Skip to content

Government of India goes off the deep end with BlackBerry request

I’ve resisted too much comment about this, feeling that my specialty is really mobile development, rather than IT infrastructure and BlackBerry security, but the latest ’suggestion’ from the government of India has pushed the whole BlackBerry security story from a sort of badly-managed PR problem for RIM into an absurd Orwellian/Gibsonian alternate reality.

The problem that UAE and Saudi Arabia (and now India) have had with BlackBerry email is that it’s too secure. Understandable, these are strong centralist regimes who like to regulate many aspects of their citizens’ lives. Now somewhere the press started reporting that the US Government actually has access to encrypted BlackBerry email, and other governments - such as India - started to say: “Hey, we want that too!”
There are at least 3 problems with this story:

Problem 1:

The US Government does not have the ability to spy on encrypted BlackBerry email.

First, look at this BlackBerry architecture diagram. BlackBerry is a very secure system, when used with a BlackBerry Enterprise Server (BES). The entire content of every packet exchanged between a BlackBerry device and its BES is encrypted with a symmetric key (usually AES, sometimes Triple DES) that’s only known to the device and the BES. Each device has a separate key. Keys can be created and exchanged entirely within the corporate firewall, without ever being sent over the public internet (there’s also an exchange mechanism using PKI - a method that’s widely used and secure even outside of BlackBerry) . Both AES and TDES are secure enough that the NIST has approved them for use by the US government in sending classified information. There are no known substantive attacks to AES. There are no known backdoors. Maybe the NSA or someone has discovered a way to crack AES, but that would mean the end of pretty much all digital security everywhere, and anyway if I had actual proof of that I probably wouldn’t be in a position to write this article.

Problem 2:

National Governments can already look at the encrypted packets sent and received from BlackBerry devices in their countries

Let me emphasize this first - I don’t mean that governments can see the content of packets: as I stated above, the content is encrypted, what I mean is that there’s a tiny bit of non-encrypted information that you can get even from an encrypted packet - information about where the packet came from and where it’s going. Check out that security diagram from RIM again. Notice that while AES/TDES encryption applies to the whole path, there’s still a point where those (fully encrypted) packets flow from the wireless service provider’s infrastructure over the internet to the corporate BES. Actually there’s an additional hop through RIM’s infrastructure, but the point is: at some point those packets are flowing on internet infrastructure within your national borders!. You can look at them, do whatever you want with them (we know China has pretty much their entire vast country behind a firewall). It doesn’t matter that they have to go outside the country to get through RIM’s servers, they’re encrypted. RIM can’t read them anymore than anyone else can. In fact arguing that sending them through RIM’s servers is a security risk would be to argue the exact opposite of the ‘too secure’ problem (up is down, black is white?).

Problem 3:

Asking RIM to give access to unencrypted email sitting on the BES is insane

So after discovering problem 1, Indian authorities decided that a reasonable solution would be to get access to BlackBerry email before it’s encrypted (or after it’s decrypted).
Yes it is true that email before being sent (and after being received) sits unencrypted in part of the BES. However, it is also true that that same email at some point sits unencrypted on the corporate Exchange or Lotus Domino server. Also that it sits unencrypted on millions of mail clients on desktops. It’s also true that the unencrypted email in the BES is only a subset of all that other unencrypted email. It seems that the Indian government’s spat with RIM is really a proxy battle to get access to all corporate email. RIM looks like the weak link. Well, call it what it is, you’re asking a technology vendor to smash a hole in the corporate firewall and give access to internal information. Essentially to turn the BES into a giant piece of spyware. Whatever faults RIM has, it would be insane to comply with something like that.

Now think about it from another point of view. Given that access to BES email is essentially the same as access to all corporate email, another way of phrasing the request is that India, a liberal, largely prosperous, largely capitalist, democracy wants to spy on its (corporate) citizens. I think that’s a much bigger and much more important story than BlackBerry vs the government of India.

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in Uncategorized.

By anthony
August 20, 2010

No comments

Mobile Development and Consulting services (BlackBerry, Android, iPhone)

I offer mobile design and development services - focusing on BlackBerry but also cross-platform (iPhone, Android, BlackBerry, web) and maybe even iPhone or Android only projects if they’re interesting enough.

I’ve been involved in the mobile software industry for almost 10 years, have founded a couple of market-leading mobile companies, (RoveIT, Zeebu Mobile), have built and led mobile development teams at many other organizations, and am the author of the top-selling book on BlackBerry development.

Contact me for a portfolio and more information.

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in Uncategorized.

By anthony
July 30, 2010

No comments

Five Things that BlackBerry does better than iPhone

Another op-ed piece (don’t worry, I’ll get to more concrete stuff again soon).

I’ll start with a confession - I’ve been using an iPhone instead of a BlackBerry for the past little while, because my company has been focused on developing some iPhone products. The iPhone is a phenomenal device, and certainly has to have RIM worried, but having used both devices now, there are definitely a lot of things that the BlackBerry does way better. I’ve picked 5 things that I really really miss about using a BlackBerry (and probably they’ll be the reasons that I go back to BlackBerry for day-to-day use soon). I think most of these are known to most people, but I’ve omitted a few things that are commonly thought of as BlackBerry’s advantages - I’ll explain why at the end of the article.

Continued…

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in opinion. Tagged with , , .

By anthony
January 19, 2010

4 comments

BlackBerry JDE Plug-In for Eclipse 1.1 Beta - Part 1

The BlackBerry Developer Conference (Nov 9-12 in San Francisco) contained a lot of new announcements - among the bigger ones (Payment Services, Advertising Services, etc) one of the most exciting - from my point of view - may have been overlooked a bit. A new version of the BlackBery JDE Plug-In for Eclipse - v1.1 - as of this writing in Beta.

Being a huge fan of Eclipse for BlackBerry development - despite numerous problems - I was eager to try out this version. I discovered a few interesting quirks, but overall a much more solid development experience.

Continued…

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in 1.1, Uncategorized, basics, eclipse. Tagged with , , , , , .

By anthony
November 23, 2009

12 comments

GPS Class

I just started coding in J2ME just under a year ago, when I wanted to build a GPS Golf application.  After learning the wrong way to do it, I found a GPS class that I have changed a bit to suit my needs.  The following is a simple GPS class that will run on its own thread in the background, and you can use the get methods to get any of the GPS data that is avaliable.  The way I use the Class is with a Timer Task, but I’m sure it could be changed to use a lister if that is what you are looking.  Remember It’s code, you can do anything! :)

Here is my GPS class that I use:

import javax.microedition.location.Location;
import javax.microedition.location.LocationException;
import javax.microedition.location.LocationListener;
import javax.microedition.location.LocationProvider;
import javax.microedition.location.QualifiedCoordinates;
/**
 *
 * @author Justin
 *
 */
public class GPS extends Thread {

	private double latitude;
	private double longitude;
	private String satCountStr;
	private float accuracy;
	private double heading;
	private double altitude;
	private double speed;

	private int interval = 1; // time in seconds to get new gps data

	/**
	 * This will start the GPS
	 */
	public GPS() {
		// Start getting GPS data
		if (currentLocation()) {
			// This is going to start to try and get me some data!
		}
	}

	private boolean currentLocation() {
		boolean retval = true;
		try {
			LocationProvider lp = LocationProvider.getInstance(null);
			if (lp != null) {
				lp.setLocationListener(new LocationListenerImpl(), interval, 1, 1);
			} else {
				// GPS is not supported, that sucks!
				// Here you may want to use UiApplication.getUiApplication() and post a Dialog box saying that it does not work
				retval = false;
			}
		} catch (LocationException e) {
			System.out.println("Error: " + e.toString());
		}

		return retval;
	}

	private class LocationListenerImpl implements LocationListener {
		public void locationUpdated(LocationProvider provider, Location location) {
			if (location.isValid()) {
				heading = location.getCourse();
				longitude = location.getQualifiedCoordinates().getLongitude();
				latitude = location.getQualifiedCoordinates().getLatitude();
				altitude = location.getQualifiedCoordinates().getAltitude();
				speed = location.getSpeed();

				// This is to get the Number of Satellites
				String NMEA_MIME = "application/X-jsr179-location-nmea";
				satCountStr = location.getExtraInfo("satellites");
				if (satCountStr == null) {
					satCountStr = location.getExtraInfo(NMEA_MIME);
				}

				// this is to get the accuracy of the GPS Cords
				QualifiedCoordinates qc = location.getQualifiedCoordinates();
				accuracy = qc.getHorizontalAccuracy();
			}
		}

		public void providerStateChanged(LocationProvider provider, int newState) {
			// no-op
		}
	}

	/**
	 * Returns the terminal's course made good in degrees relative to true north.
	 * The value is always in the range (0.0,360.0) degrees.
	 *
	 * @return double
	 */
	public double getHeading() {
		return heading;
	}

	/**
	 * Returns the altitude component of this coordinate.
	 * Altitude is defined to mean height above the WGS84 reference ellipsoid.
	 * 0.0 means a location at the ellipsoid surface, negative values mean the
	 * location is below the ellipsoid surface, Float.NaN that no altitude is
	 * available.
	 *
	 * @return double
	 */
	public double getAltitude() {
		return altitude;
	}

	/**
	 * Get the number of satellites that you are currently connected to
	 *
	 * @return String
	 */
	public String getSatCount() {
		return satCountStr;
	}

	/**
	 * Get the Accuracy of your current GPS location
	 *
	 * @return float
	 */
	public float getAccuracy() {
		return accuracy;
	}

	/**
	 * Returns the latitude component of this coordinate.
	 *
	 * Positive values indicate northern latitude and negative values southern latitude.
	 *
	 * @return double
	 */
	public double getLatitude() {
		return latitude;
	}

	/**
	 * Returns the longitude component of this coordinate.
	 *
	 * Positive values indicate eastern longitude and negative values western longitude.
	 *
	 * @return double
	 */
	public double getLongitude() {
		return longitude;
	}

	/**
	 * Get your current ground speed in meters per second (m/s) at the time of measurement
	 *
	 * @return double
	 */
	public double getSpeed() {
		return speed;
	}
}

Once you have added the GPS class to your project you can then use it the following way:

GPS gps = new GPS();
gps.start();

I like to start my GPS class as soon as my application starts up because it can take anywhere between 2 to 10 minutes for the BlackBerry to get a GPS lock. It will depend where they are. If you are outside with a clear view of the sky it works best (line of sight). Once you have the GPS option you can just pass the object between your screens or, if you want or you can just start a new GPS object, and if the first GPS object already has a lock then the new GPS class will get a lock right away.

Like I said before I like to use a Timer Task to update my screen UI. The reason for this is that it give me more options. This way I can tell the applciation how often I want to update the screen with the new data. I do it the following way:

import java.util.Timer;
import java.util.TimerTask;
import net.rim.device.api.ui.component.RichTextField;
import net.rim.device.api.ui.container.MainScreen;

public class GPSScreen extends MainScreen {
	GPS gps;
	Timer timer;
	RichTextField txtGPS;

	public GPSScreen(){
		gps = new GPS();
		timer = new Timer();
		timer.schedule(new CheckGPS(), 100, 1000);  //check for GPS every 1 second;

		String textGPS = "";
		txtGPS = new RichTextField(textGPS, RichTextField.NON_FOCUSABLE);

		add(txtGPS);

	}
	public boolean onClose()
	{
		timer.cancel();  //cleanup
		this.close();
		return true;
	}

	public class CheckGPS extends TimerTask{
		public CheckGPS() {
		}

		public void run() {
			double lat;
			double lng;
			lat = 0;
			lng = 0;

			lat = gps.getLatitude();
			lng = gps.getLongitude();

			if (lat != 0.0 & lng != 0.0) {
				synchronized (MyApplicationName.getEventLock()) {
					double acc = gps.getAccuracy();
					txtGPS.setText(lat + ", " + lng + " (" + gps.getSatCount() + ") (" + (int) acc + ")");
				}			

			}
			else
			{
				String thetxt = txtGPS.getText();
				synchronized (MyApplicationName.getEventLock()) {
					if(thetxt.length() > 10)
						if(thetxt.length() > 25)
							txtGPS.setText("Waiting for GPS.");
						else
							txtGPS.setText(thetxt + ".");
					else
						txtGPS.setText("Waiting for GPS.");
				}
			}
		}
	}
}

Here is a screen shot from my simulator:

GPSScreen in use with the GPS class

GPSScreen in use with the GPS class

So within my Timer Task that runs once every second I use my get methods to get the Lat and the Long from GPS and I check to see if they are set. You could also add some more logic into the GPS class with a boolean flag to see if we have a GPS lock before you even get the values.

This GPS class will work with (almost) any BlackBerry Smartphone device that is GPS enabled. It will not work for Verizon 8130, 8330, and 8830, but it does work with the Verizon Storm and Tour. This Class will work with any 4.2 device that has a Bluetooth GPS receiver, including the Verizon devices listed above (8130, 8330, and 8830) as a workaround to the Verizon GPS lock-down.

Here is some related GPS information:

Enjoy!

Justin

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in basics, components, gps. Tagged with , , , , , .

By justin
September 24, 2009

11 comments

Welcome Justin!

I’ve convinced someone else to write a post about GPS for Thinking BlackBerry!

Justin is a BlackBerry developer (among other platforms) and has created a couple of great BlackBerry applications, including BBGPSGolf, a great free golf application for BlackBerry that uses the device’s GPS to show a map and give you information about golf courses (distances to the green, etc) on your device while you’re on the course.

Anyway, he graciously offered to share some of his GPS expertise with us so read his post and if he gets enough good feedback maybe he’ll share some more of his BlackBerry development expertise!

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in Uncategorized.

By anthony
September 24, 2009

2 comments

Non Coding Related (Mostly)

I’ve been meaning to write this post for a while, but it sounds too much like making excuses. Well, in a way it is.

Faithful readers may have noticed how the frequency of my posts has dropped off rather sharply in the last few months. There are two reasons for this.

First, I’ve started a company called Zeebu Mobile doing - what else? - BlackBerry application development, specifically in educational and early childhood applications. We just released our first product, Baby GO!, which is free and runs on all BlackBerry devices with OS 4.2.0 and higher.

Second, I’ve been writing a book called Beginning BlackBerry Development which will be published (hopefully!) in late October.

No worries about the book - it doesn’t restrict me in any way from posting, except that it’s taking up a lot of my time. I’m still free to write about the topics I cover in the book on this blog.

The really good news for anyone reading this, is there are a couple of new things coming along soon that should result in more posts to the blog in the very near future. So bear with me and stay tuned! Thanks.

-Anthony

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in Uncategorized.

By anthony
September 1, 2009

5 comments

BlackBerry Arithmetic Performance

Playing with some animation for a new BlackBerry product (see next post) and wondering about performance of double/float/Fixed32 arithmetic I came across this post on Blurry Words, which is exactly what I was looking for.

Basically performance depends on the type of arithmetical operation you’re doing (though double is always slowest, usually by a wide margin). For addition and subtraction, Fixed32 is faster, for multiplication and division float wins out. Some sample results:

BlackBerry Bold

Variable Type Add/Sub (ms) Mult (ms) Div (ms)
Fixed32 153 597 776
float 317 242 550
double 514 366 1931
long 114 117 225
int 96 90 114
short 102 102 125
byte 104 107 127

The net.rim.device.api.math.Fixed32 class is interesting - I’ve mostly used it in scaling EncodedImages. It packs a fixed decimal representation of a number into a 32 bit int datatype, using the leftmost 16 bits for the whole part, and the rightmost 16 bits for the fractional part. This has the result that the normal + and - operators work as expected, but multiply and divide are handled through special functions.

Though I’ve gotta disagree with the poster’s conclusions - Fixed32 is not strictly legacy, it’s only been available since OS 4.0, at which time float and double were available on BlackBerry.

There’s a lot more interesting discussion and more results for different devices just in this post, so I encourage to read the original!

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in Uncategorized.

By anthony
August 30, 2009

No comments

Sibling CODs - or How to Make Your App Install Over The Air

It’s been way too long since I wrote a post - interesting aside for bloggers: don’t get out of the rhythm, it’s incredibly hard to start back up again once it’s no longer part of your daily routine. Anyway, I’ve been busy (more on that later) but due to demand am now committed to start posting again, and it was a recent comment on an earlier post that gave me the idea for this one: short but sweet and valuable to all aspiring BlackBerry app developers.
Continued…

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in Uncategorized.

By anthony
July 21, 2009

2 comments

What would you like to know about BlackBerry development?

I’ve gotten several good ideas for posts from the readers of this blog, so I’ve decided (based on a user comment) to put a sticky post up solely for the purpose of soliciting new post ideas.

So here it is: What would you like to see me write about? Any area of BlackBerry development is fair game. Leave comments below and I’ll pick the ones that are most in demand or that I think would make the best posts.

I’ll start off with some ideas:

  • BlackBerry networking - TCP/BIS/BES - what are they and how do you use them?
  • Resource bundles and localization
  • Debugging with the Eclipse debugger
  • Debugging your application on a real BlackBerry using the Eclipse debugger (or the JDE debugger)

Thanks!

Anthony

Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google

Posted in Uncategorized.

By anthony
March 18, 2009

18 comments