Hackers squeeze BlackBerry for spilling juice on London riots

The hacking of BlackBerry’s official blog by the mysterious collective TeaMp0isoN raises serious questions.

This black-hat hacking group, founded in 2009, has so far claimed responsibility for more than 1,400 attacks, including the extraction and release of private information belonging to former British prime minister Tony Blair.

The TeaMp0isoN hackers defaced the InsideBlackBerry blog – which publishes tips and news for the BlackBerry-user community – publishing a message stating they were outraged by the intention of Research in Motion (RIM) – a BlackBerry manufacturer – to cooperate with UK police to identify looters and rioters.

While the Apple iPhone is the most popular smartphone in the UK, BlackBerry is the smartphone of choice among young adults (16 to 24 years old) and teens.

In both demographics, BlackBerry holds a 37% market share, the next-most-popular device being the iPhone, preferred by 25% of young adults and 17% of teens.

BlackBerry devices have a long-standing reputation for data security – users’ information is encrypted using the Triple DES and AES encryption schemes.

TeaMp0isoN argued that innocent people would be caught up and wrongly punished because “the police are looking to arrest as many people as possible to save themselves from embarrassment.”

TeaMp0isoN claims to have broken into BlackBerry’s database and stolen private account information. They have – ironically enough – threatened to publish such information should RIM go ahead with plans to give the police access to user’s personal information.

The hacking collective also says they do not support the rioters except for those “that are engaging in attacks on the police and government.”

So, what are we to make of this particular hack? Do the TeaMp0isoN hackers have a point – however poorly expressed – that RIM should not be assisting police? Is RIM acting in an illegal or immoral manner by saying they will cooperate with the police?

Legality

Let’s look at the issue of legality first. In EU countries (and in Australia and the US), any company offering communications services to the public is bound by legislation relating to Lawful Interception.

These obligations include delivery to law enforcement agencies of the content of communication, as well as information about that communication, such as recipients, location, time of day, and so on.

In the past, it’s usually been the responsibility of the telecommunications companies to provide relevant information to law-enforcement agencies.

But with the advent of newer players in the communications field – such as internet service providers (ISPs) and application service providers (ASPs) – the obligation falls just as strongly on them.

EU legislation has followed the US in not differentiating between carriers (telecommunications companies) and carriage service providers (ISPs and the like).

Consequently, BlackBerry, as a company operating a communication service used in the UK, almost certainly has obligations to cooperate with the police in their investigations.

Of course, there are all sorts of issues related to international law that complicate matters, and there are many technical challenges in carrying out intercepts of internet traffic.

But RIM, in saying they are going to cooperate with the UK police, are most likely doing nothing more than stating they will do what they are obliged to do anyway.

Morality

So what of the morality of RIM cooperating with the police? From the outside, it seems difficult to understand how looting shops, torching cars and houses, and killing innocent bystanders can be justified.

Assisting the police to bring a swift end to the riots would seem to be the morally correct thing to do – so if RIM can help, it should.

The moral good of stopping the violence would seem to outweigh dubious concerns about the police wrongly arresting people.

Finally, there is the question of the morality of a shadowy, anonymous group of hackers attempting to blackmail a company to accede to its demands.

I think that’s morally quite indefensible.

Leave a Reply

Your email address will not be published. Required fields are marked *