Encryption -- Engadget Mobile

encryption posts

iPhone OS 3.1 enforcing Exchange device encryption, only supported by iPhone 3GS

by Donald Melanson posted Sep 11th 2009 @ 2:03PM

Noticing a "Policy Requirement" error when trying to use your Microsoft Exchange account after upgrading to OS 3.1? Then there's a good chance you're not using an iPhone 3GS, as Apple has just confirmed via a support page that the upgrade can now enforce the Exchange ActiveSync mailbox policy requiring encryption on the device, which just so happens to only be supported by the 3GS (guess that "S" stands for more than just speed). Not surprisingly, the only solution for non-3GS users is to contact their Exchange Server administrator and hope that they're willing to change the policy to no longer require device encryption.

Hackers scoffing at iPhone 3GS' hardware encryption

by Chris Ziegler posted Jul 24th 2009 @ 12:19AM

There were other features taking higher billing in the iPhone 3GS' announcement than its hardware-level encryption -- hell, even the magnetic compass was getting more play -- but it's there, and Apple's actively marketing the bit-scrambling capability to enterprise clients. Problem is, hackers are apparently having a field day with it, rendering it useless in all but name. One iPhone dev (who teaches courses on pulling data off iPhones, coincidentally) goes so far to say that he doesn't "think any of us have ever seen encryption implemented so poorly before," noting that it's no more difficult for him to pull data off a 3GS than it is off an encryption-free 3G. He goes on to point out that RIM -- which has far more experience dealing with enterprise-class mobile fleets than Apple does -- offers a far more robust remote wipe solution that doesn't necessarily need to rely on an active wireless connection to clear a phone. The lesson? As overwhelmingly popular as the iPhone may be across every market segment, these guys are still the new kids on the enterprise block -- and RIM (and heck, Microsoft, too) would be wise to stand their ground here.

TechLab 2000's Xaos Gamma: when you absolutely, positively don't want us tapping into your convo

by Chris Ziegler posted Apr 13th 2009 @ 7:33PM

There's no shortage of solutions for making your phone conversations as secure as the privacy of the room you're standing in while placing the call -- problem is they only interoperate with compatible products, and needless to say, encrypting cellphones aren't exactly in wide supply. TechLab 2000's SYLAN system of encryption suffers the same shortcoming, but the bright spot here is that they've got a handful of wireless and wireline models that can all talk to each other, so the next time you need to get hold of Agent 49 sitting back at his desk at Langley, you can do so knowing that it's gonna be tough for the baddies to crack the call. The Polish firm just rolled out its Xaos Gamma model, featuring quadband GSM, six hours of talk time, and a 220 x 176 display -- not the most aggressive stats, but odds are you don't care about a music player with 5.1 surround capabilities when you're running Operation Silent Dawn from some secret drop point in the Sahara. Actually, maybe you do. [Warning: PDF link]

[Via GadgetsCrunch]

RIM changes course, promises to keep Indian Blackberry network secure

by Nilay Patel posted May 27th 2008 @ 4:06PM

Although several Indian news outlets reported last week that RIM was preparing to let the Indian government monitor the domestic Blackberry network, it appears that the outcry has prompted the company to change course and announce that it's committed to "serving security-conscious businesses in the Indian market." That's a big reversal from the rumored plan, which would have allowed Indian security agencies access to the network in exchange for taking the blame for any leak of user data. Of course, not everything's quite settled yet: the Indian government is still demanding that RIM furnish "satisfactory answers" to its security questions, and RIM told the AFP that there are some other ways for "government to take care of security concerns" without elaborating further. Based on RIM's enterprise-heavy statements and refusal to comment on the consumer service, we'd guess that enterprise customers will probably get to keep their networks locked down, but that consumers shouldn't expect their messages to be secure. Not the best compromise, but we'll see how this all plays out.

Indian Blackberry network given 15 days to allow government snooping or shut down

by Nilay Patel posted Mar 25th 2008 @ 12:11PM

The last we'd heard, the Indian government had ruled out the threat of a Blackberry ban if RIM didn't allow it to snoop on messages, but it looks like some overzealous bureaucrat is getting his way after all: the Department of Telecom has issued a 15-day deadline for RIM to either open up for the G-men or get shut down. RIM says it won't comment on regulatory issues as a matter of policy, but it looks like the Indian government is playing hardball, with Telecom Minister A Raja saying that national security will not be sacrificed at any cost. Hmm, hear that? That's the sound of over 400,000 Indian Blackberry users desperately grabbing at their devices to get another quick fix -- something tells us this isn't going to end well.

[Via Cellpassion]

India's encrypted BlackBerry network lives to fight another day

by Thomas Ricker posted Mar 14th 2008 @ 7:24AM

Remember the Indian government's threat to shutdown RIM's in-country network if they didn't open it up for snooping? Ain't gonna happen. Today the Indian government ruled out banning the BlackBerry service. Instead, the government will continue working with the Telecom Commission on security matters (whatever that means) with a promise to resolve the matter soon. Look India, if the notoriously controlling Chinese allow the data to run encrypted, what's your ~~beef~~ chicken?

Indian Blackberry network to be shut down unless RIM allows government snooping

by Nilay Patel posted Mar 12th 2008 @ 3:13PM

Uh-oh, Indian Blackberry users -- better get ready for some major disconnection anxiety. Apparently the Indian government is demanding that RIM either allow it to snoop on its encrypted email service (or worse, drop down to 40-bit encryption), or shut down the entire Indian Blackberry network at the end of the month. That'll cut off an estimated 400,000 subscribers, so the carriers, RIM, and government officials are due to meet and try and hammer out a solution on the 14th, but the issue probably won't be easy to solve -- ISPs are now concerned that if RIM complies, all encrypted wireless data will be open to spying, which would make things like ecommerce virtually impossible. Furthermore, since Blackberry traffic gets routed to Canadian NOCs first, there are some thorny international issues at play as well -- just to put things in perspective, RIM doesn't even allow the Chinese government to snoop in this way, although we're certain there's another backdoor in place. Honestly, though, we'd suffer through a little CrackBerry withdrawal if it kept the G-men out of our hair -- let's hope RIM's got some fight in 'em.

[Via Boy Genius Report]

KoolSpan's microSD TrustChip keeps C out of your A + B conversation

by Darren Murph posted Jan 26th 2008 @ 9:03PM

Sure, we've seen cellphone encryption contraptions before, but KoolSpan's aiming to make things extra easy for green CIA agents. Set to be released next month, the microSD TrustChip slips right into a-many of smartphones and enables callers to hit up other undercover gurus and chat with 256-bit AES encryption, providing that the receiver of the call has a TrustChip jammed in his / her phone as well. Furthermore, the device itself touts enough features to make Maxwell Smart all sorts of envious: on-chip crypto processing, key management and a tamper-resistant environment for starters. Word on the street pegs this bad boy at $300, but we all know the cost of getting a call sniffed could be much more costly than that.

[Via GetFlashMemory]

Vodafone UK serving up secure SMS

by Chris Ziegler posted Jul 11th 2007 @ 5:51PM

Vodafone's British arm has partnered with Broca Communications to offer its Secure Advanced Message Service -- cleverly named "SAMS" for short -- to business customers. Sitting atop SMS, SAMS offers encrypted messaging for those times when you simply must know beyond a shadow of a doubt that the "meet 4 dnr?" you just received is authentic. Of course, security has its price; the service will be billed on a per-message basis, which pretty much explains why it's being pitched to Voda's enterprise user base.

[Via texutally.org]

Babylon nG cellphone encryption launched

by Brian White posted Mar 20th 2007 @ 6:31PM

If you're an MI5 agent in Europe or just don't want those pesky neighbors using homebrew digital packet sniffing equipment, you can really (really) secure those cellular voice communications between users of the Babylon nG encryption system. We love wireless encryption products, and the Babylon nG looks pretty good on paper -- not that we need such security. Anyhoo, both the sending and receiving party must be using the system (it uses a secure switch), 'cause that dual-layer encryption path is going to be, well, impossible to intrude upon at all based on all the computing horsepower under a warehouse roof (or more). Encryption layer 1 includes 1024 bit RSA assymetric scrambling, while layer 2 includes encryption of the 256 bit AES variety. Sorry, no more snooping on those peanut butter cookie recipes you discussed last Sunday with Aunt Sally. This sounds quite a cheaper than the Diamond Crypto Smartphone, does it not?

"Diamond Crypto Smartphone" for the rich and paranoid

by Chris Ziegler posted Jul 15th 2006 @ 12:52PM

Thought we admire diamond encruster extraordinaire Peter Aloisson and his previous work, it suffered the same problem as other million-dollar cellphones have in the past: not enough cryptography. Happily, Russian firm JSC Ancort has developed a Windows CE-based smartphone ready for Aloisson's bejeweling that employs "powerful encryption technology" to "provide secure protection of information against kidnapping, technological blackmail, financial racketeers and corrupted state officials" -- sounds like marketing speak for a password-protected wallet app, but who are we to judge? Of course, with its $1.3 million price tag and 50 diamonds (10 of which are blue) we think you might start to have more trouble with mugging than with "technological blackmail," but there's only one way to find out for certain -- anyone want to donate the cash for a hands-on?

[Via textually.org]

SecureGSM SP crypto software for WM5 smartphones

by Evan Blass posted May 1st 2006 @ 4:06PM

Windows Mobile Smartphone users now have a new way to conduct their shady business in secret, thanks to a newly-released version of Australian developer SecureGSM's "military-grade" crypto software. Designed to incorporate seamlessly with the WinMo UI, SecureGSM SP delivers on-the-fly data encryption for communicating with other SecureGSM-enabled devices, and promises voice quality that's "comparable to standard mobile communication." Processor requirements for the ~$190 app are pretty light, with any device running faster than 175MHz making the cut, but system requirements are a bit stricter, as you'll need the MSFP-sporting WM5 AKU2 installed if you want to enjoy conversations free of eavesdropping.