And here's me, using NP++ to look at text files.

As a brand experiment, HBO missed big with HBO, HBO Go, HBO Now, HBO Max.
If new release is only available on HBO Max, this is a clear differentiator, and potentially brings some clarity back to the branding.

Karl continues:

Let's push the button and see who talks to us.

Jul 18 10:25:05 NewFS imapd[88446]: Login user=test host=mc35536d0.tmodns.net [208.54.85.195]

And that's all. (That's the phone's IP address on T-Mobile, incidentally.)

Now let's look at the SMTP server and see if there's any evidence of a connection from the 68.171 address block -- which belongs to BlackBerry, and which is alleged tries to connect back.

[root@NewFS /var/log]# grep 68.171 spamblock
[root@NewFS /var/log]#

Nothing. Is the 208.54 address there?

Jul 18 10:09:21 NewFS spamblock-sys[81673]: Starting SSL/TLS negotiation with peer [208.54.85.195]
Jul 18 10:24:53 NewFS spamblock-sys[88447]: Starting SSL/TLS negotiation with peer [208.54.85.195]
[root@NewFS /var/log]#

Why yes there is, as the phone does connect to validate that the connection works (and it tells you it's doing so.) The other line, incidentally, is because there's another email account there (my real one!)

The phone connected to the SMTP server ("spamblock-sys" is my custom spam filter, which knows how to perform SSL/TLS negotiation) and performs a STARTTLS negotiation exactly as I told it to do.

Incidentally, it also brings up the server's certificate and asks me if it's ok too.

But there is no connection back to either service from any other location related to this account setup. Not from BlackBerry, not from some other place, nowhere. Period.

For those who want a bit more background on the SMTP side the code in question, particularly the SMTP code, is mine. The SMTP server in question ("Spamblock-Sys") was written from the ground up by myself. I know every single line of that code and am not relying on anyone else's word as to what is and is not logged, since I wrote it.

The IMAP server in question is WU's with moderate modification.

I have no idea if the guy in Germany is lying or if he is on an account provisioned for BIS (the older BlackBerry handsets) and his mobile provider is intercepting the transaction and passing it to BIS, which is doing what he's talking about.

Karl Denninger writes up his experience in attempting to replicate the claim. Karl calls BS:

http://market-ticker.org/cgi-ticker/akcs-www?singlepost=3242634

Don't Buy The BS Being Run on BB10 Email Security

There's a "report" flying around alleging that BB10 phones send unencrypted email passwords to BlackBerry and additionally that BlackBerry immediately connects back to the email server and signs on (which would, of course, require that it knows the password.)

This is easily tested and since I have a Z10 I decided to do exactly that.

What am doing here is setting up an account called "test" on my IMAP server to receive email and then will enter the credentials into the phone.

To make it interesting I will do it over the Cellular Connection rather than over WiFi, so that if the phone wants to do some sort of DNS lookup that my server might block (if it was using my DNS servers as it was connected via WiFi) it'll work.

Here we go. {full documentation follows}

Welcome to Slashdot, where non-sarcastic comments now require special markup.

This wasn't in St. Paul MN, was it?

I worked two summers back in the 1980s for a company that did FCC certification. Compaq would ship us their brand-spankin-new luggables and we'd see just how bad they interfered with prohibited bandwidth.

I spent a lot of time in front of that HP oscilloscope those summers.