07-25-11 05:12 PM
75 123
tools
  1. ibigberries's Avatar
    It's so secure that countries like India, Saudi Arabia, UAE, Russia, China etc. have had to make deals with RIM because their governments had trouble accessing encrypted info.
    05-28-11 03:08 PM
  2. belfastdispatcher's Avatar
    It's so secure that countries like India, Saudi Arabia, UAE, Russia, China etc. have had to make deals with RIM because their governments had trouble accessing encrypted info.
    In all seriousness, governments should have access to all data, how would we expect them to solve any crime if they didn't? Some will abuse it yes, it's a risk.

    Posted from my CrackBerry at wapforums.crackberry.com
    05-28-11 03:24 PM
  3. IAmBBJosh's Avatar
    The devices themselves are secure, yes, but as I said, a locked down device is useless if your data is stored on a server which may not be secure, so I ask again: Is BIS secure? Is data stored on it encrypted? How much data is retained and for how long?
    05-28-11 03:48 PM
  4. Reed McLay's Avatar
    The question is, how secure is Reseach in Motion's Network Operations Center?

    The majority of the time, email passes through the NOC without being saved in the process. It is only when the destination device is not connected that messages are being saved until they can be pushed out.

    Hack RIM? Good luck with that, it is all proprietary.
    IAmBBJosh likes this.
    05-28-11 04:43 PM
  5. ibigberries's Avatar
    In all seriousness, governments should have access to all data, how would we expect them to solve any crime if they didn't? Some will abuse it yes, it's a risk.

    Posted from my CrackBerry at wapforums.crackberry.com
    I agree. I'm not saying they shouldn't
    05-29-11 01:32 AM
  6. euro2low's Avatar
    this secure:
    05-29-11 09:32 AM
  7. SRR500's Avatar
    ^^ not very secure if it's left open and unattented.

    Posted from my CrackBerry at wapforums.crackberry.com
    05-29-11 12:38 PM
  8. ishrat75's Avatar
    blackberry is most secure and reliable.
    05-29-11 12:46 PM
  9. IAmBBJosh's Avatar
    The question is, how secure is Reseach in Motion's Network Operations Center?

    The majority of the time, email passes through the NOC without being saved in the process. It is only when the destination device is not connected that messages are being saved until they can be pushed out.

    Hack RIM? Good luck with that, it is all proprietary.
    Proprietary =/= security, merely security by obscurity.

    Good to know this isn't a server with all our e-mails on it though.
    05-30-11 02:06 PM
  10. Dapper37's Avatar
    just ask all the celebrities that had their text messages hacked by News Corp's New York Times reporter. For more gossip in their rags. They were the few cleb's that don't use BB. I believe they started!!
    05-30-11 02:19 PM
  11. Branta's Avatar
    Proprietary =/= security, merely security by obscurity.

    Good to know this isn't a server with all our e-mails on it though.
    Ultimately all security relies on the obscurity and secrecy of one or more components.
    IAmBBJosh likes this.
    05-30-11 03:33 PM
  12. Branta's Avatar
    The devices themselves are secure, yes, but as I said, a locked down device is useless if your data is stored on a server which may not be secure, so I ask again: Is BIS secure? Is data stored on it encrypted? How much data is retained and for how long?
    Data is as secure as the weakest point of the transmission system. For most BlackBerry users that means email is the most vulnerable part of PIM data. The most secure element of email is usually the BIS stage between recipient mail server and mobile device, and this seems to be no less secure than other commercially available smartphones.

    If data security against third party interception or monitoring is important it is essential to use good quality end-to-end encryption. It is pointless to worry about mobile device security when the previous elements of the transmission chain are (a) plaintext, and (b) archived on several intermediate servers. It is not even worth thinking about security if one of the mail servers is owned by Google with its history of privacy violations.
    IAmBBJosh likes this.
    05-30-11 03:53 PM
  13. Branta's Avatar
    So BlackBerry's AES encryption of data stored on the device and media card is NOT secure? "Authorities" can crack AES encryption?

    Posted from my CrackBerry at wapforums.crackberry.com
    Easy. In the developed western world the judge orders you to disclose, and you can sit in that little room until you either reveal the password or die of old age. If you're a potential terrorist suspect you get a more intensive interrogation.

    In the third world... start talking, or you and your family face consequences too horrible to consider.
    05-30-11 04:02 PM
  14. T
    Easy. In the developed western world the judge orders you to disclose, and you can sit in that little room until you either reveal the password or die of old age. If you're a potential terrorist suspect you get a more intensive interrogation.

    In the third world... start talking, or you and your family face consequences too horrible to consider.
    "No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation."

    -- U.S. Constitution, Fifth Amendment

    But okay, based upon your stated location, you're a British subject. (In any case, don't feel bad. If it weren't for guns, even I would be a British subject.)
    05-30-11 08:12 PM
  15. mimik128's Avatar
    Sorry 2 brake the train off thought but I've read all the 101 lectures and I still would like 2 know more on security and everything bb how can I acquire that kind of know how????

    Posted from my CrackBerry at wapforums.crackberry.com
    05-30-11 10:36 PM
  16. KoolKeyth5's Avatar
    I've always heard that the BlackBerry is the most secure device out. I haven't read any stories about any BlackBerry getting hacked.
    05-31-11 05:33 PM
  17. IAmBBJosh's Avatar
    BlackBerries have been hacked. A BlackBerry Torch was hacked through an exploit in the Webkit browser very recently.

    BIS services are not encrypted all the way through the communication process, only BES is.

    From what I understand, there's not much encryption on data sent through WiFi networks either. At least, I've not read of it and when hooked up to my router my BB shows an unlocked padlock in the browser.

    A standard consumer BlackBerry is secure, yes. But it's nowhere near as secure as you may believe.

    As for Google, they need to mine your data to make money, but the data they hold is stored very safely and, from what I understand, it isn't linked to a perticular individual but an IP address and a cookie. Of course, if you use GMail, Google Docs, and other Google services, they'll have more information on you than they would otherwise, but they do seem to take privacy seriously.
    Last edited by IAmBBJosh; 05-31-11 at 05:58 PM.
    05-31-11 05:54 PM
  18. belfastdispatcher's Avatar
    BlackBerries have been hacked. A BlackBerry Torch was hacked through an exploit in the Webkit browser very recently.

    BIS services are not encrypted all the way through the communication process, only BES is.

    From what I understand, there's not much encryption on data sent through WiFi networks either. At least, I've not read of it and when hooked up to my router my BB shows an unlocked padlock in the browser.

    A standard consumer BlackBerry is secure, yes. But it's nowhere near as secure as you may believe.

    As for Google, they need to mine your data to make money, but the data they hold is stored very safely and, from what I understand, it isn't linked to a perticular individual but an IP address and a cookie. Of course, if you use GMail, Google Docs, and other Google services, they'll have more information on you than they would otherwise, but they do seem to take privacy seriously.
    It wasn't exactly hacked, first of all they had to navigate to a certain website to initiate the attack and second, all they could get was contacts and images and if those would be encrypted on the device they wouldn't be any good to the attacker.

    And all this assuming the device wasn't password protected that wipes all the data after a number of failed password attempts.
    05-31-11 06:17 PM
  19. RHCE's Avatar
    If you wanna know how secure it is lemme tell you right now in the simplest terms its more secure than android iOS palmOS and any other specially motorola who said they were attacking RIM in that department which will drive a stake in motorola chest
    05-31-11 06:43 PM
  20. otacon#AC's Avatar
    I have my device memory encrypted at the strongest level including contacts and media files along with my media card as well. It's a no brainer why not have the information encrypted? A fully encrypted BB is 100x more secure than any iOS or Android device.
    05-31-11 07:00 PM
  21. T
    I have my device memory encrypted at the strongest level including contacts and media files along with my media card as well. It's a no brainer why not have the information encrypted? A fully encrypted BB is 100x more secure than any iOS or Android device.
    Absoloutely! I have mine set up the same way.
    trsbbs likes this.
    05-31-11 07:06 PM
  22. IAmBBJosh's Avatar
    It wasn't exactly hacked, first of all they had to navigate to a certain website to initiate the attack and second, all they could get was contacts and images and if those would be encrypted on the device they wouldn't be any good to the attacker.

    And all this assuming the device wasn't password protected that wipes all the data after a number of failed password attempts.
    Well the device navigates to a website and the website then, without any interaction from the user, runs code on the BlackBerry which steals data from it. I don't get how that isn't hacking.

    You are right about the encryption, though. I have my files encrypted at the strongest setting on my device and memory card, except for media files, because then you can't select your own ringtone, it makes it hard to move media from the BB to my computer, and TBH I don't care too much about anyone getting into my media anyway.

    That said, my iPhone has hardware level 256bit AES which encrypts all user data on the fly as it's locked and unlocked.

    The least secure platform is probably Android, which has no encryption options at all thus far (though Google have stated they're adding more security so they can sell the platform to businesses).
    06-01-11 04:02 AM
  23. belfastdispatcher's Avatar
    Well the device navigates to a website and the website then, without any interaction from the user, runs code on the BlackBerry which steals data from it. I don't get how that isn't hacking.

    You are right about the encryption, though. I have my files encrypted at the strongest setting on my device and memory card, except for media files, because then you can't select your own ringtone, it makes it hard to move media from the BB to my computer, and TBH I don't care too much about anyone getting into my media anyway.

    That said, my iPhone has hardware level 256bit AES which encrypts all user data on the fly as it's locked and unlocked.

    The least secure platform is probably Android, which has no encryption options at all thus far (though Google have stated they're adding more security so they can sell the platform to businesses).
    How do you get somebody to navigate to that particular website though? Password locked or not a hacker that gets his hand on an iphone or android can get in them and take the info, with a blackberry he can't.
    I'm confident if my blackberry gets stolen all my info is safe.
    I think the next models will be even safer as they have 8gb of internal storage, plenty space to keep photos and videos.

    Posted from my CrackBerry at wapforums.crackberry.com
    06-01-11 04:16 AM
  24. IAmBBJosh's Avatar
    How do you get somebody to navigate to that particular website though? Password locked or not a hacker that gets his hand on an iphone or android can get in them and take the info, with a blackberry he can't.
    I'm confident if my blackberry gets stolen all my info is safe.
    I think the next models will be even safer as they have 8gb of internal storage, plenty space to keep photos and videos.

    Posted from my CrackBerry at wapforums.crackberry.com
    Phishing has been working for ages now, it's easy to send a fake e-mail which looks like it's from RIM and trick people into clicking a link.

    Besides, big websites get hacked and have malicious code inserted into them from time to time, and third party ad systems - even the ones reputable companies use - are always having malware carrying ads served up in them. I experienced this recently myself, though luckily I'm on a Mac and any malware needs an admin password before it can touch my system.

    It would be trivial to insert the code for hacking a BlackBerry in this fashion into a dodgy ad and have that ad put up on all sorts of websites.

    The iPhone passcode system is fairly secure. Not as locked down as the BlackBerry system, but still fairly secure. You've got to jailbreak the phone to get around it, and to do that on a phone you don't know the code to, you need to restore it anyway. Not to mention that I can remotely locate and wipe my iPhone, and while I can do that with BlackBerry Protect, BBP does not work on devices with encryption turned on, making it useless.
    06-01-11 04:34 AM
  25. belfastdispatcher's Avatar
    Phishing has been working for ages now, it's easy to send a fake e-mail which looks like it's from RIM and trick people into clicking a link.

    Besides, big websites get hacked and have malicious code inserted into them from time to time, and third party ad systems - even the ones reputable companies use - are always having malware carrying ads served up in them. I experienced this recently myself, though luckily I'm on a Mac and any malware needs an admin password before it can touch my system.

    It would be trivial to insert the code for hacking a BlackBerry in this fashion into a dodgy ad and have that ad put up on all sorts of websites.

    The iPhone passcode system is fairly secure. Not as locked down as the BlackBerry system, but still fairly secure. You've got to jailbreak the phone to get around it, and to do that on a phone you don't know the code to, you need to restore it anyway. Not to mention that I can remotely locate and wipe my iPhone, and while I can do that with BlackBerry Protect, BBP does not work on devices with encryption turned on, making it useless.
    Yeah, that's what I was referring to, jailbreaking and rooting, after you do that I believe you can still recover data.

    I much prefer to rely on the wipe that is done after the wrong password is entered too many times. Remote wipe sounds fancy but in reality all one have to do is remove the simcard from the device and the remote wipe is not possible anymore. It's a bit of a false sense of security.

    Posted from my CrackBerry at wapforums.crackberry.com
    06-01-11 04:49 AM
75 123
LINK TO POST COPIED TO CLIPBOARD