The German government has decided that BlackBerrys aren't safe enough. The move may be linked to concerns about the lack of adequate encryption on many BlackBerry services.
Two ministries, and the Chancellery, have confirmed that their employees are no longer allowed to use BlackBerry phones
The German government has recommended that federal employees no longer use the BlackBerry smartphone.
According to the Reuters news agency, the Chancellery, Foreign and Interior Ministries have already confirmed that their employees are now prohibited from using BlackBerrys.
"The federal government says for their own networks: BlackBerry is too vulnerable to attacks and disturbances from outside, we only cannot use them in our highly sensitive federal systems," said Stefan Paris, an Interior Ministry spokesperson, in an interview with Deutsche Welle.
"Therefore, there is a clear recommendation not to use these devices, and especially to not use them for secret information. And so have also expressed a clear recommendation to all other departments to use a different device."
On Wednesday, the Federal Office for Information Security (BSI) in Bonn said that Apple's iOS operating system, found on iPhones and iPads has a major security flaw that could be exploited through PDF files.
Last November, Hans Berhard Beus, the commissioner for information technology, wrote in a letter to all the federal ministries that the government could no longer recommend the use of iPhones and Blackberry smartphones for security reasons.
"In particular, mobile devices do provide a significant risk potential for IT infrastructure and government networks," Beus wrote. Since December 2009, the BSI has only certified the Simko 2 software, developed by Deutsche Telekom, for use with classified electronic documents and correspondence.
"In terms of smartphones, we have recommended one," Paris, the government spokesperson, added. "This is the Simko 2 product by T-Systems. This is a German product, yes, but it is primarily due to the fact that it is a safe product."
The German move against Research In Motion (RIM), the company that manufactures the BlackBerry phone, has attracted renewed attention at a time when many governments around the world, including Lebanon, India, Indonesia and the United Arab Emirates are not allowing or considering not allowing the company's services in their countries as a result of government security concerns.
Internet experts say that there remains a fundamental problem with the way that most BlackBerry data is handled, which is likely why the German government made this decision.
Only "enterprise solution" email is completely secured on the BlackBerry
Not all data is encrypted equally
The issue comes down to how e-mail data is hidden, or encrypted, as it is sent from one BlackBerry device, through the Internet, to RIM's servers, and finally to its recipient.
Not all messages sent over BlackBerries network are encrypted; in fact, the company says on its website: "E-mail messages that are sent between the BlackBerry Internet Service and your BlackBerry device are not encrypted."
The BlackBerry Internet Service is the lowest-level, consumer-grade BlackBerry service that the company offers.
When a message is not encrypted, it potentially can be intercepted or copied along the way by a third party.
"In the end, people have to accept that e-mail is insecure," said Karsten Nohl, a German cryptography researcher and consultant in Berlin, in an interview with Deutsche Welle.
"It's equivalent to saying something on the radio. It's being broadcast through a public network. Even an e-mail being sent to a BlackBerry account is travelling through unsecured networks and may be intercepted over and over again on its way through the Internet by network operators and governments. If you wish for it to be secure it has to be encrypted from the very beginning, from the phone or the computer, and it should only be decrypted at the very end."
When a message is encrypted "end-to-end," or encrypted the entire way, the e-mail cannot be read by RIM or any other third party, including governments. RIM does offer this service in what it calls an "enterprise solution."
"The BlackBerry enterprise solution was designed to preclude RIM, or any third party, from reading encrypted information under any circumstances since RIM does not store or have access to the encrypted data," the company said in a statement.
"RIM cannot accommodate any request for a copy of a customer's encryption key, since at no time does RIM, or any wireless network operator or any third party, ever possess a copy of the key. This means that customers of the BlackBerry enterprise solution can maintain confidence in the integrity of the security architecture without fear of compromise."
Through a spokesman, the company declined to elaborate beyond its statement.
The United Arab Emirates' ban on BlackBerrys will take effect in October
'End-to-end' encryption is possible, but impractical on a wide scale
However, this level of "end-to-end" encryption only applies to BlackBerry enterprise servers. The company offers very high levels of encryption, including AES, S/MIME and PGP standards, all of which are generally accepted as being high-quality coding systems.
Jonathan Zittrain, the director of the Berkman Center for Internet and Society at Harvard Law School in the United States, wrote in his blog earlier this week that while it would be possible to offer high level encryption to everyone, it's currently impractical to do so.
"Why limit this feature to enterprise customers?" he wrote. "In part because encryption standards haven't been widely enough deployed to support ready encryption between users, without regard to the devices and platforms they're using. For me to send you an encrypted email that not even our respective email providers can access requires us to coordinate ahead of time on a standard. For example, you might establish a key using the Philip Zimmerman's legendary PGP ("pretty good privacy") standard, and I could then use it to send you an email that only you can read. But if you haven't gone to that trouble, I'm stumped."
Bart Preneel, a professor of cryptography at the Catholic University in Leuven in Belgium, agreed.
"They [RIM] have solutions where you can encrypt all the way, [but] then you and [the recipient] have to exchange keys," he said, pointing out that companies or governments would be very reluctant to publicly list all of their employees alongside their public encryption keys.
But even if the German government did have confidence in RIM's "enterprise solution," it may just be put off by the fact that all BlackBerry messages, even encrypted, pass through RIM's servers in the United Kingdom and Canada.
The German government may not want to use a system which is under the control of a third party, opening up the possibility of abuse.
"RIM could hack their own clients and could put something in the BlackBerry devices which would hand over this data or not actually encrypt it," said Danny O'Brien, the internet advocacy coordinator at the Committee to Protect Journalists.
In July 2009, the UAE attempted to install spyware onto the BlackBerrys of UAE users which could intercept private data. But O'Brien doesn't think that RIM is likely to want to support such interventions.
"What this comes down to is a government like the UAE saying: 'We know this system is end-to-end but you run the devices, so you can put in our software.' But if they actually put that into their devices, their market would end tomorrow," he said.
Author: Cyrus Farivar
Editor: Michael Lawton