12-02-11 01:16 PM
- We have a bunch of Blackberrys on a BES Express at my work which I am responsible for. Sometimes it has been necessary to have users switch devices. I seem to have found a glaring security issue with BBM contact list during transfers. Hopefully I can explain it below, bear with me.
Using Desktop manager I transfer User A from one device to another, wipe User A's old device and transfer it to User B. This is all done with Desktop Manager which as I understand it is suppose to update your PIN to all your contacts. The issue occurs if User A and User B have a shared contact and that contact has a chat still open with User A. If the contact messages User A using the open chat after the transfer, User B will receive it.
This issue occured most recently when I replaced our CEO's blackberry and I took over use of his old one, I then started receiving messages from a manager that were intended for the CEO. Hence the security issue. Upon investigation I found that the manager had not ended his chat and this seems to be the cause.
Anyone else notice this behavior?12-02-11 11:20 AMLike 0
LINK TO POST COPIED TO CLIPBOARD