Blackberries insecure?
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Thu Jun 21 14:40:09 EDT 2007
Steven M. Bellovin wrote:
> That's a bit puzzling. My understanding is that email is encrypted
> from the organization's (Exchange?) server to the receiving Blackberry,
> and that it's not in the clear while in transit or on RIM's servers.
Doesn't this run into the common problem of "supposedly it's secure, but
they're not offering the source", just like with e.g. Skype, TPM RNGs,
all commercial hardware security modules that I'm aware of, etc?
Personally, I found a SymbianOS phone with a full keyboard that's
lighter, thinner and more stylish than the Blackberry, runs Python and
exposes most of the phone functionality to it through a set of APIs, and
is happy to grab my mail via IMAP+SSL. With an unlimited data plan, who
cares if it's pull instead of push e-mail?
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | GPG: 0x147C722D
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list