1. Knightcrawler's Avatar
    Montreal mafia ring cracked by Quebec police reportedly thanks to BlackBerry messages | Toronto Star

    MONTREAL�Police in Quebec have arrested about 30 people they say are linked to a mafia outfit that flourished in the province�s underworld following the arrest of former godfather Vito Rizzuto.
    Police in the cities of Gatineau, Montreal, Laval and Quebec City carried out the raids early Thursday morning and said those arrested are linked to two mafia cells led by Giuseppe �Ponytail� De Vito, a leading figure in the Montreal underworld who was arrested on drug and gangsterism charges in 2010. De Vito, an associate of the Rizzuto clan, was discovered dead in his prison cell last year, killed by what the provincial coroner determined was cyanide poisoning.
    Rizzuto died in a Montreal hospital in 2013, hours after complaining he felt ill at a party.
    A number of reports citing police sources said that the investigation that led to the arrests relied heavily on intercepted BlackBerry messages of a number of individuals.
    The RCMP plans to release additional details about the arrests at an 11 a.m. news conference.
    It doesn't say what type, so im assuming they weren't BBM messages, but just text messages. Or perhaps they were using the local starbucks' wifi.
    Supa_Fly1 likes this.
    06-12-14 10:02 AM
  2. ronfc's Avatar
    One thing's for sure: they aren't on BES.
    bungaboy likes this.
    06-12-14 10:15 AM
  3. Dunt Dunt Dunt's Avatar
    I understand that BBM is not really all that secure... same key is used for all devices and messages. So how hard would it be for the government to have someone to decrypt BBM messages that have for years been the tool of choice for those wanting to avoid the police.

    Of course most likely there were a few guys in the gang that wanted a device that had apps and was fun to use - and BBMx was not reliable. So everyone had to revert to regular text messages in order to communicate.

    BlackBery needs to get this clarified, or they might lose another one of their "niches".
    Q10Bold and Jack Donovan1 like this.
    06-12-14 10:24 AM
  4. Bla1ze's Avatar
    I understand that BBM is not really all that secure... same key is used for all devices and messages. So how hard would it be for the government to have someone to decrypt BBM messages that have for years been the tool of choice for those wanting to avoid the police.

    Of course most likely there were a few guys in the gang that wanted a device that had apps and was fun to use - and BBMx was not reliable. So everyone had to revert to regular text messages in order to communicate.

    BlackBery needs to get this clarified, or they might lose another one of their "niches".
    It's not even that in depth. If I have your device and open your BBM well, OBVIOUSLY I can read them lol. If you never clear that crap out then there's no security at all.
    06-12-14 10:29 AM
  5. Q10Bold's Avatar
    Oh...

    Posted via Q10Bold
    06-12-14 10:32 AM
  6. Bla1ze's Avatar

    India is a bit of an odd bird though thanks to their agreement with BlackBerry and running their own servers in the country. They have to offer as much interception as possible. It's stupid to assume BBM (and even BIS) is secure when not coupled with a BES, even BlackBerry says as much in a bit of a friendlier tone lol.


    "The lawful access capability now available to BlackBerry's carrier partners meets the standard required by the government of India for all consumer messaging services offered in the Indian marketplace,” the company said in a statement.

    “We also wish to underscore, once again, that enabling lawful access does not extend to BlackBerry Enterprise Server," the statement added.
    06-12-14 10:33 AM
  7. theRock1975's Avatar
    One thing's for sure: they aren't on BES.
    Dear Mafiosos of Montreal. You should install BES10.


    Posted via CB10
    06-12-14 11:10 AM
  8. jr4941's Avatar
    Dear Mafiosos of Montreal. You should install BES10.


    Posted via CB10
    And eBBM
    06-12-14 11:16 AM
  9. MrGlenn's Avatar
    It says Pin to Pin messaging. That does not mean BBM right? Or do those messages go through the same servers (and encryption, if any)?
    If they do not I can imagine it would already be a lot easier to intercept those.

    BlackBerry 10 signed.
    06-12-14 11:16 AM
  10. raino's Avatar
    Alright, who snitched and showed their group chat to 5-0?
    06-12-14 11:28 AM
  11. Bla1ze's Avatar
    It says Pin to Pin messaging. That does not mean BBM right? Or do those messages go through the same servers (and encryption, if any)?
    If they do not I can imagine it would already be a lot easier to intercept those.

    BlackBerry 10 signed.
    PIN to PIN should never be used if security is a concern. Heck, the Canadian Government even issued warnings against it lol.

    PIN-to-PIN Security Issues

    PIN-to-PIN messaging is typically faster than the normal e-mail process as the message passes through fewer servers and infrastructure components. For this reason, PIN-to-PIN messages are also useful for emergency communications in situations where the departmental e-mail servers are down, but the wireless service provider and RIM relay are still available. However, if the wireless carrier's cellular network (e.g., Rogers, Bell, etc.) is also down, then PIN-to-PIN messaging will also be unavailable. Unfortunately, PIN-to-PIN messaging suffers from several important security vulnerabilities that GC users should be aware of:

    1. PIN-to-PIN transmission security: PIN-to-PIN is not suitable for exchanging sensitive messages. Although PIN-to-PIN messages are encrypted using Triple-DES, the key used is a global cryptographic "key" that is common to every BlackBerry device all over the world. This means any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device, if the messages can be intercepted and the destination PIN spoofed. Further, unfriendly third parties who know the key could potentially use it to decrypt messages captured over the air. Note that the "BlackBerry Solution Security Technical Overview" [1] document published by RIM specifically advises users to "consider PIN messages as scrambled, not encrypted".
    2. PIN Address Vulnerability: A BlackBerry device that has been used for PIN messaging should not be recycled for re-use. The reason is that the hard-coded PIN cannot be erased or modified, and therefore the PIN does not follow a user to a new device. Even after memory wiping and reloading, the BlackBerry device still has the same PIN identity and will continue to receive PIN messages addressed to that PIN. This can expose unsuspecting users of BlackBerry devices to potential information compromise in the following ways:
      • A new owner of the recycled BlackBerry device could view PIN messages sent from a colleague of the previous owner who is unaware that the message is now going to the wrong recipient (recall that the PIN is a device ID, and not a user ID).
      • A message sent by the BlackBerry device's new owner contains a known PIN credential which might be mistakenly accepted as being from the previous owner (impersonation).

    3. Bypass of Virus/Malware Scanning and Spam Filtering mechanisms: As described previously, PIN-to-PIN messaging bypasses all corporate e-mail security filters, and thus users may become vulnerable to viruses and malware code as well as spam messages if their PIN becomes known to unauthorized third parties.

    http://www.cse-cst.gc.ca/its-sti/pub...sb57b-eng.html
    06-12-14 11:30 AM
  12. StephanieMaks's Avatar
    I read that 'El Chapo' was caught or at least tracked by his Blackberry as well...
    Patrick Radden Keefe: Catching the World’s Most Notorious Drug Lord : The New Yorker

    "...But the BlackBerry is made by a Canadian company, and Guzm�n felt more comfortable using one. This trust was misplaced: by early 2012, the D.E.A. had homed in on Guzm�n’s BlackBerry, and could not only monitor his communications but also use geolocation technology to triangulate his signal."
    06-12-14 11:33 AM
  13. xchange's Avatar
    Why are a couple of you guys saying that BES is immune to court ordered intercepts?
    bungaboy likes this.
    06-12-14 11:58 AM
  14. peter0328's Avatar
    Why are a couple of you guys saying that BES is immune to court ordered intercepts?
    Because with BES 5 or BES 10 and eBBM, messages within the organization are encrypted with a key unique to the BES deployment. Only the company deploying the BES has the decryption key.

    Posted via CB10
    theRock1975 likes this.
    06-12-14 12:27 PM
  15. Bla1ze's Avatar
    Why are a couple of you guys saying that BES is immune to court ordered intercepts?
    It's not but your security is increased with BES and unless logging has been explicitly been enabled on the BES server a lot of what happens can't be decrypted, it disappears into the ether of 1's and 0's. BlackBerry maintains no control over BES installs, what happens on them is the responsibility of the users and only the Admins can control the logging. Police can have all the access they want, very little can be gleaned from a truly locked down BES server. We're not talking Government based systems or anything like that, they tend to enable logging due to data retention rules and such. A smart criminal would have a BES locked tight, no logging, and set very stringent IT policies. But alas, I don't think Rocky on the corner slangin crack is getting a BES lol.
    06-12-14 12:27 PM
  16. vpblaze's Avatar
    So here is my question.
    For the average BB user, who doesn't have his BB on BES, what is secure on his device? Is BBM secure?

    Scribbled on my Note 3 then magically translated into readable words using Tapatalk
    06-12-14 12:27 PM
  17. zhekov's Avatar
    All smart phone App's are tracking Viber , WhatApp etc. and BBM either.
    Are you thinking BBM and BlackBerry Services can't be track ... ? Come on don't be silly gays .

    Sent from my BlackBerry 9900 using Tapatalk
    06-12-14 12:32 PM
  18. Dave79's Avatar
    It's not but your security is increased with BES and unless logging has been explicitly been enabled on the BES server a lot of what happens can't be decrypted, it disappears into the ether of 1's and 0's. BlackBerry maintains no control over BES installs, what happens on them is the responsibility of the users and only the Admins can control the logging. Police can have all the access they want, very little can be gleaned from a truly locked down BES server. We're not talking Government based systems or anything like that, they tend to enable logging. A smart criminal would have a BES locked tight.
    I'm sure there are back-doors built in for the right people..
    06-12-14 12:33 PM
  19. Dave79's Avatar
    So here is my question.
    For the average BB user, who doesn't have his BB on BES, what is secure on his device? Is BBM secure?
    For the average use BlackBerry is as secure as Android.
    vpblaze likes this.
    06-12-14 12:34 PM
  20. Bla1ze's Avatar
    I'm sure there are back-doors built in for the right people..
    Is that why the NSA has been working on making their own backdoors? IF there was a backdoor, wouldn't they just use that instead of trying to circumvent the system on their own? You don't tend to waste resources trying to crack something that already has a crack in it IMO, but who knows.
    06-12-14 12:35 PM
  21. ssbtech's Avatar
    Should have been using iMessage is security was a concern
    06-12-14 12:37 PM
  22. THBW's Avatar
    Why are a couple of you guys saying that BES is immune to court ordered intercepts?
    No kidding. It's not rocket science guys,
    06-12-14 12:51 PM
  23. MarsupilamiX's Avatar
    Innocent lives >>>>> criminal's privacy
    Until you are falsely accused of a crime you didn't commit...

    Posted via CB10
    vpblaze and CMcRob like this.
    06-12-14 12:53 PM
  24. Dave79's Avatar
    Is that why the NSA has been working on making their own backdoors? IF there was a backdoor, wouldn't they just use that instead of trying to circumvent the system on their own? You don't tend to waste resources trying to crack something that already has a crack in it IMO, but who knows.
    Perhaps that's what they like you to think.
    06-12-14 12:54 PM
  25. Bla1ze's Avatar
    Perhaps that's what they like you to think.
    Perhaps. The NSA is into everything. I hope they enjoy my sexts lol.
    06-12-14 12:58 PM
79 123 ...

Similar Threads

  1. Limit to Number of SMS recipients
    By Appalbarry in forum BlackBerry Z10
    Replies: 10
    Last Post: 07-10-14, 07:00 PM
  2. Shopping for a new Blackberry
    By TheQuietRioter in forum General BlackBerry News, Discussion & Rumors
    Replies: 7
    Last Post: 06-13-14, 09:05 AM
LINK TO POST COPIED TO CLIPBOARD