1. cbnoob's Avatar
    Ok... So you have a BES configured BB that now has defaults you can't change. One of which is a very annoying timeout that requires you to re-enter your password after every 15 minutes of inactivity.

    Is anyone aware of an app that will generate simulated activity to keep the password timeout from kicking in?

    One that has a user selectable time frame for the burst of activity would be better than something that unnecessarily eats battery life by running continuously...

    Anyone?
    Last edited by cbnoob; 12-12-08 at 10:16 PM.
    12-12-08 09:02 PM
  2. anon(153966)'s Avatar
    I'm sorry, but being a BES admin, I hate seeing post like this.

    I've not seen one, and I hope they never make one. The security on the BlackBerry is to cover the business, NOT the user...

    I suggest having two devices, your own, and one for work. Thus yours you can download and install what you want, and not compromise your companies data...
    12-12-08 09:12 PM
  3. cbnoob's Avatar
    The security on the BlackBerry is to cover the business, NOT the user...
    Technology in a business environment should exist to "enable" business, not to deter it at the whim of administrators who only view business solutions [like the blackberry] from a purely technical standpoint.

    Likewise security settings should be configured to provide protection that is balanced against the actual risk. Fort Knox security shouldn't be deployed just because the BES server config allows it.

    Case in point... Consider a blackberry setting that requires a strong password with an alpha numeric password combined with a draconian password timeout, which results in a traveling user having to take both hands off the wheel while driving to unlock the device every few minutes just to do quick checks of email or messaging status.

    Which is more likely...

    A. That this setting will cause unnecessary accidents resulting in potential physical and property damage and/or loss of life?

    or

    B. That someone that knows a little bit about the blackberry and how to use google will wipe the device, unlock it, and sell it on eBay?

    or

    C. That if a Non-DOD/CIA/NSA blackberry used by a normal everyday worker bee is accidentally left behind somewhere, a criminal mastermind will nab it before the timeout period, have the where with all to exploit all sensitive data it contains (if any), and send the company into bankruptcy by selling said data to unscrupulous competitors?

    In order of probability... I'd say A. is the most likely... B. is within the realm of remote possibility... and C. (which is the scenario "imagined" by most administrators), is drastically less than the same user's probability of being hit by lightning.

    ***********

    If a phony activity generator doesn't exist, I'm sure that it will if administrators like yourself don't start balancing security against "actual" rather than "imagined" risk.
    12-12-08 09:54 PM
  4. amazinglygraceless's Avatar
    First, you shouldn't be driving and checking your email or messaging
    status. Pull off the road for a few minutes and do everyone else
    on the road a favor.

    Second, the company owns the phone. If you do not like the
    "Draconian IT Policy" your company implements, buy your own
    phone. If you are not willing to do that and are not prepared to
    leave your present job, get over it.
    12-12-08 09:56 PM
  5. cjcarbone's Avatar
    Yea, basically what navi and AG said. It is the companies property, and, therefore, you unfortunately have no say in it.
    12-12-08 09:58 PM
  6. cbnoob's Avatar
    You also shouldn't talk on the cell phone, listen to or change the radio station, take your eye's off the road to look in the rear view and see what your 3 yr old is doing in the back seat, etc... while driving either. But there's imaginary land, and then there's the place where the rest of us live called reality...

    Instead of just doing the mindless lemming lockstep of saying your IT department made the decision so it MUST be the right decision... Why not enlighten me with what the risk analysis is between a 5 minute timeout and a 15? Or between a 15 minute and a 30 minute timeout? Or for that matter between a 30 minute timeout and the maximum 1 hour timeout?

    Or is the answer just a mind numbing : "Shorter is better... Duh... Because it's shorter..." ?
    Last edited by cbnoob; 12-12-08 at 10:14 PM.
    12-12-08 10:12 PM
  7. amazinglygraceless's Avatar
    Instead of just doing the mindless lemming lockstep of saying your IT department made the decision so it MUST be the right decision...
    Not going to address the vapidness of the driving diatribe.

    No one said the IT departments decision was right. It is the one they made.
    You still are left with 2 choices. Your own phone or different employment.
    Simple as that. Oh and yeah you can continue to rant to a bunch of people
    with no facility to aid your current crisis. Good luck with that.
    12-12-08 10:19 PM
  8. cbnoob's Avatar
    You don't have the ability to provide a logical answer, so of course the question must be a vapid diatribe...

    And because someone has the audacity to question you at all, means they must be in a mental crisis...

    Symptoms that some might call a narcissistic god complex. Good luck with that...

    I asked if anyone knew of a very low tech solution to alleviate what appears to be a widespread issue of overkill password timeouts, set by overzealous administrators that can't even justify their position as to what level of risk justifies a 5-15-30-60 min timeout.

    If you're only response is to parrot that security for the sake of security is good regardless of it's effect on business productivity. Then don't cry when someone asks how to defeat what is apparently an indefensible position on policy.
    Last edited by cbnoob; 12-12-08 at 10:59 PM.
    12-12-08 10:44 PM
  9. cbnoob's Avatar
    With a quick google search, I found 5 different small footprint scripts/executables that can fake keyboard activity on a wintel pc to defeat password protected screensaver timeouts, (I'm sure there are a lot more). So the basic concept shouldn't be all that hard to port to a blackberry app...

    One thread even claimed that simply looping music or video on Windows Media Player while muted (or unmuted) would prevent the password protected screen saver from activating. So maybe it doesn't even require a specialized app, maybe it's just a matter of executing an existing app that simulates activity as an unplanned side effect...?
    12-12-08 11:39 PM
LINK TO POST COPIED TO CLIPBOARD