1. RealDeal83's Avatar
    We have a bunch of Blackberrys on a BES Express at my work which I am responsible for. Sometimes it has been necessary to have users switch devices. I seem to have found a glaring security issue with BBM contact list during transfers. Hopefully I can explain it below, bear with me.

    Using Desktop manager I transfer User A from one device to another, wipe User A's old device and transfer it to User B. This is all done with Desktop Manager which as I understand it is suppose to update your PIN to all your contacts. The issue occurs if User A and User B have a shared contact and that contact has a chat still open with User A. If the contact messages User A using the open chat after the transfer, User B will receive it.

    This issue occured most recently when I replaced our CEO's blackberry and I took over use of his old one, I then started receiving messages from a manager that were intended for the CEO. Hence the security issue. Upon investigation I found that the manager had not ended his chat and this seems to be the cause.

    Anyone else notice this behavior?
    12-02-11 11:20 AM
  2. trucky's Avatar
    I haven't heard of this yet but it sounds like a good reason to add another item to your "pre-switch" checklist.
    12-02-11 01:16 PM