Rim, Nokia and Apple Providing Government Back Doors

Monday, January 09, 2012

Pierluigi Paganini

03b2ceb73723f8b53cd533e4fba898ee

(Translated from the original Italian)

What I want to discuss today is the interference of governments in what should be private business, and what are the consequences of policies that are so invasive.

The news of this day is that Nokia, RIM and Apple have provided to the Indian government, particularly its military, a backdoor that allows the ability to monitor each mobile device.

We also learned that for similar reasons, Symantec has provided the source code view of some of its products to the Indian government to comply with an agreement in order to conduct business there.

There are many topics to be discussed, the use of backdoors for purposes of spying and surveillance, the way in which governments impose their own policies on private companies,and  the risks faced by businesses due to this kind of interference.

A few days ago I received a message on Twitter announcing what had happened. There were some Indian Military internal documents found that refer to a project called RINOA SUR, where the world RINOA stands for for RIM, Nokia and Apple.

The project is related to a platform used to spy on the USCC—the US-China Economic and Security Review Commission. Following the images related to the main part of the documents from published on the web site Terminalx.org:

The documents contain portions of emails sent by members of the USCC regarding the successfully usage of the RINOA SUR, and the Indian Navy has shown interest in the same. The documents suggest that RIM, NOKIA and Apple were required to provide backdoor access.

The scenario is that of a technological India, a country that is experiencing a time of great political and social contradictions. A Nation in constant grow that is particularly distinguished for its cyber strategy with little attention to the privacy of its citizens. Monitoring systems, actions of censorship are the main themes at the center of a heated debate.

However, the situation is no different from many other countries. The story is the same, private companies have to under contract provide support for surveillance and monitoring operations required by governments.

It had already happened in the recent past when hackers claimed that German officials had a backdoor trojan for spying on Skype, and don't forget the case of Carrier IQ, a huge story that has been hidden all too fast, maybe because the small company was under a Government commitment.

The risks are many because of the interference of governments and the excessive attention paid in the name of security monitoring, which can easily spill over into censorship with serious repercussions. At stake there are the human rights that monitoring technologies contribute to violate. Assange was a prophet in this, and its portal SpyFile reminds us how utopian is the privacy concept in this digital age.

At risk are not citizens but also the same companies. Infact in order to grab contracts and procuremenst they form dangerous relationships with governments. This means that the same companies are increasingly targets of hackers and hacktivist groups that might, as has happened, expose secrets and patents. A disaster for those who live and earn through technology.

Security or privacy: a dilemma, and a choice which sooner or later every government must make. Accepting blackmail by the government or leaving the market, it is an obvious choice for companies at a time of global economic crisis.

Cross-posted from Secuirty Affairs

Possibly Related Articles:
13200
Privacy
Information Security
Apple Government Symantec Mobile Devices Espionage USCC Monitoring Nokia Surveillance Source Code backdoor India RINOA SUR RIM
Post Rating I Like this!
5f799f6b38f73986d864c449c5685c5d
Commander Mukesh Saini (Retd.) I agree that Indian government wants to spy on every citizen and not only that there are several unethical officials who tamper with the intercept to mislead the government to take inappropriate action. But same is the situation across the world in the name of security every one is suspect.
Freedom of speech which is the soul of United States is getting strangulated more and more since Gulf War -II.
I am wondering if it start of end of democracy form of government or newer form of government model may evolve over next few decades????
1326179557
5f799f6b38f73986d864c449c5685c5d
Commander Mukesh Saini (Retd.) I DO NOT HOLD BRIEF FOR GOVT OF INDIA but I have received inputs that the above letter is not only fake but an attempt to cause misunderstanding between India and US( and I add that collateral fire may hit China. Some of the reasons which show that the documents is fake are:
(a) Despite being highly sensitive there is no security classification.
(b) Spelling mistakes show shoddy work of fraudster.
(c) Addresses are incorrect.
(d) There is no such technological, administrative and jurisdictional possibility.
(e) There are no such pacts with the named organisations/companies.
(f) The style of language and usage of phrases are not 'Indian' but 'US'
1326179718
03b2ceb73723f8b53cd533e4fba898ee
Pierluigi Paganini Hi Mukesh Saini, first of all thanks for your comments. I agree with what you assert about the global monitoring activities. Each country is gearing up do so and as I wrote several times the line between monitoring and censorship is a thin line.
Too many states now pass this line, and among them also some major world powers. Unfortunately, in the name of national security is sacrificing privacy, dangerous when this sacrifice results in forms of repression.
Regarding the authenticity of the document, only time will give us real information. On the Web we can say everything and its opposite, as always, I just report the facts and humble expressing a personal analysis.
Greetings and thanks again.
Keep me updated if you can on the event, perhaps we can provide more details to the reader
Pierluigi
1326181413
5f799f6b38f73986d864c449c5685c5d
Commander Mukesh Saini (Retd.) I had raise this issue in by blog thus I got some input which I shared.

Who knows better than me the dirty games some of the agencies play. May like to read http://mjoshi.blogspot.com/2010/06/spy-who-never-was.html.
I will keep you posted.
I recall discussions with Symantec in Sept 2005 but at that time it was limited to understanding that AV platforms may not be abused by the country where AV company has HQ.
1326188925
03b2ceb73723f8b53cd533e4fba898ee
Pierluigi Paganini Hi Mukesh Saini, thank you. I will consider it like my source.
Let's keep in touch
regards
Pierluigi
1326190095
5f799f6b38f73986d864c449c5685c5d
Commander Mukesh Saini (Retd.) Dear Pierluigi,
It will be my pleasure.
1326193090
03b2ceb73723f8b53cd533e4fba898ee
Pierluigi Paganini @everybody

It could be interesting to collect info regarding the event to followup the situation, in India and all over the world.

thank you
PL
1326285301
296634767383f056e82787fcb3b94864
Jeffrey Carr Although the information that the document contains is authentic, the document itself is a fake. I posted an article detailing why today here on InfoSecIsland.
1326416067
03b2ceb73723f8b53cd533e4fba898ee
Pierluigi Paganini Hi Jeffrey, thanks for the comment. I've aread you article, excellent. I'm studying if it is the case to propose an update and how do it.
Have a nice day
Pierluigi
1326437942
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.