Software that hacks through BB security??!!

**mrrsquared79** · 06-23-2012, 11:26 AM

Has anyone seen this software??

Has anyone used it??

I thought blackberry was top notch when it comes to security or is that only true for network security and not for physical security??

Is there any way to prevent people who use this software from accessing your personal data on your phone?

Cellebrite - BlackBerry Forensics

**Tre Lawrence** · 06-23-2012, 11:32 AM

Well discussed: http://forums.crackberry.com/search....rchid=32828388

I do think a well set-up BB is a formidably secure device.

**amazinglygraceless** · 06-23-2012, 11:44 AM

This is very specialized software and is NOT used by general consumers so the
average user has nothing to worry about vis-à-vis it's existence.

Originally Posted by Cellebrite

About Cellebrite Forensics

Founded in 1999, Cellebrite is a global company known for its technological breakthroughs in the cellular industry. A world leader and authority in mobile data technology, Cellebrite established its mobile forensics division in 2007, with the Universal Forensic Extraction Device (UFED). Cellebrite’s UFED Series solutions enable the bit-by-bit extraction and in-depth analysis of data from thousands of mobile devices, including feature phones, smartphones, portable GPS devices, handheld tablets and phones manufactured with Chinese chipsets. Cellebrite’s UFED Series is the prime choice of forensic specialists in law enforcement, military, intelligence, corporate security and e-discovery in more than 60 countries.

**Pete6** · 06-23-2012, 11:55 AM

Cellebrite is a box Cellebrite - Mobile Forensics

I doubt if many people will have access to it. However a large number of law enforcement agencies have bought them to halp break into "suspect phones" - careful use of words there...

A BlackBerry with a strong password and with encryption and no Media Card is going to be very hard even for such a box to break. I know that is can be done but it will take time = money so it will not be done often.

**Tõnis** · 06-23-2012, 12:31 PM

I wish people would stop implying and/or saying law enforcement will get into a properly set up BlackBerry with this equipment. No one, not even "law enforcement" is meaningfully getting into a properly configured BlackBerry (i.e. strong password, encryption in use, media card not encrypted using the Security Password method) even with Cellebrite equipment or Elcomsoft password software. This Cellebrite equipment might be able to get around a BlackBerry's password and read directly from the hardware, but it can't crack the encryption. If you've set up your Blackberry properly with encryption in use, no one will be able to meaningfully access your files without your password.

**Pete6** · 06-23-2012, 12:42 PM

Originally Posted by Tõnis

I wish people would stop implying and/or saying law enforcement will get into a properly set up BlackBerry with this equipment. No one, not even "law enforcement" is getting into a properly configured BlackBerry (i.e. strong password, encryption in use, media card not encrypted using the Security Password method) even with Cellebrite equipment or Elcomsoft password software. This Cellebrite equipment might be able to get around a BlackBerry's password and read directly from the hardware, but it can't crack the encryption. If you've set up your Blackberry properly, no one will be able to meaningfully access your files without your password.

You are wrong. It can be done. It is hard and it is time consuming but, it can be done by law enforcement agencies if they really want to.

I can only imaging how this may be done but, consider this purely from a theoretical standpoint.

Open the phone and locate the memory chip with the battery out. Connect to the chip (via RAS and CAS) directly and simply pull the memory conetnts onto other media.

Accept that the person doing this knows the organisation of a BlackBerry memory chip from carrying out this procedure on other BlackBerrys possibly with help from RIM.

Once the memory dump is on, say, a PC or Linux machine, it may be examined easily if it is not encrypted. I think that so far, this is fairly straightforward.

Now suppose the memory content is encrypted. Within the BlackBerry this is well protected by the OS but now we have the data as a file on OUR disk. The data part of the memory may now be supposed to be in its own file so, now all we need to do is to crack the encryption on the disk. This takes time but as we know, any encryption may be cracked given enough time.

I know what I am saying can be done. I may not say how I know this.

Clearly the above procedure is not one that any police station may undertake. It requires a specialised laboratory with special equipment and trained and clever staff. I am quite certain that several countries have this for the ver, very few BlackBerrys that simply have to be cracked.

**mrrsquared79** · 06-23-2012, 12:46 PM

Originally Posted by Tõnis

I wish people would stop implying and/or saying law enforcement will get into a properly set up BlackBerry with this equipment. No one, not even "law enforcement" is meaningfully getting into a properly configured BlackBerry (i.e. strong password, encryption in use, media card not encrypted using the Security Password method) even with Cellebrite equipment or Elcomsoft password software. This Cellebrite equipment might be able to get around a BlackBerry's password and read directly from the hardware, but it can't crack the encryption. If you've set up your Blackberry properly with encryption in use, no one will be able to meaningfully access your files without your password.

Originally Posted by Pete6

You are wrong. It can be done. It is hard and it is time consuming but, it can be done by law enforcement agencies if they really want to.

I can only imaging how this may be done but, consider this purely from a theoretical standpoint.

Open the phone and locate the memory chip with the battery out. Connect to the chip (via RAS and CAS) directly and simply pull the memory conetnts onto other media.

Accept that the person doing this knows the organisation of a BlackBerry memory chip from carrying out this procedure on other BlackBerrys possibly with help from RIM.

Once the memory dump is on, say, a PC or Linux machine, it may be examined easily if it is not encrypted. I think that so far, this is fairly straightforward.

Now suppose the memory content is encrypted. Within the BlackBerry this is well protected by the OS but now we have the data as a file on OUR disk. The data part of the memory may now be supposed to be in its own file so, now all we need to do is to crack the encryption on the disk. This takes time but as we know, any encryption may be cracked given enough time.

I know what I am saying can be done. I may not say how I know this.

Clearly the above procedure is not one that any police station may undertake. It requires a specialised laboratory with special equipment and trained and clever staff. I am quite certain that several countries have this for the ver, very few BlackBerrys that simply have to be cracked.

Ok you two, I don't want you to get into a pissing match but could either of you or both of you provide cookbook instructions on how to make sure I implement the best ways to keep my stuff secure?

I should also add that I do have a media card inserted and do have files on there should my phone get lost or stolen not become public.

**Tõnis** · 06-23-2012, 12:59 PM

AES has been cracked? It can be done in less than 50 years? And what you're referring to is not accomplished with only Cellebrite equipment. Someone posted a link here recently (I'll try to find it) where a forensic specialist was disassembling BlackBerry smartphones and using costly and painstaking methods (chipoff, soldering, etc.) to try to extract data from the handhelds. He could not get around the encryption. Even RIM's data compression was presenting problems with trying to do what I think you're talking about.

To make it so no police department gets meaningful access to your BlackBerry's files:

1. Set a strong password (at least 13 characters)
2. Turn on Encryption (check all the boxes except two-factor protection) and choose the "Stronger" or "Strongest" setting. (If you choose Stronger, use a password that's at least 12 characters; if you choose Strongest, choose a password that's at least 21 characters).
3. Use a mode other than Device Password to encrypt your media card. (Choose "Device Password & Device Key.)
4. Make sure your BlackBerry is locked when "law enforcement" gets its grubs on it.

BlackBerry uses AES.

**mrrsquared79** · 06-23-2012, 01:06 PM

Originally Posted by Tõnis

3. Use a mode other than Device Password to protect your media card.

Obviously showing my ignorance here...this whole time I have been only using the device password as the only mode of security. That being said where are the other security features located, media card, etc.??

**Pete6** · 06-23-2012, 01:11 PM

Originally Posted by Tõnis

AES has been cracked? It can be done in less than 50 years? And what you're referring to is not accomplished with only Cellebrite equipment. Someone posted a link here recently (I'll try to find it) where a forensic specialist was disassembling BlackBerry smartphones and using costly and painstaking methods (chipoff, soldering, etc.) to try to extract data from the handhelds. He could not get around the encryption. Even RIM's data compression was presenting problems with trying to do what I think you're talking about.

To make it so no police department gets meaningful access to your BlackBerry's files:

1. Set a strong password (at least 13 characters)
2. Turn on Encryption (check all the boxes except two-factor protection) and choose the "Strong" or "Strongest" setting. (If you choose Strong, use a password that's at least 12 characters; if you choose Strongest, choose a password that's at least 21 characters).
3. Use a mode other than Device Password to encrypt your media card. (Choose "Device Password & Device Key.)
4. Make sure your BlackBerry is locked when "law enforcement" gets its grubs on it.

BlackBerry uses AES.

I completely agree with what you say regarding the device password and security. I woul donly add that imo, a Media Card should not be present thus eliminating the possibility of erroroneously writing data to removable media.

As to cracking the memory contents of a BlackBerry once the data has been copied to other media, I only know that this is done but not often but when it is neccessary to be done, it is done. I shall say no more on this.

**Ben1232** · 06-23-2012, 01:13 PM

...next week, safe cracking.

**Pete6** · 06-23-2012, 01:14 PM

Originally Posted by mrrsquared79

Ok you two, I don't want you to get into a pissing match but could either of you or both of you provide cookbook instructions on how to make sure I implement the best ways to keep my stuff secure?

I should also add that I do have a media card inserted and do have files on there should my phone get lost or stolen not become public.

Thanks for the kind words. There will be no pissing contest. Tõnis is a good guy and he knows what he is talking about and so do I. Neither of us are kids either

.

**Pete6** · 06-23-2012, 01:16 PM

Originally Posted by Ben1232

...next week, safe cracking.

Yes, yes, take a knife, insert into the slot at the top of the piggy bank. Now invert the whole and jiggle until all the coins are lying on the bed.

**Tõnis** · 06-23-2012, 01:17 PM

Originally Posted by Pete6

... As to cracking the memory contents of a BlackBerry once the data has been copied to other media, I only know that this is done but not often but when it is neccessary to be done, it is done. I shall say no more on this.

I wish you would! It would have to be through a back door, and I would be very disappointed (though not surprised) to learn that one exists.

**Tõnis** · 06-23-2012, 01:19 PM

Originally Posted by Pete6

Thanks for the kind words. There will be no pissing contest. Tõnis is a good guy and he knows what he is talking about and so do I. Neither of us are kids either

.

Often I act like one!

**Tõnis** · 06-23-2012, 01:27 PM

Originally Posted by mrrsquared79

Obviously showing my ignorance here...this whole time I have been only using the device password as the only mode of security. That being said where are the other security features located, media card, etc.??

On OS6 (and probably OS7) the settings are in Options>Security>Password and in Options>Security>Encryption. Check THIS topic and ask if you have any questions.

As Pete pointed out, the media card can be a vulnerability, but, to my understanding, that's only if you choose "Device Password" as the encryption mode. I have many files on mine that I don't want anyone accessing, and I use "Device Password and Device Key." If you encrypt your media card, make sure you properly back up your files somewhere (like on your pc). You could lock yourself forever out of your files if your BlackBerry performs a security wipe or dies.

**amazinglygraceless** · 06-23-2012, 01:28 PM

Originally Posted by Tõnis

I wish people would stop implying and/or saying law enforcement will get into a properly set up BlackBerry with this equipment. No one, not even "law enforcement" is meaningfully getting into a properly configured BlackBerry (i.e. strong password, encryption in use, media card not encrypted using the Security Password method) even with Cellebrite equipment or Elcomsoft password software. This Cellebrite equipment might be able to get around a BlackBerry's password and read directly from the hardware, but it can't crack the encryption. If you've set up your Blackberry properly with encryption in use, no one will be able to meaningfully access your files without your password.

You know, being knowledgeable is one thing, being pedantic is another and it is massively
annoying. The OPs question was answered as it was stated.

The OP wanted to know what Cellebrite is, who uses it and how can an everyday user
protect themselves against it's use.That question was properly answered without the
rest of this overblown, esoteric BS.

No one implied a damn thing with respect to law enforcement, encryption or anything
else of the kind.

**Pete6** · 06-23-2012, 01:31 PM

Originally Posted by amazinglygraceless

You know, being knowledgeable is one thing, being pedantic is another and it is massively
annoying. The OPs question was answered as it was stated.

The OP wanted to know what Cellebrite is, who uses it and how can an everyday user
protect themselves against it's use.That question was properly answered without the
rest of this overblown, esoteric BS.

No one implied a damn thing with respect to law enforcement, encryption or anything
else of the kind.

AG, I think that was my fault. Many apologies. I said this because this is one of CelleBrite's markets.

**mrrsquared79** · 06-23-2012, 01:43 PM

Originally Posted by Tõnis

On OS6 (and probably OS7) the settings are in Options>Security>Password and in Options>Security>Encryption. Check THIS topic and ask if you have any questions.

As Pete pointed out, the media card can be a vulnerability, but, to my understanding, that's only if you choose "Device Password" as the encryption mode. I have many files on mine that I don't want anyone accessing, and I use "Device Password and Device Key." If you encrypt your media card, make sure you properly back up your files somewhere (like on your pc). You could lock yourself forever out of your files if your BlackBerry performs a security wipe or dies.

Thread Tonis put in here was exactly what I was looking for now that I am aware the device password is woefully inadequate...

**southlander** · 06-23-2012, 01:49 PM

Originally Posted by Pete6

You are wrong. It can be done. It is hard and it is time consuming but, it can be done by law enforcement agencies if they really want to.

But that's an interesting point. How easy is it? The articles I have read make it sound like police can collect the data from phones at the roadside.

If Tonis' suggestion makes that virtually impossible then that's pretty good. I mean I see a distinction in someone simply plugging in a port connector, pressing a few buttons and sucking the data out vs. Taking the device into a lab and calling in trained engineers to systematically tear through defenses bit by bit.

Sent from my BlackBerry Bold 9930 using Tapatalk

**canuck_67** · 06-23-2012, 01:58 PM

I cracked my bb.

i dropped it, and everything came spilling out!!!

AHHHHHHH!!!! INSECURE!!!!!!!!!

**Pete6** · 06-23-2012, 01:58 PM

Originally Posted by southlander

But that's an interesting point. How easy is it? The articles I have read make it sound like police can collect the data from phones at the roadside.

If Tonis' suggestion makes that virtually impossible then that's pretty good. I mean I see a distinction in someone simply plugging in a port connector, pressing a few buttons and sucking the data out vs. Taking the device into a lab and calling in trained engineers to systematically tear through defenses bit by bit.

Sent from my BlackBerry Bold 9930 using Tapatalk

This is going to be my last word on this. The CelleBrite box (they make several) is, I believe mains powered.

If you have a simple, for example, Nokia phone then you can remove the SIM card and read it in their box. I have a USB device that will do this. I got it on ebay. CeleBrite have cables that connect their box to a variety of phones. Most of these can be easily accessed via their PC connection ports even if the phone has a password. Access via the port still allows the SMS, movies and pictures to be extracted. I stress that this would be for simple or dumb phones.

BlackBerrys are harder but I have already outlined above how a BlackBeryy "might" be accessed in a specialised laboratory.

That's it.

**hornlovah** · 06-23-2012, 03:06 PM

Sorry amazinglygraceless, too much FUD in this thread to not respond. At present, there is no commercial software or forensic extraction units that will bypass a locked BlackBerry's passcode. Forensic software vendors market their products aggressively, so we will know when that capability is developed. Now if your BlackBerry falls into the hands of a skilled forensic analyst, they can disassemble your BlackBerry and use specialized equipment and techniques to obtain a raw memory dump via a JTAG or a chip-off extraction. If your data is encrypted, an adversary will not crack the encryption! Direct attacks against 256-bit AES encryption are purely theoretical, and no one has managed to mount a successful attack against the encryption keys that secure data in internal memory. All encryption schemes will fall over time, but hopefully we'll all be using BB50 by then.

As far as media card encryption goes, if you choose the "Device Password" only option to encrypt media card data, your data will be as safe as your password is strong. Selecting this option does not automatically compromise your phone, it just means that someone can mount an offline attack against your phone's password. A weakness in the "Device Key" only option has been discovered, so don't use that. If you use "Device Password & Device Key" like Tõnis suggested, your encrypted media is secure despite all assertions to the contrary.

Also, much of the sophisticated software, tools, and techniques that forensic analysts utilize eventually finds its way into the public domain. It would be unwise to assume that only law enforcement has access to them.

**Tõnis** · 06-23-2012, 04:00 PM

I updated the HowTo topic (Post #17) to reflect the new information and BlackBerry 6 (and I think OS 7).

How to Encrypt Data on your BlackBerry and Its Media Card