There is an alternative to Blackberry. Going back to using the mail the
way it was originally designed - using a terminal.
Take a Linux or BSD or any other unixoid of the flavor you prefer. Run
your mailserver on it. Use a console application (eg. Mutt or Pine,
whatever you prefer) for your mail.
Take a smartphone and run on it an SSH app of choice to access the
mailserver. A good app for this is PuTTY, which is open-source and
therefore possible to audit/modify/recompile to fully suit your needs. It
is also free, not adding a cost overhead.
Optionally, use a common cellphone with Java support, and use a SSH client
midlet. A good free one is MidpSSH. I use it, and therefore I can attest
that typing in comands on the numeric keypad is an annoyance, but
better than not having a shell (and mail) at all.
SSH2 is a fairly robust protocol. It is somewhat vulnerable to MITM,
however that can be mitigated by meticulously checking the server key, and
optionally using a client-side RSA key.
This way, as long as both the mailserver and the handheld are not
compromised (beware of the over-the-air updates to firmware, as some
phones allow!), and as long as the server fingerprint is checked, the
device's random number generator is good, the software is not buggy
(open-source, audited), the phone firmware is not buggy/compromised, and
the cipher algorithms are not broken, the session should be reasonably
secure.
Who needs Blackberry? Anything with built-in GPRS will do the job. For
serious users, a device with a real, good qwerty keyboard is a must. A
wide display is a plus, eg. 640 pixels wide display yields 80 characters
wide screen when the chars are 8 pixels wide (nominal size). There is a
very wide range of software that does not need GUI and runs on console;
anything like that can be used this way.
Another advantage is that as there is nothing stored on the phone itself
(with perhaps the exception of the client RSA key, which can be
password-protected and in case of loss of the device revoked on the server
side), physical loss of the device or overzealous border inspection does
not compromise the data on the server. For further security enhancement,
one-time challenge-response passwords can be used in a way some e-banking
systems implement.
Yet another advantage is low bandwidth requirement. Satisfying speed is
achievable on as slow line as 9600 bps. For brief mail checking, the total
amount of data transported is low as well, reducing costs in
pay-as-you-download plans; important especially in scenarios involving the
infohighway robbery known as data roaming charges.
On Fri, 22 Jun 2007, James M. Atkinson wrote:
>
> http://www.guardian.co.uk/worldlatest/story/0,,-6723103,00.html
>
> BlackBerry Ban for French Officials
>
> Wednesday June 20, 2007 3:46 PM
>
> PARIS (AP) - BlackBerry handhelds have been called addictive,
> invasive, wonderful - and now, a threat to French state secrets.
....
Received on Sat Mar 02 2024 - 00:57:15 CST