Risk
8/9/2011
11:33 AM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

U.K. Police Seek BlackBerry Messages Following Riots

BlackBerry maker Research In Motion has offered to help the police with their investigation, but has not specified what data will be shared.

Strategic Security Survey: Global Threat, LocalPain
Strategic Security Survey: Global Threat, Local Pain
(click image for larger view and for full slideshow)
Much of the current rioting and looting in London has been coordinated not just via Facebook and Twitter, but also via BlackBerry smartphones that use encrypted communications, according to British authorities.

Using social networks to coordinate protests is nothing new. But when it comes to BlackBerry devices, authorities would have difficulty cracking related communications, and in particular the BlackBerry Messenger (BBM) instant messaging system that is reportedly being favored by protestors.

But on Monday, BlackBerry manufacturer Research In Motion (RIM) said that it had offered to assist investigators. "We feel for those impacted by this weekend's riots in London. We have engaged with the authorities to assist in any way we can," said RIM global sales and regional marketing managing director Patrick Spence, in a statement.

"As in all markets around the world where BlackBerry is available, we cooperate with local telecommunications operators, law enforcement, and regulatory officials," he said, adding that RIM would comply with all relevant U.K. laws, as well as the U.K. government and police forces.

Some of the BBM messages, which can be broadcast from one person to many addresses, and transferred anonymously, have been reposted on social networks and across the Web. One BBM message, for example, read: "Police are NOT ON DIS TING. Everyone meet at 7 at Stratford park and let's get rich."

By many accounts, BlackBerry smartphones are a favored device for coordinating the riots, which largely seem to comprise teenagers and people in their twenties. The choice of smartphone, then, isn't surprising, since BlackBerry smartphones account for 37% of the teenage market share in Britain. That's according to a new Communications Market Report from Ofcom, the independent regulator and competition authority for the United Kingdom. "Anecdotal evidence suggests that this preference is driven by the BlackBerry messenger service (BBM) which offers a free alternative to texting (SMS)," according to the report, which was released on Thursday.

How might U.K. law enforcement agencies recover BBM messages, without RIM's overt offer to help? For starters, they'd have to apply for a court order requiring RIM to turn over requested communications. But RIM, based in Canada, wouldn't necessarily have to comply with those requests.

Law enforcement agencies in the United States also face procedural hoops requesting such data. "Law enforcement must use legal process to obtain information transmitted via BlackBerry," said Christopher Wolf, director of the privacy and information management practice at law firm Hogan Lovells and co-chair of the Future of Privacy Forum. "They cannot just present themselves and say, 'Let me see the data traffic.' For a CIO or telecom manager who might receive a demand from the police for access, the first thing he or she should do is call the company's lawyer for help."

In its statement, RIM didn't specify how it would work with British police. Furthermore, the company wasn't immediately available to respond to requests for comment, including details of how it would protect the privacy of people in Britain who may have communicated about--but not participated in--the riots, as well as whether it would share historical location information for subscribers.

The London riots broke out on Saturday. They were apparently triggered after a 29-year-old man, Mark Duggan, was shot in a minicab in the Tottenham area of London by police officers as part of what they termed a "planned operation," on Thursday, investigating gun crime. But details of his shooting remain unclear. That lack of clarity appears to have triggered the initial riots, leading to widespread looting, numerous fires, and multiple confrontations between protestors and police officers. By Monday night, after three days and nights of incidents, the rioting had spread to eight more areas, including the cities of Liverpool and Birmingham.

U.K. police have said they will prosecute anyone who used Twitter or Facebook to instigate violence. Interestingly, however, people in areas affected by the violence have turned to Twitter to coordinate cleanup efforts. By Tuesday, the Twitter account "Clean Up London" (@Riotcleanup) had attracted more than 70,000 followers.

Attend Enterprise 2.0 Santa Clara, Nov. 14-17, 2011, and learn how to drive business value with collaboration, with an emphasis on how real customers are using social software to enable more productive workforces and to be more responsive and engaged with customers and business partners. Register today and save 30% off conference passes, or get a free expo pass with priority code CPHCES02. Find out more and register.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVE-2012-1317
Published: 2014-04-23
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

CVE-2012-1366
Published: 2014-04-23
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVE-2012-3062
Published: 2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

CVE-2012-3918
Published: 2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

Best of the Web