Welcome to the CrackBerry Forums Create Your Account or Ask a Question Answers in 5 minutes - no registration required!
Page 6 of 7 FirstFirst ... 34567 LastLast
Results 126 to 150 of 158
Like Tree203Likes
  1. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,683 Posts
    PIN
    27F48177
    #126  

    Default

    Quote Originally Posted by valeuche View Post
    and now reading even more about the London Riots I came across this quote:
    In the words of Crackberry.com, “although PIN-to-PIN messages are encrypted using Triple-DES, the key used is a global cryptographic 'key' that is common to every BlackBerry device all over the world". “This means any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device, if the messages can be intercepted and the destination PIN spoofed.”

    Uh - that takes a lot of the advantage away. PIN to PIN messages are encrypted with a single symmetric key that is common to every blackberry in the world? Unless I'm not understanding this correctly, that seems to mean that there's almost no value in the encryption at all. If you can intercept the message and that message isn't encrypted by a asymmetric session key, and moreover is a key the whole world must be aware of, what is the point?

    Can someone explain exactly how BBM encryption works?

    edit: it looks like this article: Is BlackBerry messaging secure? | Sci-Tech | DAWN.COM reinforces that.

    (quoted) However, it should be understood that if you are not using BES, you should not consider PIN-to-PIN messages as ‘secure’ and/or encrypted. The messages are only scrambled to the point where a normal third party cannot view them.

    No kidding. This is basically exactly the same level of security that WhatsApp has. You just have to go to a different but also easily available place to get ahold of the symmetric key.

    Someone please tell me that these articles are wrong and I am not correctly understanding how the PIN to PIN encryption is being applied for BIS communications with BBM?
    I see what you're saying but RIM has made sure a PIN is imposibile to spoof on their network, never been done. It's the reason RIM knows exactly how many active subscribers they have. And not only messages but also files go trough this network.
  2. valeuche's Avatar
    CrackBerry Addict

    Posts
    568 Posts
    Global Posts
    1,045 Global Posts
    PIN
    7BCA4397
    #127  

    Default Just a though about whatsapp !!

    Quote Originally Posted by belfastdispatcher View Post
    I see what you're saying but RIM has made sure a PIN is imposibile to spoof on their network, never been done. It's the reason RIM knows exactly how many active subscribers they have. And not only messages but also files go trough this network.
    Spoofing the pin isn't the problem, observing the message in transport and then decrypting it is the problem. If you were somehow able to spoof the pin it would make things much easier in that you could have the messages delivered to you in encrypted form wherever in the world you wanted, but for example messages being delivered over a wifi or GSM network could be observed by a third party and then decrypted.
  3. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,683 Posts
    PIN
    27F48177
    #128  

    Default

    Quote Originally Posted by valeuche View Post
    Spoofing the pin isn't the problem, observing the message in transport and then decrypting it is the problem. If you were somehow able to spoof the pin it would make things much easier in that you could have the messages delivered to you in encrypted form wherever in the world you wanted, but for example messages being delivered over a wifi or GSM network could be observed by a third party and then decrypted.
    You are assuming this, in practice is impossible as proved by the test of time, RIM has never had a BIS or BES breach of security. It's the reason givernments use it, it's the reason a lot of the UK police use them.

    PS if one really wants to they can encrypt pin to pin messages as explained here by I can't remember who, I just saved the how to do it:

    1) Select contact from contact list that has a BlackBerry pin saved.
    2) Hit the menu button and select option to send a pin message to that contact.
    3) Go up to where it says encoding and select s/mime (encrypt)
    4) Once S/mime (encrypt) has been selected hit the BlackBerry button and select options. Scroll down to select use password based encryption, hit the BB button and save.
    5)Type message keeping in mind the subject line will not be encrypted.
    6) Hit the BB button and send
    7) Enter the password the recipient will need to enter upon receiving the message in order to decrypt an read it.
    8) Once password has been entered twice, select ok to send your encrypted message to your contact. Once they enter the password on their phone they will be able to read the body of the message.
  4. valeuche's Avatar
    CrackBerry Addict

    Posts
    568 Posts
    Global Posts
    1,045 Global Posts
    PIN
    7BCA4397
    #129  

    Default

    Quote Originally Posted by belfastdispatcher View Post
    You are assuming this, in practice is impossible as proved by the test of time, RIM has never had a BIS or BES breach of security. It's the reason givernments use it, it's the reason a lot of the UK police use them.

    PS if one really wants to they can encrypt pin to pin messages as explained here by I can't remember who, I just saved the how to do it:

    1) Select contact from contact list that has a BlackBerry pin saved.
    2) Hit the menu button and select option to send a pin message to that contact.
    3) Go up to where it says encoding and select s/mime (encrypt)
    4) Once S/mime (encrypt) has been selected hit the BlackBerry button and select options. Scroll down to select use password based encryption, hit the BB button and save.
    5)Type message keeping in mind the subject line will not be encrypted.
    6) Hit the BB button and send
    7) Enter the password the recipient will need to enter upon receiving the message in order to decrypt an read it.
    8) Once password has been entered twice, select ok to send your encrypted message to your contact. Once they enter the password on their phone they will be able to read the body of the message.
    It's the same level of assumption that is going into the description of the WhatsApp weaknesses. Both are being described in almost exactly the same way, RIM also says that BBM over BIS messages should not be considered encrypted but simply scrambled, and there is considerable description of the weakness of both systems and it looks to be almost exactly the same weakness, and interception and decryption of both systems (whatsapp on android with the most recent software vs BBM on BIS) are both described theoretically but I can't find any examples of an attack demonstrated, but both of them certainly seem weak enough, and particularly weak for something of the level of western government (or Chinese or Russian, et. al.) agency to monitor.

    Nothing in what they are describing looks to be particularly difficult for anyone to attack or at least one doesn't seem to be any more difficult than another. Short of taking a sabbatical and making it a grad school project it's going to have to be an assumption I'm making in both cases, but again, from what is described it does not look difficult to attack.

    Government agencies may well use BBM over BES with supplemental security, I'm sure they don't use BBM over BIS for anything remotely sensitive.

    Thanks for the description of how to encrypt the message but some of the same fundamental problems exist - it's a symmetric cypher and there needs to be a secure way of exchanging the key between the sender and recipient (PGP does something like this - or used to - the message is encrypted with a symmetric cypher but then that key is encrypted with the target public key, in the old days the encryption was too CPU intensive to do this for the entire message but I imagine now it's within reason). This is effectively the same security whatsapp has again - the message is encrypted but the key is communicated in the clear. If the key is intercepted during transmission, the message is vulnerable. Basically exactly the same thing those 1-8 steps above provide for, except there is at least the option in that situation of meeting and exchanging the shared secret or of communicating it in some other known secure way.
    Last edited by valeuche; 01-24-2013 at 02:45 AM.
  5. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,683 Posts
    PIN
    27F48177
    #130  

    Default

    Quote Originally Posted by valeuche View Post
    It's the same level of assumption that is going into the description of the WhatsApp weaknesses. Both are being described in almost exactly the same way, RIM also says that BBM over BIS messages should not be considered encrypted but simply scrambled, and there is considerable description of the weakness of both systems and it looks to be almost exactly the same weakness, and interception and decryption of both systems (whatsapp on android with the most recent software vs BBM on BIS) are both described theoretically but I can't find any examples of an attack demonstrated, but both of them certainly seem weak enough, and particularly weak for something of the level of western government agency to monitor.

    Nothing in what they are describing looks to be particularly difficult for anyone to attack or at least one doesn't seem to be any more difficult than another. Short of taking a sabbatical and making it a grad school project it's going to have to be an assumption I'm making in both cases, but again, from what is described it does not look difficult to attack.

    Government agencies may well use BBM over BES with supplemental security, I'm sure they don't use BBM over BIS for anything remotely sensitive.

    Thanks for the description of how to encrypt the message but some of the same fundamental problems exist - it's a symmetric cypher and there needs to be a secure way of exchanging the key between the sender and recipient (PGP does something like this - or used to - the message is encrypted with a symmetric cypher but then that key is encrypted with the target public key, in the old days the encryption was too CPU intensive to do this for the entire message but I imagine now it's within reason). This is effectively the same security whatsapp has again - the message is encrypted but the key is communicated in the clear. If the key is intercepted during transmission, the message is vulnerable. Basically exactly the same thing those 1-8 steps above provide for, except there is at least the option in that situation of meeting and exchanging the shared secret or of communicating it in some other known secure way.
    But you're ignoring that BIS BES has stood the test of time and it has been impossible even for law enforcement agencies to break into them, which is part of the reason themselves are using them, you know, for security reasons.

    What you maybe missed about Whatsapp is they base encryption on device mac number or imei etc

    And what's more important a BBM identity cannot be stolen, you can't clone a pin and spoof it on the network, period. Phone numbers, well you know how easy that is.

    http://www.ebay.co.uk/sch/i.html?_trksid=p5197.m570.l1311&_nkw=sim+card+clon er&_sacat=0&_from=R40
  6. valeuche's Avatar
    CrackBerry Addict

    Posts
    568 Posts
    Global Posts
    1,045 Global Posts
    PIN
    7BCA4397
    #131  

    Default

    Quote Originally Posted by belfastdispatcher View Post
    But you're ignoring that BIS BES has stood the test of time and it has been impossible even for law enforcement agencies to break into them, which is part of the reason themselves are using them, you know, for security reasons.

    What you maybe missed about Whatsapp is they base encryption on device mac number or imei etc

    And what's more important a BBM identity cannot be stolen, you can't clone a pin and spoof it on the network, period. Phone numbers, well you know how easy that is.

    sim card cloner in Computers/Tablets & Networking | eBay
    Sure, the key is generated based on the imei (on android). At least that is a different key for every device in the world, BBM (on BIS) uses the same key for every device in the world. You wouldn't even have to know the imei - you already know the key.

    Communications security establishment canada specifically calls some of this out:
    Security of BlackBerry PIN-to-PIN Messaging

    PIN-to-PIN transmission security: PIN-to-PIN is not suitable for exchanging sensitive messages. Although PIN-to-PIN messages are encrypted using Triple-DES, the key used is a global cryptographic "key" that is common to every BlackBerry device all over the world. This means any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device, if the messages can be intercepted and the destination PIN spoofed. Further, unfriendly third parties who know the key could potentially use it to decrypt messages captured over the air. Note that the "BlackBerry Solution Security Technical Overview" [1] document published by RIM specifically advises users to "consider PIN messages as scrambled, not encrypted".

    Note the recommendations include using BES with a privately generated key, but that this negates the ability to communicate PIN to PIN to outside-of-enterprise devices. I have no idea if that is accurate, but that's what CSEC states there.

    I'm not sure how much further to go with the discussion. A Crackberry editorial says that BBM over BIS is not secure ( Is PIN to PIN messaging secure? | CrackBerry.com ), a number of blogs indicate that it is not secure and as per the link I already provided the CSEC indicates it is not secure. Additionally it certainly doesn't seem secure in how it is described. I suspect further discussion will just go back and forth with you saying "it is secure, no one has ever broken it" and me saying "it is repeatedly stated that it is not secure by RIM itself, various agencies and various publications". Yes, I can't find a youtube video with someone decrypting a message taken out of a GSM frame and decrypted, but I also don't think the kinds of agencies that do this sort of thing put their findings on youtube.
  7. reeneebob's Avatar
    CrackBerry Genius of Geniuses

    Posts
    5,697 Posts
    Global Posts
    6,365 Global Posts
    PIN
    Wouldn't you like to know
    #132  

    Default Re: Just a though about whatsapp !!

    Awwww look. One of the fake accounts finally got the courage to do more than like spam.

    I had to get the red SGS3...garnet is my birthstone! Excuses sent via Tapatalk 2
  8. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,683 Posts
    PIN
    27F48177
    #133  

    Default

    Quote Originally Posted by valeuche View Post
    Sure, the key is generated based on the imei (on android). At least that is a different key for every device in the world, BBM (on BIS) uses the same key for every device in the world. You wouldn't even have to know the imei - you already know the key.

    Communications security establishment canada specifically calls some of this out:
    Security of BlackBerry PIN-to-PIN Messaging

    PIN-to-PIN transmission security: PIN-to-PIN is not suitable for exchanging sensitive messages. Although PIN-to-PIN messages are encrypted using Triple-DES, the key used is a global cryptographic "key" that is common to every BlackBerry device all over the world. This means any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device, if the messages can be intercepted and the destination PIN spoofed. Further, unfriendly third parties who know the key could potentially use it to decrypt messages captured over the air. Note that the "BlackBerry Solution Security Technical Overview" [1] document published by RIM specifically advises users to "consider PIN messages as scrambled, not encrypted".

    Note the recommendations include using BES with a privately generated key, but that this negates the ability to communicate PIN to PIN to outside-of-enterprise devices. I have no idea if that is accurate, but that's what CSEC states there.

    I'm not sure how much further to go with the discussion. A Crackberry editorial says that BBM over BIS is not secure ( Is PIN to PIN messaging secure? | CrackBerry.com ), a number of blogs indicate that it is not secure and as per the link I already provided the CSEC indicates it is not secure. Additionally it certainly doesn't seem secure in how it is described. I suspect further discussion will just go back and forth with you saying "it is secure, no one has ever broken it" and me saying "it is repeatedly stated that it is not secure by RIM itself, various agencies and various publications". Yes, I can't find a youtube video with someone decrypting a message taken out of a GSM frame and decrypted, but I also don't think the kinds of agencies that do this sort of thing put their findings on youtube.
    Yet the law agencies do cry they can't do it, no matter what you read on paper, usually disclaimers. It simply cannot be done, even if you do know the key it's useless if you cannot get on the network and if the devices are password protected and encrypted locally you have no chance in helll getting them from the devices either. So i don't know what more do you want. BBM is proven to be secure for quite a few years now, for some countries it's even too secure and tried to ban it.
  9. qbnkelt's Avatar
    Retired CrackBerry Ambassador

    Posts
    17,137 Posts
    Global Posts
    18,186 Global Posts
    PIN
    nahhhhh.....
    #134  

    Default

    You know, seriously Varun Sain, no more kidding around here, OK? Seriously now...

    Do you really think that engaging in this kind of behaviour is worth having your IP trapped and blocked? It's not just CB....there are laws in India that deal with internet/communications abuse. You have established a well seen pattern here and I don't think that this kind of childish behaviour is worth an impact to your being able to conduct your business. You are defacing an internet site, stalking three women, bullying.....all for the sake of a piece of plastic and wires.

    Now....this is the last time that I will address you in a sensible, logical manner. I really don't want to act against you, so don't push my hand. You have shown a clear pattern and if you think just creating a new account is the end of it, you are incorrect. Seriously, stop and think. Research regulations and laws in India against this kind of stalking, defacing, bullying, and misogyny.

    This is the last time.

    From this point there will be action against you.

    http://cybercellmumbai.gov.in/
    Do not meddle in the affairs of dragons, for thou art crunchy, and good with ketchup
    "When debate is lost, slander becomes the tool of the loser" - Socrates
    iMore Ambassador
    Thanked by 2:
    jakie55 (01-24-2013) 
    pantlesspenguin likes this.
  10. Sith_Apprentice's Avatar
    Mod Team Emeritus

    Posts
    10,165 Posts
    Global Posts
    10,167 Global Posts
    PIN
    Changes way too often
    #135  

    Default Re: Just a though about whatsapp !!

    Ok things are a biiit off topic. Getting back to BBM encryption and PIN-TO-PIN encryption let us go straight to the source.

    http://docs.blackberry.com/en/admin/...1840226_11.jsp

    There is a global 168bit TDES key. Keep in mind that every BlackBerry shares this key, but it is still encrypted. It should not been considered secure, but it is better than text etc.


    Whatsapp says they are encrypted but I don't see the method. They also have some history of privacy issues so I would be cautious there.
    Last edited by Sith_Apprentice; 01-24-2013 at 01:48 PM.
    ~S_A
    All views and opinions here are my own, and do not represent any views, opinions, or official communications either actual or implied of my employer.
    Thanked by:
    qbnkelt (01-24-2013) 
    qbnkelt likes this.
  11. Sith_Apprentice's Avatar
    Mod Team Emeritus

    Posts
    10,165 Posts
    Global Posts
    10,167 Global Posts
    PIN
    Changes way too often
    #136  
    ~S_A
    All views and opinions here are my own, and do not represent any views, opinions, or official communications either actual or implied of my employer.
    Thanked by:
    qbnkelt (01-24-2013) 
    qbnkelt likes this.
  12. hornlovah's Avatar
    CrackBerry Abuser

    Posts
    220 Posts
    #137  

    Default

    Quote Originally Posted by belfastdispatcher View Post
    Yet the law agencies do cry they can't do it, no matter what you read on paper, usually disclaimers. It simply cannot be done, even if you do know the key it's useless if you cannot get on the network and if the devices are password protected and encrypted locally you have no chance in helll getting them from the devices either. So i don't know what more do you want. BBM is proven to be secure for quite a few years now, for some countries it's even too secure and tried to ban it.
    The following is not correct: "if the devices are password protected and encrypted locally you have no chance in helll getting them from the devices either," but you make a great point about the threat model. Cellebrite finally released software last September that will reliably decrypt and decompress BBMs sent via BIS from memory dumps of locked, encrypted devices. The shared key is known, but talented forensic researchers struggled with the compression algorithm for quite some time.

    Valeuche, any threat to BIS BBM security will come from law enforcement via a lawful request to intercept communications or your locked device ending up in the hands of a skilled forensic analyst with access to specialized equipment and restricted software costing several thousand dollars. If you need/desire to thwart these types of attacks, use PGP, protect your keys with a long, randomly generated password, and pray that the recipient shares your commitment to security/privacy.
  13. #138  

    Default

    Quote Originally Posted by hornlovah View Post
    The following is not correct: "if the devices are password protected and encrypted locally you have no chance in helll getting them from the devices either," but you make a great point about the threat model. Cellebrite finally released software last September that will reliably decrypt and decompress BBMs sent via BIS from memory dumps of locked, encrypted devices. The shared key is known, but talented forensic researchers struggled with the compression algorithm for quite some time.
    Are you suggesting the encryption and other protections required for FIPS 140-2 certification can be broken by Cellbrite? If your claim was true the FIPS approval for all RIM devices would have been revoked 4-5 months ago - and most other crypto module approvals would also be impacted if the approved encryption methods have been cracked.
    <a href="http://www.galatis.de/starboard.php?d=5518"><!-- Something special for the spammers --></a>
    CrackBerry... where only Stupid People fight about Smart Phones
  14. hornlovah's Avatar
    CrackBerry Abuser

    Posts
    220 Posts
    #139  

    Default

    Quote Originally Posted by Branta View Post
    Are you suggesting the encryption and other protections required for FIPS 140-2 certification can be broken by Cellbrite? If your claim was true the FIPS approval for all RIM devices would have been revoked 4-5 months ago - and most other crypto module approvals would also be impacted if the approved encryption methods have been cracked.
    I'm suggesting that Cellebrite Physical Analyzer can decode BBMs scrambled with the global BIS key, and in some cases, they have also retrieved deleted BIS BBMs from locked, encrypted devices. Deleted BBM retrieval seems to be hit & miss and dependent on the OS and other factors though.
  15. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,683 Posts
    PIN
    27F48177
    #140  

    Default

    Quote Originally Posted by hornlovah View Post
    I'm suggesting that Cellebrite Physical Analyzer can decode BBMs scrambled with the global BIS key, and in some cases, they have also retrieved deleted BIS BBMs from locked, encrypted devices. Deleted BBM retrieval seems to be hit & miss and dependent on the OS and other factors though.
    Do you have a link for this that proves it?
  16. hornlovah's Avatar
    CrackBerry Abuser

    Posts
    220 Posts
    #141  

    Default

    Quote Originally Posted by belfastdispatcher View Post
    Do you have a link for this that proves it?
    I'm genuinely puzzled why anyone would think that a global encryption key, present on every BlackBerry phone, would remain a secret from forensic researchers. That said - I can't link to the exact discussion I was referring to because access is restricted, but I did locate a similar discussion in a public forum. This post does contain contain a statement from a Cellebrite representative saying that the next Cellebrite UFED Physical Analyzer adds deleted BBM retrieval from physical dumps and chip offs. Would that suffice? Are you familiar with the circumstances in which a chip-off extraction would be necessary? If so, read Deleted BBM extraction from phyical or chip-off.
  17. Sith_Apprentice's Avatar
    Mod Team Emeritus

    Posts
    10,165 Posts
    Global Posts
    10,167 Global Posts
    PIN
    Changes way too often
    #142  

    Default

    Quote Originally Posted by hornlovah View Post
    I'm suggesting that Cellebrite Physical Analyzer can decode BBMs scrambled with the global BIS key, and in some cases, they have also retrieved deleted BIS BBMs from locked, encrypted devices. Deleted BBM retrieval seems to be hit & miss and dependent on the OS and other factors though.
    Devices that are encrypted with the DEVICE key cannot be broken into by the cellebrite machines, also encryption set to "Strongest" is considered to be 'not breakable', and the data is NOT retrievable on anything newer than OS 4.5.

    Also a wipe, with content protection set to "Stronger" or higher, will erase ALL data on the device, compliant with US Govt standards. On devices 4.5 and newer, this can be used to sanitize devices that have had classified data leak onto them.
    ~S_A
    All views and opinions here are my own, and do not represent any views, opinions, or official communications either actual or implied of my employer.
  18. hornlovah's Avatar
    CrackBerry Abuser

    Posts
    220 Posts
    #143  

    Default

    Quote Originally Posted by Sith_Apprentice View Post
    Devices that are encrypted with the DEVICE key cannot be broken into by the cellebrite machines, also encryption set to "Strongest" is considered to be 'not breakable', and the data is NOT retrievable on anything newer than OS 4.5.
    Please review my earlier posts. I would never claim that a Cellebrite UFED device can access data on a locked BlackBerry, but I did state that Cellebrite Physical Analyzer software can decode BIS BBMs from memory dumps of locked, encrypted devices. These memory dumps are obtained from chip-off and JTAG extractions.
  19. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,683 Posts
    PIN
    27F48177
    #144  

    Default

    Quote Originally Posted by hornlovah View Post
    I'm genuinely puzzled why anyone would think that a global encryption key, present on every BlackBerry phone, would remain a secret from forensic researchers. That said - I can't link to the exact discussion I was referring to because access is restricted, but I did locate a similar discussion in a public forum. This post does contain contain a statement from a Cellebrite representative saying that the next Cellebrite UFED Physical Analyzer adds deleted BBM retrieval from physical dumps and chip offs. Would that suffice? Are you familiar with the circumstances in which a chip-off extraction would be necessary? If so, read Deleted BBM extraction from phyical or chip-off.
    You're basing your argument on that? Did you even read it properly?

    "Gregg,

    To answer your question I think that you will have no luck getting anything back if the device has had the passcode entered incorrectly X times and caused a wipe to commence.

    I had this same issue with a customer who gave me 12 variations of a password to try, obviously I was going to only be able to try 10 of those, so, after prioritising the list of 12, 10 passwords were entered, each of which was unsuccessful. The device commenced the wiping operation. I attempted to remove the battery and replace, but the wiping continued once the battery was replaced.

    After this I took a physical acquisition using UFED and got absolutely nothing back. It is my understanding that the wipe operation doesn't just replace the file system but actually zeros out the memory space first.

    If my memory serves me correctly it was an 8520 which I did this on.

    Colin
    _________________"
  20. hornlovah's Avatar
    CrackBerry Abuser

    Posts
    220 Posts
    #145  

    Default

    Quote Originally Posted by belfastdispatcher View Post
    You're basing your argument on that? Did you even read it properly?

    "Gregg,

    To answer your question I think that you will have no luck getting anything back if the device has had the passcode entered incorrectly X times and caused a wipe to commence.

    I had this same issue with a customer who gave me 12 variations of a password to try, obviously I was going to only be able to try 10 of those, so, after prioritising the list of 12, 10 passwords were entered, each of which was unsuccessful. The device commenced the wiping operation. I attempted to remove the battery and replace, but the wiping continued once the battery was replaced.

    After this I took a physical acquisition using UFED and got absolutely nothing back. It is my understanding that the wipe operation doesn't just replace the file system but actually zeros out the memory space first.

    If my memory serves me correctly it was an 8520 which I did this on.

    Colin
    _________________"
    Yes, I read it properly. The first post from the Cellebrite rep says, "Since the interest in BBM messages is still very relevant, I would like to share with you that the next UFED Physical Analyzer release will add deleted BBM extraction from the physical dumps and chip-offs." Chip-off extractions are only used when analysts encounter a locked device - there is no debating that fact. I'm not sure why you quoted an off-topic post regarding device wiping capabilities to refute my previous assertion. Perhaps you should review the thread again.
  21. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,683 Posts
    PIN
    27F48177
    #146  

    Default

    Quote Originally Posted by hornlovah View Post
    Yes, I read it properly. The first post from the Cellebrite rep says, "Since the interest in BBM messages is still very relevant, I would like to share with you that the next UFED Physical Analyzer release will add deleted BBM extraction from the physical dumps and chip-offs." Chip-off extractions are only used when analysts encounter a locked device - there is no debating that fact. I'm not sure why you quoted an off-topic post regarding device wiping capabilities to refute my previous assertion. Perhaps you should review the thread again.
    Right, the NEXT version is claimed to be able to do it in a forum post, not happened yet has it? It implies it might happen at some time in the future, no facts to see here.
  22. hornlovah's Avatar
    CrackBerry Abuser

    Posts
    220 Posts
    #147  

    Default

    Quote Originally Posted by belfastdispatcher View Post
    Right, the NEXT version is claimed to be able to do it in a forum post, not happened yet has it? It implies it might happen at some time in the future, no facts to see here.
    Please do your own homework. A quick glance tells me that Physical Analyzer 3.6.1 was released on or about December 28, 2012, and that forum post was dated September 3, 2012. I've followed Cellebrite for several years, and they will generally announce new capabilities in forums and discussion groups when the new software reaches the beta testing stage.
  23. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,683 Posts
    PIN
    27F48177
    #148  

    Default

    Quote Originally Posted by hornlovah View Post
    Please do your own homework. A quick glance tells me that Physical Analyzer 3.6.1 was released on or about December 28, 2012, and that forum post was dated September 3, 2012. I've followed Cellebrite for several years, and they will generally announce new capabilities in forums and discussion groups when the new software reaches the beta testing stage.
    So do they officially advertise they can do it?
  24. hornlovah's Avatar
    CrackBerry Abuser

    Posts
    220 Posts
    #149  

    Default

    Quote Originally Posted by belfastdispatcher View Post
    So do they officially advertise they can do it?
    LOL. The post in question was written by Cellebrite's Co-CEO, Ron Serber.
  25. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,683 Posts
    PIN
    27F48177
    #150  

    Default

    Quote Originally Posted by hornlovah View Post
    LOL. The post in question was written by Cellebrite's Co-CEO, Ron Serber.
    That's not what I asked, we all know how prone to making wild promises CEOs are. Can they do it? Is their product advertised as they can do it? Personally the media would've been all over it if it was possible.
Page 6 of 7 FirstFirst ... 34567 LastLast

Similar Threads

  1. just a thought about verizon
    By gtpx02 in forum Storm OS Discussion
    Replies: 30
    Last Post: 04-03-2009, 06:57 AM
  2. Just an FYI about future leaks....
    By onlyonepost in forum Storm OS Discussion
    Replies: 149
    Last Post: 03-08-2009, 06:46 AM
  3. Replies: 7
    Last Post: 01-15-2009, 05:09 PM
  4. I just realized something about my 8830 WE
    By zaydaboss in forum BlackBerry 8830 WE
    Replies: 9
    Last Post: 06-25-2008, 02:41 PM
  5. Cool featire i just found out about!
    By btownsoccerstud in forum BlackBerry Curve 83xx
    Replies: 3
    Last Post: 03-17-2008, 10:32 AM

Posting Permissions