1. BB Cobbler's Avatar
    BlackBerry is criminals' gadget of choice (2007)

    Police often say that organized crime in B.C. is big business.<br> So perhaps it was only a matter of time before gangsters here adopted the device of choice among corporate workaholics: the BlackBerry.


    I can not post links yet.


    I think that is is absolutely amazing that criminals now have nothing to fear when using BB's.

    All they have to do is set up a BES on their computer for their buds to use.

    With PIN, S/MIME and other security apps and features, law enforcement is powerless to stop them.

    Thoughts?

    p.s.- I am not condoning law breakage. I just want to start a thread about the criminal use of BB's and issues pertaining to law enforcement, interception, and forensics.
    12-23-09 08:01 PM
  2. jlsparks's Avatar
    They also use guns illegally obtained. And stolen vehicles. I don't follow your "logic"?
    EDIT: And if law enforcement has PC they can always subpoena records from Rackspace, etc.
    12-23-09 08:15 PM
  3. ComfortablyNumb's Avatar
    Well BB is great for running a business- legal or not apparently.
    12-23-09 08:22 PM
  4. AaronWasHere's Avatar
    Well of course, how many politicians do you think use Blackberry's?
    12-23-09 08:25 PM
  5. BB Cobbler's Avatar
    They also use guns illegally obtained. And stolen vehicles. I don't follow your "logic"?
    EDIT: And if law enforcement has PC they can always subpoena records from Rackspace, etc.

    I guess what I meant to say is that I am surprised that after all these years of law enforcement being able to intercept electronic communications...

    They are now impotent.

    As for a subpoena: anyone can run a BES out of their home and have it so encrypted that no forensics can be found.
    12-23-09 08:56 PM
  6. Tõnis's Avatar
    Poor, poor police! Underworked and overpaid is what they are: the biggest gang on earth.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-23-09 08:56 PM
  7. es_bih's Avatar
    Not the biggest gang on earth: they're not organized into a single entity.

    As far as corruption, well yes, but so is every other sector of society.

    A good chunk of them still perform vital functions for an ideal that is usually undermined.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-23-09 09:07 PM
  8. jlsparks's Avatar
    I guess what I meant to say is that I am surprised that after all these years of law enforcement being able to intercept electronic communications...

    They are now impotent.

    As for a subpoena: anyone can run a BES out of their home and have it so encrypted that no forensics can be found.
    Do you believe that if a terror organization, or organized crime network, was using encrypted communications that our fine uniformed (and uniformed) friends couldn't intercept? Do you think that NSA and other don't have the encryption algorithms for everything from satellite phones to RIM's DoD certs?
    12-23-09 09:08 PM
  9. Snarfler's Avatar
    I'd bet money that certain agencies can monitor just about anything out there.

    I can not post links yet.
    BlackBerry is criminals' gadget of choice
    12-23-09 09:15 PM
  10. Tõnis's Avatar
    Not the biggest gang on earth: they're not organized into a single entity.
    True, but they all live by their particular brand of gang creed where they cover for each other and their cronies, etc.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-23-09 09:19 PM
  11. oasissux's Avatar
    Do you believe that if a terror organization, or organized crime network, was using encrypted communications that our fine uniformed (and uniformed) friends couldn't intercept? Do you think that NSA and other don't have the encryption algorithms for everything from satellite phones to RIM's DoD certs?
    Yes, I believe they don't, if the proper software is used. PGP encryption layered on top of regular BB encryption is literally uncrackable. Peruse some mobile forensic sites. In fact, I haven't heard of a single verified account of anyone hacking even the password on current BBs, assuming there aren't back-ups littered all over the user's PC. If anyone knows otherwise, I'm all ears.
    12-23-09 09:34 PM
  12. Fuzzballz's Avatar
    I like to think there are some things the gub'ment can't get into. Even if those things are used by criminals.
    12-23-09 09:50 PM
  13. bluz's Avatar
    BB security is very difficult to decrypt,even for the security agencies.
    12-23-09 11:15 PM
  14. BB Cobbler's Avatar
    What is amazing to me is that if you have your own BES server in your room you could have all your friends on it and your emails will be totally secure.

    I think that PINs are off the record, too.

    Are their any AIM clients for BB that are secure like "Off the Record" for Adium?
    12-23-09 11:26 PM
  15. ace587's Avatar
    not surprised. Anything that wud hide their activities
    12-24-09 12:08 AM
  16. ocgreenmachine's Avatar
    True, but they all live by their particular brand of gang creed where they cover for each other and their cronies, etc.

    Posted from my CrackBerry at wapforums.crackberry.com
    I think you would have to assume that the majority if not all law enforcement are crooked for that logic to work... Just because there is comraderie in a profession where you trust your safety to coworkers in an environment where you have a target painted on your back whenever you go to work (I.e. Seattle officers) doesn't mean that your coworkers will allow you to break the law or otherwise shame the profession. Same applies to other professions such as the military.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-24-09 09:35 AM
  17. jlsparks's Avatar
    Typically when a high-density security algorithm is developed, it's simultaneously patented. The details of the encryption technology are retained as confidential/privileged by the US Trademark Office to protect what the company states to be trade secrets.

    However, most reputable developers, including PGP and RIM, will share their code will various law enforcement entitles. That information is retained as secured by each agency. In the event, for example, a call is placed from Kabul, Afghanistan to a mosque in Queens, NY, and the recipient or the caller is a target (or the call otherwise kicks in a trigger based on source, destination, time of day, etc), the intercepting agencies (in this case likely NSA for the US) decryption systems will kick in and attempt to decrypt into "plain text" the voice call. If the automated systems can't crack the algorithm the attempted intercept is kicked out as an exception for manual review. If the reviewing officer is unable to decrypt, he/she will refer to the non-standard algorithms provided by developers as mentioned above. In really challenging situations, the intercepting agency partners with the encryption developer to ascertain why the call is apparently uncrackable, and how to decrypt it. So no, IMO running a BES in your basement wouldn't necessarily afford you any more privacy then my corporate BES does me. Remember, you're going to presumably want to be able to use that BES for email communications. To do so your server's IP will need to resolve to a hostname. Even if you ran your Exchange server as *.* root it will still need an NS entry for resolution purposes. I suppose you could establish your own NS too, on a BSD box or something, but again, at some point you will *have to* touch the publicly routed internet. EG: your NS record's going to need to be recorded in the NS tables in the root server system. Proxies and header spoofing notwithstanding, once I know your hostname I can determine your NS' IP. Once I know your NS IP I can track back to the source IP and host system. If I know your A record it's not long before the owner of your C class gets subpoenaed, which subpoena gets passed down the line to your ISP.

    Encryption and security software is great, and has done much to help company's protect trade secrets, but none are uncrackable giving sufficient computing and brian power.
    12-24-09 09:54 AM
  18. oasissux's Avatar
    However, most reputable developers, including PGP and RIM, will share their code will various law enforcement entitles. That information is retained as secured by each agency.
    If you're suggesting that PGP and/or RIM share information with law enforcement agencies that would allow them to decrypt their security products I think you're mistaken. Neither would be in business if they were giving away such info. Information spreads quickly. That kind of info would cripple them. It's nice to think that big gov't agencies are omnipotent, but when they can't even keep an eye on suspected terrorists taking flight lessons, one has to wonder what they're actually capable of.
    12-24-09 01:20 PM
  19. Fuzzballz's Avatar
    If it ever got out that PGP was making itself crackable to government agencies, you can bet PGP would take a major market dump. I'm not even sure those open source encryption algorithms are able to have 'back doors' or whatnot.
    12-24-09 01:38 PM
  20. Tõnis's Avatar
    I think you would have to assume that the majority if not all law enforcement are crooked for that logic to work... Just because there is comraderie in a profession where you trust your safety to coworkers in an environment where you have a target painted on your back whenever you go to work (I.e. Seattle officers) doesn't mean that your coworkers will allow you to break the law or otherwise shame the profession. Same applies to other professions such as the military.

    Posted from my CrackBerry at wapforums.crackberry.com
    Words like "crooked" and "camaraderie" might not adequately describe the peculiarity of their m.o. The former is too extreme and detracts from my message because it implies that they are all hardened criminals (they're not); the latter makes it sound like they're just cube farmers tossing paper airplanes back and forth, playing fantasy football ("boys will be boys"). Perhaps it's best to use an example. I haven't seen any studies, but it would be intersting to find out how many police officers and how many of their cronies (e.g. family members, judges, other "colleagues") receive civil traffic citations, and, if so, how many of them actually pay them. If an ordinary citizen commissioned the study, he would probably encounter lots of hurdles. If the police themselves commissioned the study, it would probably conclude that none of them received or paid any citations and offer the following as an explanation: the police and their "associates" and "colleagues" never, ever break any rules.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-24-09 03:15 PM
  21. jlsparks's Avatar
    If you're suggesting that PGP and/or RIM share information with law enforcement agencies that would allow them to decrypt their security products I think you're mistaken. Neither would be in business if they were giving away such info. Information spreads quickly. That kind of info would cripple them. It's nice to think that big gov't agencies are omnipotent, but when they can't even keep an eye on suspected terrorists taking flight lessons, one has to wonder what they're actually capable of.
    Take a dive into the wonderful world (and creation) of key escrow systems.
    12-24-09 03:48 PM
  22. breakmedown's Avatar
    If you're suggesting that PGP and/or RIM share information with law enforcement agencies that would allow them to decrypt their security products I think you're mistaken. Neither would be in business if they were giving away such info. Information spreads quickly. That kind of info would cripple them. It's nice to think that big gov't agencies are omnipotent, but when they can't even keep an eye on suspected terrorists taking flight lessons, one has to wonder what they're actually capable of.
    Well if you're gonna volunteer your time, talents, and money to personally monitor every person in the US, go right ahead. There are millions of "suspected terrorists", unless you want your taxes to go up, I suggest you let them stick to what they know. I'd say that considering how much that radical sector hates us, it's a miracle we only have one big terrorist attack a decade.

    I don't believe that anything is impervious, even BBs. If it can be generated on a computer, it can be decoded by one. No matter how "random" a system may seem, all computers are based on logic and numbers, so nothing is actually random at all.
    12-24-09 08:06 PM
  23. SpaceMonster's Avatar
    As far as corruption, well yes, but so is every other sector of society.
    They should work a little harder to clean up the force. I know its impossible to ask them not to be corrupt but that really is what the public expects of them. Their job is to enforce the law! I know a few cops and they're so dirty its sickening.
    12-24-09 08:22 PM
LINK TO POST COPIED TO CLIPBOARD