[mzlo122]

Good morning everyone, under the security options there is the option for "content protection" what exactly does that do,

What I am trying to do is protect the information of one specific caller in my address book. Is this possible? I know that when I had a razr I could block the information in the address book from being seen.

Thank you!

Posted from my CrackBerry at wapforums.crackberry.com

[jeffh]

From the BlackBerry User Guide:
Encryption
About content protection
Content protection is designed to encrypt your BlackBerry� device data. When content protection is turned on, your device uses a private key to encrypt data as it is stored on the device, including data that your device receives when it is locked. Your device decrypts data as you access it.
You can set content protection to include or exclude your contacts. If you turn on content protection for contacts and you receive a call when the device is locked, the caller name does not appear on the screen. When you lock your device, an open lock indicator appears in the device status section of the screen to indicate that your device is deleting a copy of the private key from the temporary device memory. A lock indicator appears when the device has deleted the key.

Unfortunately for your purposes, Content Protection cannot be used to protect a single contact only. Also, Content Protection requires you to use a password on your device, and the password be in effect. For example, if you leave your BlackBerry unattended, and the password is set to timeout after an hour, then for the next hour anyone can pick up your device and see everything on it.

[Chrisy]

i was wondering about that setting too!

Thanks, Jeff!

Posted from my CrackBerry at wapforums.crackberry.com

[francscrackin]

Wow,Sweet!I learn something new from this site everyday I login...which is everyday.lol

[jeffh]

You can download the User Guide for your device as a searchable PDF from the Blackberry site. I have a copy on my PC for easy searching when questions like that come up. I only have it for the 8830, but generic stuff like Content Protection shouldn't vary much from model to model.

[dogsnapper]

Hi,

I have yet to find a post that explains to me what Content Protection actually means, except that it "encrypts data".

Could someone please tell me what it means in real terms?

Who would need encryption?

In what way does encryption protect data? ... how, and when (in what situations) is it most effective?

Why would it be needed if a simple password requirment will wipe the device upon exceeded password attempts, anyway?...does it change the way in which data is wiped after exceeded password attempts?

How would it thwart data access attempts from a regular type thief as opposed to someone specifically looking to target data extraction?

I have a lot of private data on my device, and I am trying to decide if using protection is worth the extra startup time, etc.

Thanks!

[Reed McLay]

If unauthorized access to the data would be a problem, that is reason enough to put up with the minor delays of entering a password.

The media protection applies to the files saved on your media card. If the password security is breached, only the device memory will be wiped. The files on the media card are not affected.

[dogsnapper]

Thanks, Reed, for your response.

If anyone would like to take a stab at my question, I am looking, more specifically, to answers to my posted questions.

Thanks.

[jeffh]

I posted the 8830 User's Guide info on Content protection above. I have wondered about the same questions you raise. My BES IT policy requires Password Protection and Content Protection, so I can't turn Content Protection off to make comparison tests, but if there's any speed impact to using it, I'm not aware of it.

I consider using a password absolutely essential to protect the names, addresses, and phone numbers of my friends and family. I would use a password even if it wasn't required. I don't know what additional protection is afforded by Content Protection. There must be something, or Rim wouldn't have gone to the trouble to implement it.

[Branta]

I have to guess at this, because the handsfree in my car is not smart enough to read my Contacts list - but it seems plausible.

There is a setting to allow outgoing calls when locked, and IIRC the phone will accept incoming while locked. This means the password lock applies somewhere around keyboard level, not deeper into the logic layers.

If the phone is connected to a SIM retrieval bluetooth device it is possible the Contacts would be available on the remote device. Content Protection (Contacts) blocks this by denying access to the BT device.

Contact Protection ensures that the stored data is always encrypted, and it is only decrypted as required so only the minimum will be exposed. Yes, password protection should keep the bad guys out, but CP is an extra hurdle for a hacker to overcome if a backdoor is gained around the password. Defense in depth.

[dogsnapper]

Thanks for your reply!

[noaim]

ok im going to try to bring it down into a simple view of what the encryption is. If the data is collected off the device the person who collected it would not in theory be able to read the data..

so if everything is encrypted and the device gets erased with lets say bad password entry's and someone then tried to force there way to the data on the device using tools and such in theory they couldn't read it

Hope this helps

and yes I agree using a password on the device is extremely important these devices tend to hold a ton of personal information let alone anything you do as far as business encryption and passwords is really a good thing... when you can do it.

remember also to think of the device as a tool to view your information not store it meaning ALWAYS have a backup somewhere if the data is important =)

yes I have seen instances were we couldn't retrieve the data off the device due to encryption LOL

[dogsnapper]

Thanks much for your detailed answer. That's what I suspected, but I don't know how much I'd worry about someone trying to get my data even after it's been wiped. I guess it's possible, so I'll use the encryption. Better safe than sorry, right?

[Giarc]

How do you setup a password?
I don't remember setting one when I set up the device.

[Chrisy]

How do you setup a password?
I don't remember setting one when I set up the device.

Options
Security Options
General Settings
Password: ENABLED

[jeffh]

How to Set A Password:

Options / Security Options / General Settings /
Password: Enabled
Number of Password Attempts: 10
Security Timeout: your choice
Prompt on Application Install: No
Lock Handheld Upon Holstering: your choice
Allow Outgoing Calls While Locked: No
Content Compression: Enabled
Content Protection: Enabled
Strength: Strong
Include Address Book: No

With these settings, your caller ID will still work, but if you lose your BlackBerry, no one can make calls on it and your friends' and family's personal information in your address book is protected.

Press the Escape key. You'll be prompted to enter a password and verify it. BE SURE YOU REMEMBER IT. There is no way to bypass the password on a BlackBerry. If you forget it, you will have no choice but to wipe the BlackBerry back to its factory-out-of-the-box configuration, which deletes all user data and resets the password. You can then use the phone.

It's also a good idea to put a number to call in case the BlackBerry is found in your owner info field. That way, if somebody finds your locked BlackBerry, they can call you to return it. I lost mine in the Washington DC Metro. Because it was locked with a number to call if found, I had it back in four hours.

If you exceed your password attempts limit (defaults to 10, but you can set it as low as 3), you will be prompted one last time to type the word BlackBerry. The device will then wipe. It will be reset to the factory out-of-the-box condition, and the password reset. You will lose everything in the device memory, with no possibility of recovery. It will not reformat the microSD card, since that's not part of the factory configuration. The phone will still be usable, and the operating system will be unchanged. So this technique cannot be used to roll back from an OS upgrade problem.

[Thomas00]

I have "www.search-and-destroy.com", an anti spyware software which is better among the other software.
Thanks.

[Giarc]

Thanks For the info Jeff.
1 other question. I upgraded the OS on my phone. Do I have to reset the Password since the old OS was wiped off the phone?

[Giarc]

I forgot to add this. How would you change your password if you wanted to?

[jeffh]

In the General Settings Screen, press Menu and Select Change Password. Change it to whatever you wish.
EDIT: sorry, working backwards. You don't have to reset the password. It was reset. But it's not forgotten. If you try to use the same one again, you'll be told you can't reuse it.

[Giarc]

Ok thanks Jeff, Appreciate the help.

[Giarc]

I asked some one how they set a password on their phone and they told me th same thing as mentioned below. I told them that I don't know the original password or if I set one up or not.
Options / Security Options / General Settings /
Password: Enabled
After going here and setting password to enable, press the menu key and then I scrolled down and clicked save and it asked me to set a password and then asked me to type it again to verify it.

SOOO I apparently didn't set one up in the first place.
Was in to much of a hurry i guess to start using the phone .
Shame on me!!!

Thanks for all your help appreciate it.

[Guzman]

FWIW, I used content protection regularly until I realized it was taking me longer to type in my password than to actually check to see if i had any messages I might have missed. Since then, I realized i'm a nobody and have turned same off.

[grishamgang]

Remember enabling the password is not the same as enabling encryption.

[redwingken]

Anyone notice that a media card will reformat when removed from a BB with content protection enabled into a BB that is not enabled?