1. prometheus's Avatar
    Does anyone have any advice on how to ensure that all forms of communication on my BB (calls, email, SMS, BBM) can't be monitored by anyone? I desire complete privacy from prying eyes and ears - any advice? Also, I may traveling outside of the Unites States. Any advice on maintaining privacy and security of my communications using my BB in foreign countries would be appreciated. Thank you.
    10-17-08 07:11 PM
  2. 88 FLUX's Avatar
    hate to tell you but when you are using any type of device that works over RF, there is no solid and complete way of ensuring security. that's just the nature of the beast. but you can feel secure in knowing that BlackBerrys have much more intense security features than any other device out there.

    if you are looking for something that is 100% guaranteed to never have any sort of potential privacy issues, a cell phone is never going to satisfy that.
    10-17-08 07:14 PM
  3. prometheus's Avatar
    I found some interesting tid-bits of information in other places in the forum and thought I'd get the ball rolling. Here's what other users had to say on the subject of privacy / communication... I am cutting and pasting other users comments and since I don't have their permission to quote them I will leave their names off of the quotes. The following was gathered from other places in Crackberry and I thought it would be a good lauching board to start the conversation.... and to gather other good observations and advice.

    someone said:
    You would have to look at both the physical and virtual security of the device. Physically it could very well end up stolen, and if this [traveler did] not password his device, depending on what is on the phone, he could [have his privacy compromised], not to mention being out a BB in another country. On the virtual side, voice communication could still be watched, and for e-mails and such, they might be secured by RIM, but it all depends on just how badly [prying eyes and ears] wants to get the information on the phone, as it must be possible.

    someone else said:
    I myself started thinking if [someone seeking private communication] had a GMAIL/YAHOO account, then perhaps [prying eyes and ears] can go directly to google or yahoo instead of going through RIM. But if a person were to go through a BB email from the provider, would it still be safe for them? Is blackberry messenger a secure way to chat? I would hope it would be secure knowing a lot of companies and big bluechip corporations use the blackberry, if there were secret documents being transmitted by major corporations, then an insider at RIM would be a millionaire doing insider trading. Its very interesting really but there is no way to really secure email. Would there be 3rd party software that can safely secure the berry? perhaps sharing a private key prior to entering the country? I think its time for RIM to provide a statement on security by using their products.


    someone else said:
    Is there a version of PGP availabe for the BB? That would be one way of securing e-mail at least, assuming that the actual BB was not compromised.

    someone else said:
    Voice conversations are not secure but the email sent thru Blackberry is with no doubt! RIM's email security has not be broken, period.

    someone else said:
    It is only secure when the end-end path remains entirely within a single domain's BES servers. As soon as it goes out to internet it will be decrypted. Think about it, you can't send BB cypherContent to my PC and expect I will be able to convert to plaintext. If BIS or externally route email MUST be secure, look at PGP or some similar grade of encryption.

    someone else said:
    I use double ROT13 encryption, end to end. If you can read this then your decryption is spot on. flapsync, baby

    someone else said:
    It is worth remembering that any email can come back and haunt you, sometimes a very long time after you sent it. Either by intercept, or by it being discovered at the other end. All voice transmissions are subject to intercept, should [someone] want to. Some of the recent terrorists in the UK were using Hotmail boxes to leave messages for each other, but leaving them in the drafts folder, rather than sending them. Why do you think that was?
    The answer may well be encryption, but the penalties for not divulging an encryption key can themselves be severe. In short, assume nothing is truly secure should [someone] want to find out what it is.

    someone else said:
    Apparently, agencies of the many governments think that [blackberries are] safe enough for their use...It's safer on the BES. Data communications are encrypted end-to-end.

    somone else said:
    (on the topic of security and generally related to int'l travel)
    Blackberries were the only communications devices that worked in lower Manhattan after 9/11. That is one of the reasons I prefer them over competing devices. I would recommend photographing your passport and visas on your Blackberry as well as carrying multiple paper copies. Also take a bunch of extra passport photos. Check in with your embassy when you get to the country you are going to and let them know where you are going to be. Give them your number, email address and PIN and record theirs. Take a good supply of water purification tablets and get necessary innoculations in advance. Get an HIV test and carry the results with your other travel documents. (Some countries are slightly crazed about HIV) Take a international power converter kit with you. In some countries different converters may be needed in different parts of the same country. Carry a couple extra batteries. You might want the high capacity type. Take extra memory cards. Assume your communications are monitored.


    That's it for the "quotes"

    My thanks to all of the contributor's who have shared your knowledge and opinions. My apologies if the quote was edited too much. My intention was to make the information as general as possible so I edited some remarks in [ ] brackets. my apologies if your original information was altered against your desire.

    I have no expertise to add here and will just be an observer of this thread from this point forward and not a contributor. Thank you in advance for all of your help.
    Last edited by alex1; 10-18-08 at 12:03 AM.
    10-17-08 07:35 PM
  4. Branta's Avatar
    Does anyone have any advice on how to ensure that all forms of communication on my BB (calls, email, SMS, BBM) can't be monitored by anyone?
    You can't protect voice calls or SMS, they are always accessible to be monitored by those with the right access.

    BBM is more or less impossible to secure unless both participants are using the same BES server.

    You have already discussed the email issues in another thread. There is nothing I can add to advice already offered.
    10-17-08 07:40 PM
  5. benzworm's Avatar
    i thought i saw this in a different thread...
    10-17-08 07:43 PM
  6. prometheus's Avatar
    i thought i saw this in a different thread...
    It may have been discussed in a different thread, my desire is to consolidate all of the info related to this subject in one easy-reference place.

    When I did a forum search the info was all over the place and device specific. I thought putting it under "general discussion" would get more participation.
    10-17-08 07:51 PM
  7. GapBoyPCS's Avatar
    i thought i saw this in a different thread...
    You mean this one?
    10-17-08 08:09 PM
  8. benzworm's Avatar
    You mean this one?

    why yes, yes i do!
    10-17-08 08:16 PM
  9. prometheus's Avatar
    why yes, yes i do!
    I love your sense of humor. Truly I do, but let's play nice.
    10-17-08 08:22 PM
  10. benzworm's Avatar
    i am playing nice. if i was into slinging mud i would have joined in to the other thread where people were cutting each other down every post. i just am not a fan of breaking the rules, and double posts are against the rules.
    10-17-08 08:32 PM
  11. benzworm's Avatar
    this is how the mods wrote it up

    Cross/Double Posting
    Please post to the MOST relevant forum. Double or cross forum posting or other attempts at flooding the forum with a stream of posts will be removed. If you find that you have posted in the incorrect forum, please contact a moderator to have it moved to the correct location.

    10-17-08 08:34 PM
  12. prometheus's Avatar
    this is how the mods wrote it up


    Please stick to the subjest of the thread - namely, privacy and security for all models, operating systems, and carriers.
    10-17-08 11:36 PM
  13. Disturbed_Angel's Avatar
    Thanks for quoting me, and I will add to it, as others have said, anything transmitted thorough the air can be intercepted, and once they (meaning any one that wants the info) get it, they have it, and can crack it at there convenience. Calls are deff not secure, and all the hacker would need is to know the e-mail account that the e-mail went through, and they could hack in to that server. Interesting topic though, interested in other peoples views of this.
    10-17-08 11:44 PM
  14. prometheus's Avatar
    Thanks for quoting me, and I will add to it, as others have said, anything transmitted thorough the air can be intercepted, and once they (meaning any one that wants the info) get it, they have it, and can crack it at there convenience. Calls are deff not secure, and all the hacker would need is to know the e-mail account that the e-mail went through, and they could hack in to that server. Interesting topic though, interested in other peoples views of this.
    ok. I'm confused on something here. I have a work email. call it alex@work.com I have a crackberry forum acct. I set it up on my personal preference page to forward all messages to alex@work.com - when I get a PM from a cb member they don't know they're sending their message to alex@work.com. all they know is they sent it to alex1. when I get an alert on my bb that I have a new message I ck my alex@work.com email and read the message. Now, if I reply to that person from my berry, the recipient sees the message coming from alex@work.com. But if I checked the message on the berry and then went back to crackberry.com to reply to the PM then the recipient would not be aware of what my email address is. You mentioned "all the hacker would need is to know the e-mail account that the e-mail went through, and they could hack in to that server." This made me think that if anyone intercepted either the first message to me or my reply thru cb to them the trace would lead back to cb and not my email account. I don't know if I'm using the correct phrase but I think as this as a "third party". Is there somewhere to hide one's email acct by sending messages thru a third party, to at least slow down decryption and make the hacker not only intercept a message and trace it to the third party but, then have to trace the third party's real identity. Sure, the contents of the message may have been snooped. But, at least the email acct wasn't compromised - did this make any sense?
    10-18-08 12:02 AM
LINK TO POST COPIED TO CLIPBOARD