

No, the NSA can't spy on smartphone data - clarkm
http://blog.erratasec.com/2013/09/no-nsa-cant-spy-on-smartphone-data.html

======
001sky
_BlackBerry 's mail system "is known to be very secure". Known by whom,
exactly. Can you cite a source? Any source? I'm an expert in cybersec, I know
lots of experts, and I nobody I know thinks..._

The author puts his credibility on the line dismissing RIM's security as
obviously flawed, and then admits he hasn't the most basic clue about their
services. Of course BES and BBM are (or: were at one stage) secure enough that
the Indian government threatened to shut down RIM, if they did not provide a
direct link the servers for Indian security forces.

 _Update: @ChrisEng points out that there 's a difference between normal
BlackBerry Internet Services (BIS) provided by your phone carrier, and
BlackBerry Enterprise Services (BES) provided by your company._

_______

The relevance of BES:

 _What is key here, is that when running a BES neither RIM nor the wireless
carrier can assist law enforcement in accessing email, Internet browsing
(which can be encrypted by default) or BlackBerry messenger contents (assuming
that the organization isn’t using the same global encryption key consumer
messenger traffic relies on). If the BES and surrounding corporate IT
infrastructure is outside a country’s legal reach then secured communications
can be provided without worrying about government actually going after the
mail or messaging servers themselves. Further, if a corporation’s legal assets
and identity are also outside the nation, the government may be unable to
legally compel the company to turn over the contents of BlackBerry
communications. Needless to say, the full encryption of communications
prevents the nation’s wireless carriers from effectively tapping BlackBerry
device communications. Of course, this degree of security does depend on the
device itself being protected from side-attacks..._

