Pretty rich, coming from the co-founder of a company that willfully handed over encryption keys of user data to authoritarian and brutal governments[1].
From this story:
"Facebook had been caught designing algorithms to identify stressed, overwhelmed, and anxious teenagers on its network, presumably to assist advertisers who might want to target them"
"But it wasn’t the looming disaster at Facebook that angered Ms. Sandberg. It was the social network’s security chief, Alex Stamos, who had informed company board members the day before that Facebook had yet to contain the Russian infestation……….She appeared to regard the admission as a betrayal.....“You threw us under the bus!” she yelled at Mr. Stamos………………Ms. Sandberg has overseen an aggressive lobbying campaign to combat Facebook’s critics, shift public anger toward rival companies and ward off damaging regulation. Facebook employed a Republican opposition-research firm to discredit activist protesters, in part by linking them to the liberal financier George Soros. It also tapped its business relationships, lobbying a Jewish civil rights group to cast some criticism of the company as anti-Semitic"
I would fully trust an encrypted communication system only if it is (1) end-to-end encrypted, (2) open source (or at least with source code available and buildable from source), and (3) based on a sound security design. Having said that, however, you're being very hard on Research In Motion (now called BlackBerry Ltd).
From everything I read and know about RIM, the enterprise level BlackBerry systems were unbreakable to governments and the keys were generated and controlled entirely by the customers (not by RIM). The pissed-off governments demanded access and threatened to ban RIM--the market leader at the time. I think the first to demand access was India and RIM put up a years-long fight against them before they capitulated.
It's easy to say that they should have taken a principled stand and lost the market. (In a similar vein, RIM had to pay a slimy patent troll $612.5 million dollars [not a typo, more than half a billion!] by a certain deadline otherwise the judge in the case would have banned them from the entire US market until they had a trial. The patents in question were ludicrously obvious and should never have been granted. I'd like to have seen RIM take a stand and fight the troll, but I can forgive them for having chosen not to go bankrupt.)
At the other extreme of corporate misconduct, are you aware that AT&T has been giving the call records (meta data) of every person in the United States to the NSA for decades? If Snowden's info is correct, they even allowed live tapping into phone calls for every phone call that passed through their network.
Furthermore, here's a quote from the article you linked to: "RIM, unlike rivals Nokia and Apple, operates its own network through secure servers located in Canada and other countries such as Britain." I have a high degree of respect for Apple (and somewhat for Nokia), but isn't it odd that RIM was being targeted by the host country but Nokia and Apple weren't? Perhaps they had a way to monitor communications (or at least get meta data) on Nokia and Apple phones, but they couldn't monitor RIM because RIM maintained its servers outside of the country.
In summary, cut some slack on RIM. RIM did use good encryption and did put up a fight. Many other companies have done and are doing much much worse.
Those are great criteria. But I would add that it should be P2P, with anonymized addresses. Such as Tox or Ring, where users run Tor onion services.
And if there must be central servers, they should also have anonymized addresses, and the owners and admins should be anonymous. Adversaries can't coerce people, if they can't identify or locate them. Even so, having central servers is a weakness to be avoided.
Just as with RIM:
> RIM, unlike rivals Nokia and Apple, operates its own network through secure servers located in Canada and other countries such as Britain.
Those were not secure servers. Because RIM was coerced into compromising them.
The issue here is not that other companies have worse security, we can rightfully assume thats true. The issue here is that by specifically releasing the keys to such a gov't they could have put peoples lives in danger that specifically relied on their lauded security and encryption.
So I agree with you fully, but I also do not have to cut them any slack as what they did was shitty.
I hadn't seen that story, thanks for linking it. Just to clarify, that story is about consumer BlackBerrys which were known to be insecure, where the keys were at the mercy of RIM's willingness to protect them.
I was talking about enterprise BlackBerry systems being unbreakable to governments. That story does not contract this. However, it's saddening to hear that RIM apparently coughed up the keys for consumer BlackBerrys even though it didn't face an existential threat. If they had refused, I doubt that they would have been banned in Canada, being their home turf and a darling of the Canadian industry at the time.
I believe you are correct. Blackberrys connected to a BES were end-to-end encrypted before that became mainstream. The key was only stored on the device and on the server.
For consumer services the story is very different.
Short of Apple and ( theoriginal) WhatsApp, I don't there was/is another major company that took encryption between devices as serious as RIM did: getting on the podium with bronze is not a bad accomplishment.
We can also thank them for helping move the ball forward with ECC encryption. They were taking crypto seriously before Apple and others even were in the game.
The fact that they didn't manage to get things perfect, or implement what we now call end-to-end encryption, shouldn't diminish the positive things they did.
Whataboutism. Regardless, his point is that comprehensive surveillance of the Sidewalk project is bad.
> Sidewalk’s proposal is peppered with phrases like “comprehensive data collection,” “an enormous amount of data,” and “fine-grained data.” The data it desires runs from environmental (localized weather conditions, noise levels, and pollution) to social ( everyday actions that paint a detailed picture of what residents are doing and when ).
It looks like Google's vision for the modern city is to turn it into the Sims where Google can peer into everything. If you want to live in that world be my guest, but he's absolutely right. This is not something which is good in many ways. Where Google is monitoring everyone all the time. I mean even in Star Trek the computer isn't monitoring everyone all the time.... if it were then many plots could be resolved with the surveillance log on everyone's actions.
Not whataboutism at all; with historical context you might be able to see that this isn't a principal stand but possibly has some, yet unknown, commercial reason.
> Not whataboutism at all; with historical context you might be able to see that this isn't a principal stand but possibly has some, yet unknown, commercial reason.
or experience and an authoritative source on the peril?
It's somewhat whataboutism because the whether the message is truthful does not rely on the source. i.e. Hitler could say genocide is bad, and he would still be correct even though he's Hitler.
It is relevant to the discussion to point out Jim Balsillie's relation to this topic. It's not a refutation of the point being made though. It's entirely possible that he has ulterior motives for making this argument that aren't based on it being morally (or event factually) correct, but it may be correct (or incorrect) separately from that.
Except the source has a very large incentive to besmirch Google and their business model, because Google is the very company that destroyed their business. Therefore, I'd take anything in this attack piece with a grain of salt, they are far from being the authoritative source on the subject.
Is whataboutism the modern incarnation of ad hominem?
Personally, I would classify these objections about Balsillie's arguments as ad hominem attacks. If the point he makes is logically coherent, what does his personal motivation it matter?
Whataboutism is an ad hominem fallacy when the context is US-Russia geopolitical relations. Traditionally it has been used to successfully ignore accurate observations about US/Russia, when the messenger is Russian/US respectively.
Here the concept has been extended to large multinational corporate relations.
Hyperbole, no one is knocking on the door in the middle of the night with a stick, these are letters sent. In fact some organizations advertise the contact details for law enforcement requests.
Countries employee the metaphorical stick of comply or get band in this country. Some company has walked away from a country over this.
If you ignore the letters long enough, someone will come knocking. The FBI will SWAT anyone, if it comes down to it. For example, the FBI raided the Rocky Flats facility, where triggers for nuclear weapons were manufactured. Basically, the FBI raided the DOE.[0]
[1]https://www.reuters.com/article/us-blackberry-saudi/rim-to-s...