Memogate Scandal: How BlackBerry Set Works

blackberry Memogate Scandal: How BlackBerry Set Works

WOODBRIDGE, VA: As the memogate commission issued notices to various parties in the memogate investigation in Islamabad on Monday it will not be the testimony of ex-ambassador Husain Haqqani or the contents of the affidavit of former US national security adviser Gen James Jones or even the in-person testimony of American businessman Mansoor Ijaz that would matter.

It will be the forensic analysis of telephone records, e-mail exchanges and BlackBerry chats
that allegedly took place between Ijaz and Haqqani from May 9 to May 11. Phone records will be the easiest to ascertain and provide direct evidence and confirmation. But for most Pakistanis, the internal workings of a BlackBerry device are not that well understood. The forensic testing of Ijaz’s devices, which apparently still hold the original exchanges with Haqqani, and the ability to retrieve such data independently from Research In Motion Limited (RIM), the maker of BlackBerry devices, will be the key determining factor in whether memogate is consigned to the dustbin of history or is the hammer that nails the coffin shut of those who stand accused of committing such heinous crimes against the state.

Every BlackBerry device has a unique identifier called a PIN CODE. This PIN is an eight-digit alphanumeric which registers a particular handset for use on the RIM servers so that any user can reach any other user of BB services for minimal monthly cost.

Messages sent by BB Messenger are encrypted and cannot be seen by others in real time. Every BlackBerry device has a PIN, exactly like a fingerprint identifying the DNA of that particular handset. BBs are the device of choice among the professional class because a BlackBerry handset can exchange not only secure, encrypted chats between its users, but can also receive and send e-mails, SMS, MMS in addition to being utilized as a normal telephone.

BBs have the added feature of a PIN message that shows up in bright red font on a BB screen, that is only seen between two users chatting with each other (like a highly encrypted e-mail message from one mailbox to another). PIN messages appeared in the list of exchanges between Ijaz and Haqqani, according to Ijaz’s SC statement.

In the memogate case, some complex issues arise if there was an intent on the part of one or the other, or even both, protagonists (Ijaz and Haqqani) to delete, erase or modify the data in their handsets. Let’s start with what we know.

Ijaz has made publicly available 31 screen shots of his BB handset as part of his witness statement to the SC. If those screen shots reflect real data, then his handset holds sufficient evidence to be forensically examined and demonstrate that those conversations he claims took place between him and Haqqani were in fact real. Why so? Because Ijaz’s PIN is verifiable as belonging to him, and the incoming messages would have to have been received by the sender’s PIN, which is also recorded in Ijaz’s handset.

The harder part will be to ascertain whether the PIN associated with incoming BB messages sent to Ijaz’s device belonged to a handset used by Haqqani. The PIN is unique to the handset. The SIM card (and therefore the phone number that belongs to that particular SIM card) is not.

A SIM card for a telephone number belonging to Haqqani could theoretically be installed in a different handset than the one he was sending his BB chats from. Once used for the purpose intended, he could discard that BB handset, never to be seen again, and only RIM could confirm using Ijaz’s handset whether the chats did take place or not.

If, on the other hand, Haqqani used one of his two normal phone numbers to send BB chats to Ijaz (one issued for official use as ambassador – a 202 number, and one privately kept by Haqqani – a 617 number from his old days in Boston University’s employ that he used for non-government work), then RIM would have evidence of which SIM card, and therefore telephone number, was used to transmit the BB chats by that specific PIN code.

Commission investigators will have a tough time getting to the bottom of what phones Haqqani did or did not actually use.

He will have to be asked to produce the two handsets that had the PIN numbers disclosed by Ijaz as belonging to Haqqani on the days in May and in October/November when they allegedly exchanged large numbers of chat messages.

If he refuses, or cannot because the devices have been disposed of, the only other certain way to ascertain whether Haqqani sent the messages would be an unlikely confession or a Commission subpoena of data from RIM. This is being apparently done by the Commission. It may be hard to get but possible.

One other possibility exists. RIM could be subpoenaed to hand over all messages associated with the PIN codes allegedly used by Haqqani. Those messages would then identify PIN codes other than Ijaz’s, which would then confirm that Haqqani was in fact the sender because his chat list of contacts would be unique to him, and the PIN codes of others with whom he communicated could not be set aside so easily.

If history is any guide, the Commission will have its work cut out to demand anything from BB maker RIM. In August 2011, as youthful rioters were blackening the streets of Britain in a dramatic popular uprising, BBs were the communication tool of choice. As police work started and arrests were made, RIM pre-empted a move by Metropolitan Police authorities to get ahead of an onslaught of subpoenas by tweeting at the time: “We feel for those impacted by the riots in London. We have engaged with the authorities to assist in any way we can.”

With RIM’s cooperation, police would have been able to read and record in real time encrypted BBM messages between riot conspirators, pinpointing individuals and building evidence against them for use in court. Unlike the use of publicly available communication tools such as Facebook and Twitter during the “Arab Spring” uprisings, BB’s prominence as a person-to-person technology whose encrypted messages cannot be monitored in real time posed a great barrier to the police trying to stop Britain’s riots.

While privacy advocates may have come down on RIM for invasion of privacy with its offer to assist British police, the larger problem was, and for the memogate commission’s forensic investigators is, posed by Britain’s Regulation of Investigatory Powers Act. Its stringent provisions for protecting user rights would make it nearly impossible without long court battles to obtain RIM data even on national security grounds.

One way to resolve the legality issue and avoid subpoenas, etc would be for the commission to ask Ijaz, who has publicly committed his unfettered support to the investigation, to authorize RIM to release his records so that one side of this two-party equation is known with absolute certainty.

If the RIM-provided evidence shows that the telephone numbers (i.e., SIM card data) which conveyed BB chats received on his device belonged to Haqqani, the case is solved and the results are known with 100 pc accuracy regardless of whether Haqqani makes a single device or PIN or anything available to the Commission.

The Commission’s investigators will then have to make sure the SIM card data for BB chats verified by access to Ijaz’s handset is the same as it was then, that Haqqani did not somehow report his phones as lost or stolen only to bring his telephone numbers up on different SIM cards.

As a desperate act of last resort, is it possible that BB chat exchanges could be created, existing ones distorted or modified, or even permanently deleted from RIM servers?

Experts interviewed for this article said all were possible, but highly unlikely given the stakes of being discovered as evidence tampering.

Modification software on a device or computer holding backup records is easily detected and determined as to load time and keystrokes. Permanent deletion or any other manipulation of records on RIM’s servers would imply very high level complicity at a government and legal/judiciary level.

And if found out, would paralyse not just Pakistan, but also perhaps the US and UK governments as well.

RIM’s encrypted communications have ruffled feathers, particularly in repressive governments interested in stopping unwanted political speech. Several countries in the Middle East, including Saudi Arabia and the United Arab Emirates, threatened to ban BlackBerry services altogether if RIM didn’t give them access to BB chat exchanges, ostensibly for “counter-terrorism purposes”.
RIM reportedly agreed to provide access after a drawn out battle – time that the Pakistan Memogate Commission simply does not have.

via, thenews

One thought on “Memogate Scandal: How BlackBerry Set Works

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s