- Is there a program that will convert the .jpg.rem files that are on my laptop?
I purchased an Iphone recently and sold my Pearl 8110. I copied all of the files off of my phone and SD card onto my flash drive using just the traditional drag and drop method because I was on a work computer and didn't have Desktop Manager on the PC.
I tried searching but all results showed the option for disabling encryption on the sd card. Obviously I wasn't thinking about the encryption when I copied my files. I know how to do it using Data Manager but that does me no good since I sold my blackberry.
Thanks for any suggestions.02-16-10 03:13 AMLike 0 - Except for the fact no one makes that kind of software but RIM (for their devices anyhow) and there is no way they are giving it out. I would like RIM a lot less if these apps were freely available, so would anyone with encrypted data.02-16-10 10:10 AMLike 0
-
The OP could have recovered his files before selling his phone. Unfortunately,
its a mistake, but now he does not have the option of putting his media card
back in his Pearl 8110.
I agree with Radius that RIM should not be giving out their encryption algorithms.02-16-10 10:48 AMLike 0 - You guys don't know anything about encryption or why using proprietary algorithms is all but dead in the industry.
RIM does not have their own algorithms, they use standards, as I said. Good crypto depends on good key management and the secrecy of the keys, not secret algorithms or other smoke and mirrors.
The algorithms are all public standards. So I guess now you don't like RIM.Last edited by F0nage; 02-16-10 at 11:08 AM.
02-16-10 11:06 AMLike 0 - Please pardon the ignorant questions, but what are algorithms, what is key management, and why does secrecy of one matter while secrecy of the other doesn't? Most importantly (to me), if my BB media card jpeg's are encrypted, will someone who puts the media card in the card reader of his computer be able to find a way to view my pics?
Posted from my CrackBerry at wapforums.crackberry.com02-16-10 02:16 PMLike 0 - Pretty much what I was expecting to hear but thought there might be a converter out that would let me decrypt using the original password.
Oh well, Live and learn.
Posted from my CrackBerry at wapforums.crackberry.com02-17-10 03:02 AMLike 0 - An algorithm is a procedure for accomplishing a task. To write a non-trivial program, you have to understand what you want to do and formalize it, and then write the code to implement the algorithm correctly. In the case we're talking about, crypto, mathematicians come up with a way to encode data that doesn't depend on the secrecy of the algorithm, just the secrecy of the keys. Then they describe the algorithm using figures and a written description, so programmers can implement it.
Key management is how you generate and store keys. Keys are the important link in security in a properly designed system, so like the files you're trying to encrypt, the keys also have to be encrypted and kept secure. Otherwise, if someone compromises your device, they could recover your keys, which would make the encryption worthless. What you choose for your key is really a passphrase. There are standard ways of operating on passphrases to generate keys that are appropriate for each type of cipher.
Because a good cryptographic algorithm must not depend on the secrecy of the algorithm, but only on the secrecy of the keys. All of commonly used cryptographic algorithms are published standards. This gives an opportunity for people in the community to evaluate the algorithm, develop attacks, and ultimately verify whether there are any known weaknesses. Invariably, algorithms that depend on the secrecy of the algorithm are found to be broken. And it's a simple matter for people to reverse engineer anything they have access to, so hiding the source does no good for anybody. Any good cryptographic algorithm can easily withstand being exposed without compromising its security in the least.
RIM hasn't been very forthcoming with documentation, but from searching around it looks like they have options of 3DES and AES256 throughout their solution. If you use a good passphrase these ciphers are safe enough that it is not practical for anybody to recover your files in a reasonable time. If they really, really want something you have, and they can't recover your keys with standard techniques, it's easier to use rubber hose cryptanalysis than to continue with technology.
If you use bad passphrases like your birthday or other personal info, it is relatively easy for someone who really wants your files to figure it out.02-17-10 05:13 AMLike 0 - You guys don't know anything about encryption or why using proprietary algorithms is all but dead in the industry.
RIM does not have their own algorithms, they use standards, as I said. Good crypto depends on good key management and the secrecy of the keys, not secret algorithms or other smoke and mirrors.
The algorithms are all public standards. So I guess now you don't like RIM.
But the main thing is RIM isn't going to tell us anything so the only way for the average person to get their stuff back is on the original phone. Also, just because they use a standard algorithm doesn't mean anything, they probably don't do linear encryption anyhow on a whole file. I bet they mix it up a little as I have done in the past to make the truly security paranoid people happy.
It's amazing the lengths some people want you to go to protect temperature and humidity data sometimes.02-17-10 09:45 AMLike 0 - What's linear encryption? Sounds like you're making stuff up.
Nobody mixes encryption, that's a known bad idea. If anybody is stupid enough to try to roll his own, even using standard ciphers, he has no idea what he's doing. Nobody in the industry does that. In some cases, they have shown that multiple encryption has the potential to leak and make the resulting ciphertext easier to deal with than had they used a single cipher. If you are playing around with that stuff you are painting a giant bullseye on yourself and I wouldn't want to be the lawyer who has to defend you.
Anybody who has an ounce of brains and doesn't want his a$$ handed to him in court will use industry standard toolkits implementing accepted, published, standard ciphers. If you are foolish enough to think you're smarter than the teams that come up with this stuff, you are very sadly mistaken. If they could improve the security of their algorithms, they would have done it already. Like Bruce Schneier said, "nobody was ever fired for using a standard."
The main point I want to make is that while there is heavy mathematics in this, it is not smoke and mirrors or privileged information as so many people who have no idea what they are talking about would like to suggest.Last edited by F0nage; 02-17-10 at 11:12 AM.
02-17-10 11:05 AMLike 0 - No, I mean encrypt the data in a linear fashion in the file.
For example, we have 100 bytes and are using a known algorithm so anyone can crack it right?
So we partition the data into 25 byte "sectors" and encrypt them separately. And instead of always using the same key, just have the code mix it up as it goes along.
That way someone trying to crack into the file isn't going to be able to do it so easily, and the primary key is never used to encrypt the first sector so they won't be able to tell what's going on. This method will stop most people in their tracks for a long time until they figure out what's going on.02-17-10 12:56 PMLike 0 -
There are stream ciphers and block ciphers. Stream ciphers operate byte by byte while block ciphers operate on fixed length pieces of cleartext and pad out the last block so all the blocks are even. Most of the time you don't use stream ciphers when you're encrypting text for storage, you use a block cipher. Stream ciphers are used when performance is more important than security. This is a bit of an overgeneralization, but it's good enough for this discussion. Depending on the blocksize of the cipher you use, a 100 bytes of cleartext won't be 100 bytes of ciphertext, it will probably wind up being 128 bytes.
I like to make the analogy that cryptography is like chemistry. In both sciences, you have people with a lot of training working together in teams and in very competitive environments. When they come out with stuff you should really use what they give you, the way they recommend using it, because by the time we hear about it, a lot smarter people than us have tried to break their stuff and couldn't. Just like you wouldn't get a couple of drums of chemicals and start mixing stuff together without expecting to see your house on the 6:00 News (if you were still alive, that is) you shouldn't try to start mixing and fooling around with the algorithms and tools they designed, because they are way ahead of us and already thought about and dismissed all our wacky ideas about other ways to do things to make them more secure.
sci.crypt is full of one brain surgeon after another coming up with a new, "unbreakable" algorithm only to be shot down before he ever gets off the runway. The rule of thumb is, you're not qualified to write your own cipher or waste other people's time with challenges until you have broken or at least designed a practical attack on an existing cipher.
All of the commonly available standard algorithms are perfectly safe when used as directed. If you change anything, you're on your own.
That way someone trying to crack into the file isn't going to be able to do it so easily, and the primary key is never used to encrypt the first sector so they won't be able to tell what's going on. This method will stop most people in their tracks for a long time until they figure out what's going on.
For anybody interested in all this, read all the books you can get your hands on from Bruce Schneier. He is not only an expert on cryptography and a participant in the competition that led to the recent adoption of AES as the U.S. standard, but he has important insights and observations on security issues in general and has the ability to explain key issues to programmers and non-technical people in useful and thought-provoking ways.Last edited by F0nage; 02-18-10 at 03:02 AM.
02-18-10 02:55 AMLike 0
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
Undo jpg Encryption on PC
LINK TO POST COPIED TO CLIPBOARD