nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [outages] News item: Blackberry services down worldwide

From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Thu, 13 Oct 2011 15:30:49 -0400
On Oct 13, 2011, at 3:21 PM, McCall, Gabriel wrote:


ActiveSync on Android allows corporate to force compliance with security policy and allow remote wipe. User cannot 
complete the exchange account setup without permitting the controls. If the user doesn't agree their sync isn't 
enabled. Moreover, if corporate requirements change sync is disabled until you approve again. That seems like it 
covers all the bases to me.


Same on iThings, plus SSL, wipe if 10 incorrect pass codes entered, enforcement of more than a 4-digit PIN pass code, 
auto-lock timeout, etc., etc.  Any device that doesn't do this is likely old and / or going out of biz.

I like Jared's attempt to bring this back on topic, though. :)  So going down that path, exactly why is iMessage any 
different from Skype, AIM, Jabber, etc.?  I mean other than likely being part of the OS / seamlessly integrated.  (I 
haven't tried it yet, so I am just assuming Apple has done their standard UI magic on this.)

In fact, Skype, just as a for instance, is worse on hotel wifi as launching the app on a laptop makes you a middle node 
for some conversations.  Does Skype on $HANDHELD have the same property?

-- 
TTFN,
patrick



-----Original message-----
From: Andrea Gozzi <mls () vp44 net>
To: Jamie Bowden <jamie () photon com>, Christopher Morrow <morrowc.lists () gmail com>, Jay Ashworth <jra () baylink 
com>
Cc: NANOG <nanog () nanog org>
Sent: Thu, Oct 13, 2011 17:02:53 GMT+00:00
Subject: Re: NANOG:RE: [outages] News item: Blackberry services down worldwide

Can't but agree with Jamie.
The ability to centralize management for all Blackberry users and _force_
them to comply with company policy (it's an investment bank) saved us lot
of hassle when, and it happens regularly, people lose their handsets.
Otherwise, it would be all unencrypted, unmonitored and unprotected access
points to customer's private data.
Some of our representatives recently switched to iphones, but nobody from
management will ever be allowed anything than a Blackberry.

Andrea


On 10/13/11 5:55 PM, "Jamie Bowden" wrote:





-----Original Message-----
From: Christopher Morrow [mailto:morrowc.lists () gmail com]
Sent: Thursday, October 13, 2011 11:36 AM
To: Jay Ashworth
Cc: NANOG
Subject: Re: [outages] News item: Blackberry services down worldwide

On Thu, Oct 13, 2011 at 11:13 AM, Jay Ashworth

wrote:

----- Original Message -----

From: "Jamie Bowden"



Someday either Google or Apple will get
off their rear ends and roll out an end to end encrypted service

that

plugs into corporate email/calendar/workgroup services and we can

all

gladly toss these horrid little devices in the recycle bins where

they

belong.


I'm fairly sure K-9 does GPG, at least for the email


plus normal mail + k9 will do TLS on SMTP and IMAP... or they both do
with my mail server just fine. (idevices seeem to also do this well
enough)

It's possible that the 'encryption' comment from Jamie is really about
encrypting the actual device... which I believe Android[0] will do, I
don't know if idevices do though.


As of 2.3[.x?] (can't remember if it's a sub release that intro'd this),
Android devices can be wholly encrypted, though I don't know if they are
by default. All these kludges are great on a small scale, but the BES
does end to end encryption for transmission, plugs into Exchange, Lotus,
Sametime, proxies internal http[s], and lets us manage policies and push
out software updates from a central management point. When it works,
it's also scalable, which matters when you have thousands of devices to
manage.

Jamie
Previous By Date Next
Previous By Thread Next

Current thread: