention of possible Internet filters becomes viable."

I am taking notes at this very moment now, the next part will focus on an entirely different perspective. More is to come as more information becomes available. I will try not to screw up the next time! Please bear with me :)

Peace,
Yousif.

Marc_Paradise

I'm not sure what issues people are having - nowhere did you say India was in the middle-East. I suggest that the actual issue is one of reading comprehension rather than flaws in writing...

Outside of that: I suspect that where many have a problem is the notion of sanctioned government monitoring of corporate communications - but as you've said elsewhere, Western values are not the same as the rest of the world's values. It's not up to RIM to determine whether it's "right" or "wrong".

As you pointed out, their refusal to aid has not been out of any moral sense - but a simple technological limitation in that it's simply not possible - RIM does not have private corporate keys in its possession.

But here's what I don't understand: do Middle Eastern countries have government monitoring of standard email? Or internal corporate email that never goes over the Internet? What about encrypted email - can they decrypt it? That's really where I have trouble- how is this different than that? It seems like there's a double standard being applied simply because the data is sent (encrypted) over the air.

You also touched on one point that is much understated - people focus so much on RIM's market share here in North America (usually relative to Android and iPhone) that they tend to lose sight of the fact that RIM is operating globally - with no small degree of success.

Yousif Abdullah

Not only is all Internet traffic monitored (including e-mail), but it also is filtered on some levels. Most notably, access to pornographic content has been suppressed, but so are a few other types of Web sites (for example, anti-Islamic content). To your question about internal corporate e-mail, maybe take a few minutes and read the following article to get a general idea of how governments operate in the Middle East: bit.ly/9UJOTX. You can safely assume that other countries, such as the Emirates and Saudi Arabia, are no different.

This is where it gets tricky: encrypted e-mail. I know that many of the Middle Eastern governments have touted in the past they could crack into encrypted e-mail solutions, but whether these were false claims and just attempts to scare someone, I don't know. This is an important question nonetheless, I will keep my eyes wide open. Thanks.

Peace,
Yousif.

skhalil82

Hey, I just wanted to know if you had any idea when app world is going to work in the MENA region. I know my question has nothing to do with the article but I've looked everywhere for the answer and could never find one. Its pretty annoying honestly. Thx
Sherif Khalil

Yousif Abdullah

Thanks for mentioning this issue. I'll see what I can do.

Peace,
Yousif.

Make It Seven

Good article, what i fail to comprehend is that if governments were notified of this encryption, why was this not a problem when RIM expanded to such places?! All it takes is one country that has had years to figure out... "Gee... RIMs' security is pretty good someone will attack our country with it" and all of the sudden we have 10 different countries that are asking for keys to the system when THEY WERE TOLD HOW GOOD THE SYSTEM WAS WHEN IT WAS IMPLEMENTED. Living in Waterloo where blackberrys are made, i can relate to nothing in the middle east and i realize they have different social, political and ethnical views... however in my eyes, you don't touch something unless you know what it is, and you don't fiddle with something if you don't know how it works, all of this blackberry security non-sense falls under this bubble. I guess what really pisses me off is that these countries are the same countries that are blocking web pages, keeping nobel prize winners in jail, accusing mobile security systems as means to plot an attack and so on and so forth. All in all, if these countries were smart enough (/not stupid enough) to let blackberries into their country without knowing and understanding all aspects that come with them, then we wouldn't have this stupid a55 problem

Yousif Abdullah

BlackBerry was little known in Middle Eastern countries, but it was until a company called i-mate went bankrupt (which produced Windows Mobile equipped smartphones) that BlackBerry saw the rise in popularity. Prior to this, BlackBerry was employed in the countries only to satisfy traveling businessmen. Now, almost every teenager and adult has a BlackBerry, and this is where it started to pose a threat.

Peace,
Yousif.

wolfstar

I dont know why Crackberry puts up with this rubbish being posted on their site. Half truths, out and out false info are spread throughout. The author may know something about the totalitarian regimes in the middle east, it is agreed, but knows nothing about the US and requirements for 4th Amendment requirements for wiretaps, judicial oversight, and limitations on government intelligence gathering. This diatribe should be moved to the General Forums.

The US government does not and can not, monitor every move of a citizen without certain requirements being satisfied, unlike many other nations where paranoid dictatorial regimes have no such restrictions. Anyone who followed the Carnivore debacle can see how that ended up for the gov't. If they need to monitor your movements, then sooner or later they are going to have to justify it in court, and it can hit the front page of the NY Times the next day as a public record. Period. End of story.

Instead of some middle east government sneaking around hoping to terrorize its citizens into stopping their ability to have some free speech and expression, because who knows where that will lead???when their house of cards comes down, they simply have to go to the locations of the BIS servers in any corporate setting they wish and demand that traffic be copied to them in real time, after decrypting. But you know what? They cant even trust that the corporations would even do that the minute they turn their back. We know how this will end already and it isnt pretty. Seriously.

Yousif Abdullah

Maybe this can help you get a different perspective of the U.S. government: http://m.crackberry.com/u-s-and-middle-east-think-alike-no-chance-rim

I don't understand why you brought up the link to the U.S. in the first place, because my article only lightly touches the U.S. to begin with. I base my information on the research I've done about the U.S. government, and so far Alex Jones' EndGame, The Venus Project and Zeitgeist have been very helpful to aid in my research. Wikileaks has also given me some great insight into the way how the U.S. works and functions. I don't know about you, but I truly do my research.

Agreed that the end is near and won't be pretty. Seriously. But, this is an extremely sensitive subject, so I was half expecting comments like these anyway. Seriously.

Peace,
Yousif.

nuchdog

I'm surprised by the anger in some of these comments. I personally liked this article Yousif, and have been following this story on many sites (both tech and media) for quite some time. I'm confused as to why people feel that RIM is in a position to be a champion of personal privacy. They have always been a champion of corporate security, but that is not quite the same. As far as I understand, RIM does not have access to BES encryption keys nor have they given governmental access to their BIS or an NOC. RIM could simply choose to leave, what some people might consider a moral highroad, but governments would simply block access to RIM servers and ban corporate BES operation. I'm actually hopeful that RIM can find a way to continue to provide service to users in these countries.

Best wishes...

NOKJAA

About a decade ago certain governments (can't find my bookmark(s)) so I wont name any particular names) were concerned about VNP / SSL encryption. After awhile this got lost to the media and the hype died down. This concern has remained. Nowadays Handheld devices / SnmartPhones have such capabilities and so this concern has returned...Nowadays almost any Tom, Dick, Leroy, Felipe and or Mussafah can perform clandestine acts that a decade ago were only available for the REALLY BIG BOYS! This is (IMHO) one of the reasons for the attempted clamp down.

Please read this article:BlackBerry encryption 'too secure': National security vs. consumer privacy

http://www.zdnet.com/blog/igeneration/blackberry-encryption-too-secure-n....

The right tools / weapons in the wrong hands can have devastating effects...

Let me be perfectly clear. ANYTHING & EVERYTHING Encrypted can be Decrypted! FULL STOP. If the NSA, CIA and or the FBI needs to get into any manufacturers code and or NOC they will get a warrant and do so! This of course is not done on a day-to-day basis but believe me is there's 'Clear & Imminent Danger' This WILL happen.

Remember the hype revolving SKYPE?!? And why won't Russia (former USSR)allow Microsoft's product into her Municipalities?

SKYPE = EXTREMELY Difficult to listen in on...Not impossible!

OS / Operating System's = Can be installed with a "Back-Door" and the Russians (of course) wouldn't want and or like anyone eavesdropping...

Remember some governments make a lot of noise about it and others just DO IT! Remember this...There is a Very Very thin line between Privacy a7 Security (National that is).

And last but not least @YousifA I liked your article! Keep them coming...

Regards,

NokJAA

NOKJAA

India: Google, Skype, RIM must meet security needs:

http://www.ibtimes.com/articles/43247/20100813/india-google-skype-rim-mu...

You can also Google>>>> skype and national security

This is truly my last post for now.... Off to bed now... its 03:20+

rickyj32

Interesting conversations. As a RIM shareholder i look for any articles that can show me anything about potential problems or opportunities in the company. I am amazed at the criticism of this article. I read all of Yousif's artcles as he is the only person on crackberry who writes about the middle east and south-east asia. Last earnings period 52% of RIM's earning were from outside N.A.. So any info in these areas is helpful. Keep up the good work Yousif!!! It is fine to accept reasonable criticism, but remember many of the critics are just wannabe writers whose jealously spills over into their comments.

Omnitech

Yousif , I think it's great that you're doing articles with a Middle-East focus as that is certainly an important market for RIM. However a couple of clarifications:

Neither India nor Pakistan (which was once part of India) are Middle-Eastern countries, they are technically "South Asian" countries. (Sometimes "Central Asian" in the case of Pakistan) Pakistan is an Islamic majority country (which is actually the reason they split from India in the first place), which some people might assume makes it "Middle Eastern". (But then again, by that logic, Indonesia would be a Middle Eastern country, which clearly isn't the case. And of course Israel is a Middle-Eastern country, but is obviously not an Islamic-majority country)

Iran is considered by many people these days to be "Middle-Eastern", but geographically it is really "Near East" or "West Asian".

All that said, what I am personally interested in someone writing an article about are the technical details of these traffic-monitoring mechanisms which both the governments in question and RIM refuse to discuss in specific terms.

The current assumption by many people is that if RIM has a local network infrastructure in a particular country (like they do in many Western countries like Canada and the USA), they can sidestep the monitoring issue by essentially installing local BES servers/networks which they give administrative access to government agencies, thus sidestepping the issue of trying to monitor and decrypt the already encrypted data stream. So, many people are assuming that these agreements with Dubai, Saudi Arabia, India etc entail some form of local infrastructure installation in order to satisfy monitoring requirements.

But as I mentioned, neither RIM nor the governments in question are speaking about this in detail, so the rest of us sit around and speculate whether RIM is actually compromising the famous BES security or not - despite their ambiguous claims to the contrary.

All the best to you..