Commissioned by RIM, the German Fraunhofer Institute for Secure Information Technology is going to conduct a security review of the BlackBerry device. RIM's decision for an independent review comes only two weeks after the German Federal Office for Information Security (BSI) had issued a
security warning to BlackBerry users in Germany.
All messages sent and received with the BlackBerry in Germany go through RIM's data centers located in Egham/UK. Arguing that under British law it'd be easy for British officials to gain access to all logs and stored data - e.g. for the protection of the British economy - the BSI worries that sensitive information could fall in the hands of the wrong people. RIM dismisses the allegations, maintaining that it's virtually impossible for them to share information to third parties, because data is not stored on their servers but only forwarded from there to the final destination. In addition, the forwarded data is encrypted using popular AES or DES3 encryption to prevent illegal eavesdropping, so the company claims.
Although for mere mortals AES encryption might be sufficient, it's important to note that the German government uses another method,
SINA-VPN (with
Libelle encryption), for securely transmitting sensitive data.
[via
Heise Security]