RIM's BlackBerry vs iPhone's ActiveSync

[MacRumors]

When Apple announced that the iPhone would incorporate Exchange support through ActiveSync, they specifically pointed out some shortcomings of RIM's server-based system. In the following Question and Answer session, Jobs even pointed to potential security issues with RIM's model:

"Every e-mail message sent to or from a RIM device, goes through a NOC up in Canada. Now, that provides a single point of failure, but it also provides a very interesting security situation. Where someone working up at that NOC could potentially be having a look at your e-mail. Nobody seems to be focused on that. We certainly are."

These concerns, however, may have been overstated. American Technology Research issued a report (via Appleinsider) comparing the two approaches to providing Exchange support for the Apple's iPhone vs the RIM's BlackBerry.

RIM's setup for Exchange support requires the use of BlackBerry Enterprise Server which connects to RIM's network operations center (NOC) in Canada. Even though messages travel through a number of servers, the contents are encrypted at the origin before being passed through RIM's NOC and finally to the BlackBerry device which alone can decrypt it. According to the research company, this gives BlackBerry the "highest level of security in the industry".

The analysts go on to speculate that Apple's ActiveSync implementation could have its own issues with security, and have an impact on battery life and scalability. Regardless, they feel that the iPhone's unique advantages could provide a better ActiveSync experience over existing implementations.

Apple is set to release their new enterprise features for the iPhone in June 2008.

Article Link

 

[MhzDoesMatter]

Thin Ice

While I do think the Iphone leapfrogged RIM with ActiveSync, maybe Steve should keep the hyperbole down a bit just until the update is, I don't know, actually released and proven.

 

[Techguy172]

I Love it when apple Attacks Companys not knowing what they're getting into.

 

[ben5959]

shake dem haters off

 

[theheadguy]

While I do think the Iphone leapfrogged RIM with ActiveSync, maybe Steve should keep the hyperbole down a bit just until the update is, I don't know, actually released and proven.

Let's all calm down, shall we? All we do here is talk about things up to and after the point where they are either proven or disproven... Steve can do it once in a while, too.

sheesh.

 

[notjustjay]

FUD, FUD, FUD.

I hate that he portrays us Canadians as a huge security risk to you Americans. Yeah, play on the fears of the ignorant American who thinks anyone on foreign soil must be the bad guy.

 

[qtip919]

While I do think the Iphone leapfrogged RIM with ActiveSync, maybe Steve should keep the hyperbole down a bit just until the update is, I don't know, actually released and proven.

Security aside, adopting Activesync is a HUGE win for Apple. This allows them instant corporate device credibility without the need to develop a humongous solution in the server space.

Shoot, let Microsoft do all the heavy lifting in the server world (where they should stay put IMO) and our iphones can just ride the wave.

If you were to add up the cost of developing the back-end infrastructure costs of the RIM solution and compare them to the iphone's cost for adopting the Activesync protocol, you would be talking pennies vs. millions.

Also, this frees up apple to continue to spend money on the user experience instead of needing to worry about the entire round trip of device > carrier > messaging infrastructure

the floodgates are about to be opened WIDE

 

[dasmb]

Encryption is great, if it is required -- I don't know if it is or isn't (though I will say, our company uses blackberry clients with an ancient version of Notes that I doubt has support for any kind of security). If it isn't required, it's quite possible that many clients send their mail in cleartext without realizing it.

However, even encryption doesn't change the fact that there's a single distribution node and that attacks on or failures of that distribution node could potentially affect all of RIMS clients (and have, on several occasions). An approach where companies can control their own servers, or delegate control to a third party, is always preferable in the enterprise.

I doubt think Steve meant to attack Canada with his comments -- that's just where the servers are.

There's still a lot of questions here, though. Apple's current iPhone mail implementation offers no spam protection -- I had switch email addresses and route the new address through Gmail to avoid the 3500+ pieces of spam email my ten-years-old email address gets every week. The current mail interface is pull-based, with a minimum lag time of 15 minutes -- a far cry from the instant-read nature of the Blackberry. Personally, I prefer to wait...but for most Blackberry users, the near instant nature is the appeal. Our production systems people LOVE the thing.

 

[seedster2]

Jobs comes off like an arrogant ass sometimes. He really needs to tone down the rhetoric.

The government and the majority of Fortune 500 corps have been utilizing BB without much security issues, yet Steve is going to shed some light on security that all these CIOs overlooked🙄

 

[jamespa66]

I will agree with one comment Jobs made and it has bitten RIM several times and that is the single point of failure...

 

[Fabiano]

There's still a lot of questions here, though. Apple's current iPhone mail implementation offers no spam protection -- I had switch email addresses and route the new address through Gmail. The current mail interface is pull-based, with a minimum lag time of 15 minutes -- a far cry from the instant-on nature of the Blackberry. Personally, I prefer to wait...but for most Blackberry users, the near instant nature is the appeal. Our production systems people LOVE the thing.

maybe its because the Spam control should be done on the server, not in the device itself?

 

[freeny]

FUD, FUD, FUD.

I hate that he portrays us Canadians as a huge security risk to you Americans. Yeah, play on the fears of the ignorant American who thinks anyone on foreign soil must be the bad guy.

Americans do not hold a monopoly on stupid people, thieves or paranoia.
I can assure you first hand of this fact.
Your post is a perfect example.

This has nothing to do with emails traveling through Canada but the fact that the emails need to pass through several hands as opposed to a direct link that apple is imposing.

Get over yourself.

 

[p0intblank]

So he buttered up the audience a bit. What's the harm in that? It's not like actual lies were told.

 

[EagerDragon]

It was more than overstated, it was flat out wrong.

The BES and the Blackberry device use a shared secret key to communicate in encrypted form.

It would take several thousand years for someone at a NOC to be able to decrypt the message. Traffic is encrypted, the information that Apple stated was flat out wrong.

Don't get me wrong, the iPhone is a great device and I hope they win over the Blackberry, but win with the truth.

 

[reden]

I Love it when apple Attacks Companys not knowing what they're getting into.

Yeah... Since it didn't work out too well with the iPhone against companies like Palm right? lol.

 

[Fast Shadow]

FUD, FUD, FUD.

I hate that he portrays us Canadians as a huge security risk to you Americans. Yeah, play on the fears of the ignorant American who thinks anyone on foreign soil must be the bad guy.

Not a security risk, but there was a huge, extended outage of RIM's server just a few weeks ago. It made the world news, and there were a lot of annoyed executives. And they're the ones who make purchasing decisions. It has nothing to do with Canada, so don't go looking for things to be offended about.

Also, last time I checked, RIM did not encrypt the subject lines of messages being transmitted via BES. This was something that Goodlink pointed out as being a real flaw in RIM's system. This was a while ago, hopefully RIM has corrected it. Plenty of people, especially those darn executives, use subject lines for communication.

 

[dasmb]

The government and the majority of Fortune 500 corps have been utilizing BB without much security issues, yet Steve is going to shed some light on security that all these CIOs overlooked🙄

Actually, CIOs regularly bitch about RIM. Every time the blackberry server goes down.

But yeah, Steve is an arrogant ass. It's a side effect of having a lot of talking heads say you invented the personal computer (the Apple), then RE-invented it (the Mac), then RE-invented it again (the iMac), then RE-RE-invented it (OSX), then invented the music player, etc etc. I'd be more annoyed if I didn't for the most part agree with said talking heads...

 

[dlastmango]

Will push email, contacts, calendar etc... be available to average consumers? Or does the phone have to be connected to an Exchange server?


Chris

 

[EagerDragon]

Every country spyies on other countries, governments have this thing about making good friends while spying on their "friends".

Nobody is perfect. Even US and UK spy on each others and we are about as friends as two countries can get, LOL.

As to security issue or not .... The Triad of Security is CIA, which stands for Confidentiality, Integrity, and AVAILABILITY.

An outage is a security issue.

On a separate note ..... I hope they build Active Sync on the Mac also so it can fit better in the Enterprise. I would love to get rid of my work PC.

 

[Small White Car]

Will push email, contacts, calendar etc... be available to average consumers? Or does the phone have to be connected to an Exchange server?


Chris

All they've told us is about the Exchange stuff.

I sure hope that they manage to get some of these features into .Mac or other services, but thus far they're not saying. Doesn't mean they're not going to...just that we don't know.

 

[Object-X]

Exchange Version

Which version(s) of Exchange will support this?

 

[sky131]

Sync with Mail, Address Book, iCal

Does this lead to any speculation of better integration of Apple applications with Exchange Server on the desktop?

Right now running Leopard in a Exchange Server business world is not ideal in the least...

 

[ChrisA]

Seems pointless to even think about these issues with a cell phone. What could be less secure than a wireless phone? Anyone with some low cost equipment can listen in to your conversations and can read the data going to/from the phone. Not only that but they can know where you are. Unless you implement end-point to end-point encryption anyone can listen in.

What deference does it make if the message is routed to an NOC if itis transmitted in the clear to begin with.

 

[Techguy172]

Yeah... Since it didn't work out too well with the iPhone against companies like Palm right? lol.

They're still not going to beat RIM it just won't happen RIM has something up their sleeve.

 

[Derekasaurus]

This is funny because RIM's encryption usually gets criticized for exactly the opposite reason, for being too secure and therefore not allowing governments and other nosy agencies from monitoring communications. Case in point, here is a link from today. Though the single point of failure argument is a good one, as BlackBerry outages have been too frequent in recent months.