BlackBerry's Best Hope Lies in Building the Anti-Surveillance Smartphone

On Monday, BlackBerry reported it would be making the move back to private ownership through a consortium led by Fairfax Financial. The news followed hot on the heels of last Friday's announcement that BlackBerry is laying off 4,500 employees. In an extremely crowded smartphone market, BlackBerry returning to glory seems like a long shot. But considering growing demand for privacy options in gadgets, why doesn't BlackBerry refashion as the maker of the most secure phones around?

BlackBerry was once known for having the best security in the smartphone market. But it's now widely understood that foreign countries, many of them in the Middle East, raised a lot of stink about BlackBerry's lack of a backdoor into its user's data.

Some countries, like United Arab Emirates (UAE), went so far as to temporarily ban the company's phones. Others, like Saudi Arabia and Indonesia, threatened to do the same. The UAE eventually permitted BlackBerry sales once the company installed limited backdoors for "terrorism" intel purposes, which sounds a lot like the NSA's justifications in the US.

In other words, BlackBerries have been compromised—along with other smartphones—for years now. In 2010, CNN's Doug Gross spoke with mobile industry analyst Kevin Burden (now at Security Analytics) about the threatened bans coming out of UAE (India and Indonesia launched their own BlackBerry-busting campaigns).

"The impact can be huge if this thing continues to go forward," said Burden in the CNN interview. "If something like this holds up, you can expect governments in other emerging markets to follow suit… My sense is that the UAE goes after RIM and BlackBerry, saying 'Let's start with the king in all of this. Let's knock them down, then all of the others will fall in place afterward.'"

While BlackBerry (then still known as RIM) began its decline largely because it couldn't keep up with the development pace of iPhones and Androids, it's rather fascinating to note that its initial refusal to give up backdoors led to direct erosion of its market share.

“The issue was that some of the operators in the UAE were basically saying, 'If you bought a BlackBerry in the last six months, bring it back and we'll give you an iPhone',” Burden told me. “Apparently, the UAE had no problems with the iPhone—they could look into emails quite easily.”

What should be remembered is that the United States and Canadian governments worked to head off the BlackBerry bans by helping negotiate the insertion of backdoors. Even before these negotiations, the US government had found its way into BlackBerry's network as early as 2009, as detailed in a recent Der Spiegel report. And while revised data encryption methods shut the NSA out, by 2010, GCHQ (the UK's equivalent to the NSA) announced in a top secret document that it had regained access to BlackBerry phones.

The result is that BlackBerry regained its place in some markets by compromising the security of its phones. That didn't prove to be a successful choice, as BlackBerry has simply been unable to compete toe-to-toe with glitzy iPhones and flexible Androids. But that also means there's still a huge vacuum for secure devices. By getting back to its secure roots, BlackBerry would again have a solid point to differentiate itself with.

After the Summer of Snowden, Americans and others internationally are clamoring for secure, encrypted electronic communications. Riseup.net is satisfying this demand from activists and dissidents, while the Wickr app (and its self-destructing messages)is now available on 90 percent of smartphones. Lockbox and Least Authority are also marketing their encrypted cloud services as NSA-proof. The market is clearly there.

Of course, suggesting that BlackBerry market itself as secure assumes that BlackBerry is secure, and hasn't created—or allowed the NSA to create—surveillance backdoors. As of now, it's not all the way there.

"Any company that has access to data/metadata can't claim to not turn it over when required by law enforcement. While some of BlackBerry's stuff is end-to-end encrypted, much of it is not," said Ian Goldberg, a security researcher, University of Waterloo professor, and co-creator of Off-the-Record Messaging (OTR) protocol. "I also think you'll have a hard time finding someone with such knowledge who would be allowed to tell it to you, of course."

Security expert Anton Kapela believes finding a way into a BlackBerry is really just a matter of money.

"I'd have to assume with a few billion one can gain access in some way to any system. This is especially likely to happen in a closed-source system like BlackBerry," said Kapela. "The whole reason BlackBerry got popular with enterprise folks was due to the admin having totally full control over the handset, which was seen as important for some company's info security compliance needs. This means, however, that a BlackBerry user is totally subject to their admin's policies and whims. A boss would have more access to an employee's communications than the NSA would get, in this case."

Kapela is betting on Ubuntu phone OS's ability to lead to a more trusted smartphone platform. With an open source OS, he believes a public dialog about verifying software integrity can be had, laying the groundwork for the public auditing of code.

IT security consultant Marc Heuse sees other security-related problems at BlackBerry, all of which are set in relief against news of BlackBerry's layoffs and private consortium purchase.

"The problem at BlackBerry is that they have good security people, but they are not being heard," Heuse told me through email. "There are security issues in design, implementation, etc., but for political reasons (other departments having higher priority, etc.), there is nothing being done."

Heuse thinks BlackBerry's QNX is a nice operating system, but that they could add much more security and crypto to make it a truly secure product. "So far, they have not done enough," said Heuse. "And with the layoffs coming now, I doubt they even have the people now to actually do that."

Canadian laws could also be problematic for BlackBerry's security reputation. If Canada is enforcing access to emails, instant messages, GPS positioning, etc., then Heuse believes a truly privacy-sensitive BlackBerry is an impossibility.

EFF's Senior Staff technologist Seth Shoen, on the other hand, believes BlackBerry's hard-won security reputation was only partially compromised when it allowed the Indian government access to BIS, BlackBerry's general public service. Shoen said that BES, BlackBerry's corporate service, remained uncompromised. BES infrastructure is operated by each business, while BIS is operated by BlackBerry itself on behalf of each users via an encrypted connection back to BlackBerry's servers.

"It seems like BlackBerry's reputation for security may have been damaged for some audiences by the claim that NSA can penetrate it, even though NSA is the most formidable adversary in this regard in the world, with incredible resources," said Shoen, who added he's met a number of people working for foreign governments who used BlackBerry products to communicate. And since NSA regards the phones as legitimate targets, BlackBerry may have to explain how the company can protect users, or if they can do it all.

"I think the sad story is that, while Blackberry may not have done a good job, and may have capitulated too readily or failed to defend against some kinds of spying that it could potentially have protected against, very few other companies have even tried to provide secure communications to users," said Shoen. "So we might be talking about how BlackBerry failed in some way, or what it will have to do to regain users' trust—while most other mobile companies have never even started down the path of protecting their users with strong encryption."

Shoen is right; there aren't any options for out-of-the-box security from the major mobile manufacturers. As he noted, the entire mobile industry offers weak or non-peer reviewed ciphers; leaves systems open to attack by fake cell towers (IMSI catchers) that can shut encryption down entirely; applies little to no encryption to chat messages; deliberately creates backdoors; and, perhaps worst of all, fails to give smartphone users the tools for secure, encrypted privacy.

It's not just government snooping, either. Across the globe, hackers have proven more than capable of hacking smartphones, whether to read texts, listen in on phone calls, or alter the phone's software itself. Last year, former McAfee cybersecurity researcher Dmitri Alperovitch used a then unknown hole in smartphone browsers to gain full control of phones, allowing him to eavesdrop on calls, and monitor chat messages and emails.

Just this week, Chaos Computer Club, the largest hacking group in Europe, announced that it had bypassed Apple's TouchID using "easy everyday means." And yet the latest iPhone set new sales records, with people lining up to buy a phone that, like most others, is lacking in security. That sort of gleeful ignorance is astounding, but par for the course in a world that entrusted big government and business with personal privacy.

BlackBerry was never known for these types of glaring vulnerabilities. And, if they discovered any, the company quickly worked to patch them up.Is this still the case after simply trying to survive the iOS and Android onslaught? Maybe, maybe not. It's worth noting that even well into BlackBerry's decline we don't hear much about vulnerabilities, even after the company's concessions to India and other countries. But if the company decided to capitalize on that message, it'd surely find open wallets.

A recent Pew poll found that 86 percent of internet users "have tried to be anonymous online and taken at least one step to try to mask their behavior or avoid being tracked." Extrapolate these statistics to smartphone anonymity, and BlackBerry's path seems clear.

If BlackBerry wants to compete in a smartphone market far more crowded than it was during its heyday, BlackBerry should double-down on its proactive security and encryption work. Branding their phones NSA-proof would be ill-advised, but there is nothing stopping BlackBerry's new brass from touting strong encryption and security. Play it up. Create a cultural critical mass.

"If companies like BlackBerry do want to market themselves more aggressively in terms of what they've done on security that their competitors haven't, hopefully they'll be much more transparent in explaining the details—what they think makes them better and why," said Maass. "Then we can have more substantive conversations about how well those things might work against what kinds of threats."

While Burden believes BlackBerry still has potential in the realm of privacy, consumer demand for fancy design and "cool" factor might just prove too powerful for the company to overcome.

“Everyone says that they want privacy, but if you ask someone if they want to pay for privacy, or if they would use one particular device because it's more private than the device that they really want to use, they'll say 'No',” Burden said, noting that when the iPhone and Android phones came out they nowhere near as secure as BlackBerry phones. Even so, enterprise companies allowed employees to use iPhones and Androids despite protests from their IT teams, who rightly pegged the phones as vulnerable to hacks.

“I think there has been so much bad press about BlackBerry that people are kind of embarrassed to be seen with their phones,” Burden added. “BlackBerry is now perceived as uncool, and that's a really hard thing to turn around. Can they rebrand themselves? Well, they just did—they went from Research In Motion to BlackBerry. The brand is recognizable but it's tarnished.”

This does not mean BlackBerry cannot make security itself cool. Those who advocate for secure encryption and anonymity are now something of a counterculture (though one that now reverberates into the mainstream), making BlackBerry far more culturally subversive than Apple could ever be. BlackBerry needs to understand this reality, and build a phone that can tap into this anti-Orwellian zeitgeist. Then, perhaps, they might see their fortunes rise again.