[jinxednuance]

Hey peeps,

If my BlackBerry got stolen, would people be able to take the memory card and see what's in it even though I have a password?

I am always worried that it might get stolen because I have important data on the micro, so I was wondering if it is password protected as well since there's a password on my BB or it doesn't matter once you take it off the device?

Thanks,
Jalal

[RoseBud68]

What would prevent anyone from removing the card & installing it on another device to view it?

[Stewartj1]

Yes they can, But you can encrypt it from the options menu. On my 9800 its options, security, encryption

[ridesno159]

Yes, if they pull the card out and pop it into anywhere they will be able to view everything on it unless you enable encryption for the media card.

Options> Security> Encryption. Scroll down to Media Card and check the "Encrypt" box. This will add a rem file extension onto whatever the file is.

This can cause some issues if the phone gets wet or something and gets wrecked though. Being that you must use the Desktop Manager and the original phone to view those files.

It seems though that those issues are fixed with OS 7 (maybe?). I haven't tried encryption since I've had my 9930, but by the looks of it you can open those files with the Device password and not have to deal with using DM. Under the Encryption settings> Mode, you can pick "Device Key" (which is what I explained above that sometimes causes issues for people). Or you can choose "Device Password" (this is what I would choose). Or a combination of both.

Like I said, I haven't used this with my 9930, so I'm not exactly sure how it works. I recommend you do some experimenting if you choose to turn on Media Card Encryption and please report back with the results if you do. I'd personally love to know the results.

[Tõnis]

Hey peeps,

If my BlackBerry got stolen, would people be able to take the memory card and see what's in it even though I have a password?

I am always worried that it might get stolen because I have important data on the micro, so I was wondering if it is password protected as well since there's a password on my BB or it doesn't matter once you take it off the device?

Thanks,
Jalal

Lots off stuff to pass along about this. I'm on BlackBerry 6, but what I write here will probably coincide with your OS7 Bold. If not, hopefully somebody else will point out what's different.

To make it so others can't access the data you have on your micro sd card, in addition to setting a strong password, you'll need to turn on Encryption.

Go to Options>Security>Encryption. I'll skip over Device Memory Encryption for now, because that's a separate lesson, but you should encrypt that, too.

In the part for Media Card Encryption, put a check in the "Encrypt" box. Put a check in the "Include Media Files" box.

Then, it's time to select the mode. There are three: "Device Key," "Device Password," and "Device Password & Device Key." Which mode to use is an important decision. I'll explain why.

"Device Password" is the only mode that will allow you to decrypt your media card's encrypted files in a different BlackBerry (so long as you remember the password). It's a good setting, but there's a drawback: someone who wants to crack your BlackBerry's password can use special software to launch an attack against your media card and extrapolate the password. For average users, this probably isn't a major concern. It's unlikely that the opportunistic thief or finder of a Blackberry would bother doing this. But if you're worried that someone is after your data, don't use this mode.

The other two modes, "Device Key" and "Device Password & Device Key" are not vulnerable to this kind of attack, but if you use either of them, you won't be able to transfer the media card to a different Blackberry and decrypt the files nor will you be able to decrypt your files if your BlackBerry undergoes a security wipe. So, these modes offer superior security and protection, but don't use them if your files are important to you and you haven't backed them up elsewhere like on your computer. I use "Device Password & Device Key," but my encrypted media card files are also backed up on my password locked ThinkPad's hard drive.

There's more. There's the matter of which files are encrypted and how to transfer encrypted files between your Blackberry and your PC. Not all files are automatically encrypted. If encryption is properly on, files you receive over the air (network, wifi, or Bluetooth) and store on your media card will be automatically encrypted. Files you transfer from your pc to your BlackBerry by plugging in to the USB port will only be encrypted if you use the "Files" feature of BlackBerry Desktop Software Version 6. To use this feature, plug in your BlackBerry and select "Charge Only." Then open Desktop Software. When prompted by Desktop Software, enter your BlackBerry's password. Once it finishes loading, click on the "Files" tab on the left hand side. A window will open in Desktop Software which resembles an explorer window. You can now open other windows on your PC, find the files you want to transfer to your media card, and drag and drop them to Desktop Software's "explorer" window. You can even drag and drop entire folders or you can create folders in the Desktop Software "explorer" window itself. You can do the same thing, in reverse, and move encrypted files from your Blackberry back to your PC. But if you don't use Desktop Software's "Files" feature, and instead of choosing "Charge Only" choose "USB" when you plug in your BlackBerry, any files you move back and forth between your PC and BlackBerry will remain in whatever form they are in; encrypted will stay encrypted, unencrypted will stay unencrypted.

Here's what I do when I get a new micro sd card, as an example. I have a bunch of pictures and videos that I want to be able to view on my BlackBerry. Half of them I want encrypted (personal stuff) and half of them I don't care (wallpapers, etc). Using Desktop Software's "Files" feature, I transfer everything I want encrypted to my BlackBerry's micro sd. Using the USB feature (it's a bit faster), I transfer the stuff I won't bother to encrypt. I also store other things I can't view on my BlackBerry on my micro sd card. I encrypt that stuff using another program on my computer and transfer it to my micro sd card using the USB feature or by putting the card directly in my ThinkPad's card reader.

Encrypted files will have a .rem extension, for example, jpg.rem. Remember to back up all your data elsewhere.

[auto208562]

Despite all the encryption, etc, i put all my important files on my device. I'm not going to give the person a chance to break the .rem file. If its on my device, it will wipe it upon phone security. But i'm paranoid. Just my 2 cents.

[Tõnis]

Despite all the encryption, etc, i put all my important files on my device. I'm not going to give the person a chance to break the .rem file. If its on my device, it will wipe it upon phone security. But i'm paranoid. Just my 2 cents.

Security wipe is a good thing, but you should still encrypt your data. If someone sophisticated is after your data, he won't try to guess your password and wipe your device in the process. There's ways to get around a smartphone password (with specialized equipment) and read its data directly from memory/hardware. The good thing about BlackBerry encryption is that the actual password is needed to decrypt the data. If someone gets around your encrypted BlackBerry's password, all he will see is encrypted files.

[auto208562]

what about bb protect? I can't have encryption and bb protect at same time it says. So, before you encrypt the device file, you turn off protect, then encrypt, and turn it back on? Seems like something they should have addressed.

[jinxednuance]

Despite all the encryption, etc, i put all my important files on my device. I'm not going to give the person a chance to break the .rem file. If its on my device, it will wipe it upon phone security. But i'm paranoid. Just my 2 cents.

I actually went with that. I don't want to be thinking "are they going to decrypt the information?"

So I spent sometime last night moving stuff around. I have 35% left from the memory of the phone. Was a little sluggish last night but now it has sinked in well.

I feel much safer this way knowing that I can still wipe the device remotely in case an issue like that arises.

[Tõnis]

Not sure if BlackBerry Protect will work with encryption turned on. What I have read is that Protect has been of little use to some users (for various reasons unknown to me) who have tried to use it when their BlackBerrys have been lost or stolen.

[hornlovah]

Despite all the encryption, etc, i put all my important files on my device. I'm not going to give the person a chance to break the .rem file. If its on my device, it will wipe it upon phone security. But i'm paranoid. Just my 2 cents.

That's a good suggestion. Elcomsoft just released software that will decrypt .rem files secured by "Device Key" only media card encryption. At present, they need a chip-off device dump obtained using the complicated process Tonis mentioned above. Hopefully RIM is generating these device keys in a truly random fashion, but if someone manages to figure out how they are derived, you'll see all manner of tools to exploit them.

what about bb protect? I can't have encryption and bb protect at same time it says. So, before you encrypt the device file, you turn off protect, then encrypt, and turn it back on? Seems like something they should have addressed.

I like having control over my backups, but I missed the peace of mind that remote lock, alarm, wipe, and locate provided. There are a number of good alternatives in App World, but I'm using NetQin Mobile Security (free). They allow you to send alarm, lock, wipe, and locate commands via text message, and I find that convenient. Also, NetQin's locate feature is very accurate.