Years ago I was the BlackBerry server manager. BES was unique in that it created a tunnel between the device and the BES, and the admin was in complete control of the encryption and authentication. The way it worked is you put your BES next to your email server and give BES an admin account so could read all of the mailbox info and sync what it needed to the device.
As the company expanded into Russia we looked into putting a BES and email server there to improve things for them.
That’s when we found out that BES was not allowed to be sold directly to companies in Russia. Instead you could buy it from their mobile phone providers , and you would give them that admin account.
The only reason for this that I could come up with is that Russia could not break BlackBerry encryption, so instead they made it impossible to even use BES if you were a Russian company.
We ended up letting the Russian employees travel to the us every few months and return home with 3-4 devices, powered off, with activeSIM cards we were paying for even though they weren’t being used. The roaming charges were impressive.
Side note: Russia didn’t care about imap, active sync, android or iPhones. Only BlackBerry. I wonder if they had those hacked already.
Its probably because Apple would be legally required to hand shit over snd Apple does a number of things like when you sign in the normal way it activates iCloud and backups everything and makes everything available to icloud.
Everything used to be cleartext to apple before advanced protection (even tho thats more like a bulletproof transparent glass window, rather than black box) so if they had to hand user accounts over, they got everything. Its probably still that way there
Also, by default it backed up to iCloud (Backups) which contained iMessage keys as well so they could pretty much get access to everything). I imagine russia forces Apple to escrow all e cryption keys like on Mac and whatever else
How do russians get around this? Dont most VPNs offer their own DNS
HitVPN, amneziaVPN, there are a lot of VPNs.
Here’s a fun story about Russia.
Years ago I was the BlackBerry server manager. BES was unique in that it created a tunnel between the device and the BES, and the admin was in complete control of the encryption and authentication. The way it worked is you put your BES next to your email server and give BES an admin account so could read all of the mailbox info and sync what it needed to the device.
As the company expanded into Russia we looked into putting a BES and email server there to improve things for them.
That’s when we found out that BES was not allowed to be sold directly to companies in Russia. Instead you could buy it from their mobile phone providers , and you would give them that admin account.
The only reason for this that I could come up with is that Russia could not break BlackBerry encryption, so instead they made it impossible to even use BES if you were a Russian company.
We ended up letting the Russian employees travel to the us every few months and return home with 3-4 devices, powered off, with activeSIM cards we were paying for even though they weren’t being used. The roaming charges were impressive.
Side note: Russia didn’t care about imap, active sync, android or iPhones. Only BlackBerry. I wonder if they had those hacked already.
Its probably because Apple would be legally required to hand shit over snd Apple does a number of things like when you sign in the normal way it activates iCloud and backups everything and makes everything available to icloud.
Everything used to be cleartext to apple before advanced protection (even tho thats more like a bulletproof transparent glass window, rather than black box) so if they had to hand user accounts over, they got everything. Its probably still that way there
Also, by default it backed up to iCloud (Backups) which contained iMessage keys as well so they could pretty much get access to everything). I imagine russia forces Apple to escrow all e cryption keys like on Mac and whatever else
This was before iCloud and iMessage.
Or DoH, I imagine. I don’t have too much concern for them, there are a lot of people in russia very knowledgeable on circumventing this kind of thing.
DNSoverHTTPS sorry aha
They block with DPI so DoH would not be enough.
SOCKS5, historically. Still used today.