After all the harassing the government has done to get Indian carriers or RIM to help them get a lock on BlackBerry communications, they’ve conceded that they might have trouble decrypting anything using a 40-bit standard or higher. BlackBerrys use a 128-bit standard (AES), putting it and plenty of other devices such as satellite phones, outside of their reach. Setting up servers abroad remains an option for RIM, but at this point, India’s entire internal security could see an overhaul before that even becomes a possibility. The Department of Telecom has requested carriers scale back their security to a 40-bit standard, but that pull-back has been slowed by existing infrastructures running at 128. When it comes to stuff like this, I’ll agree with the Canadian government – if the media learns about stuff like this, it really does become a security hazard.
You know, maybe BlackBerrys aren’t really fit for upper-level government work. Turns out New Zealand doesn’t use BlackBerrys for transmitting any information above bottom-rung security clearance, and having heard a thing or two from government employees here in Ottawa, I can tell you the Canadian government works the exact same way. As for France, the statement quoted from Alain Julliet is actually two years old, and applies to the security risk posed by all mobile devices, which seems only reasonable. So when RIM says that governments have “given the system their accreditation“, they might be milking it just a little.