1. dunshine's Avatar
    There seems to be some confusion in the forums about the security of data stored on a BBOS BlackBerry and its media card. Is it possible to "bypass" or "get around" a locked BlackBerry's password by plugging specialized equipment into the handheld's micro usb port? If not, is there any other way a malicious user could get at the data stored on a BBOS Blackberry if he doesn't know the password, and the phone is locked? This topic aims to clear up that confusion.

    Obviously, it's possible to circumvent a locked BlackBerry's password and gain access to device data. That's the very reason for encryption. Why otherwise encrypt device data if you're already using a password on a BlackBerry? Why would RIM/BlackBerry even include encryption as an option if a password is all that is needed to effectively secure a mobile phone's contents? RIM/BlackBerry has the following to say about it in the BIS Security Feature Overview 4.0:

    "When you set up encryption of your BlackBerry® device data using the content protection feature, your BlackBerry device is designed to be protected against users with malicious intent who could attempt to steal your data directly from the internal hardware. No one can read your encrypted data without your device password." [emphasis mine]

    Now that we see that RIM/BlackBerry anticipates that a malicious user could attempt to steal data directly from a BlackBerry's hardware, we can also see that RIM/BlackBerry has provided an additional safeguard to protect the data on a locked BlackBerry: content protection (i.e. encryption). Let's look at how a malicious user might try to circumvent a locked BlackBerry's password.

    Certain equipment made by Cellebrite and other manufacturers is designed to be plugged into mobile phones' micro usb ports, and it purportedly can be used to get around supported phones' passwords and gain access to their data. How well these devices work with other manufacturers' phones is not relevant to this analysis, but how well the devices will work with a BlackBerry is evident from the manufacturers own admission:

    "Password locked devices are supported when the password is known (the UFED requests the password during the extraction process)." [emphasis mine]
    --Cellebrite web site (click on BlackBerry Decoding FAQ)

    "Encrypted devices can be extracted if the password is known, or if there is no password lock set on the device." [emphasis mine]
    --Cellebrite web site (click on BlackBerry Decoding FAQ)

    From these statements, it can be gleaned that Cellebrite UFED equipment is only effective against a password locked BlackBerry if the password is known! Otherwise, if the Blackberry password is not known, a malicious user has to resort to a different, more painstaking method available in electronics forensic labs. The methods employed by those labs involve physically removing the handheld's memory chip and accessing the data stored on the memory chip using specialized skills and equipment. Here's where we get to our questions.

    Q. Should I password lock my Blackberry?

    A. Yes, if you want to prevent an opportunistic acquaintance, colleague, finder, or thief from gaining access to your device/data and/or if you want to prevent a more skilled person who has access to Cellebrite UFED equipment from gaining access to your data.

    Q. Should I encrypt my data?

    A. Yes, if you don't want to leave it to chance that Cellebrite or another manufacturer will find a way to get around a BlackBerry's password and /or if you want to prevent a highly skilled and determined forensic technician from gaining meaningful access to your data. A highly skilled, determined forensic technician might still gain access to your device data if he successfully physically removes the memory chip from your BlackBerry as mentioned above, but he will still be faced with the daunting task of trying to brute-force your password to understand your encrypted data; he will have merely overcome the ten tries limit. And that is why you should use a strong, complex password.

    Q. I've heard that a Russian company has figure out how to extrapolate a locked BlackBerry's password using only the data stored on the BlackBerry's removable micro SD media card. Should I encrypt my media card?

    A. Yes, if you want to protect the data stored on your media card from being meaningfully accessed by an unauthorized user. Elcomsoft has stated that its password cracking method is only effective against a media card that has been encrypted using the "Device Password" mode. This means, of course, that you should use one of the other two available modes to encrypt your media card, either "Device Key" or "Device Password & Device Key."


    Here's what Elcomsoft has to say about its own Password Recovery Software:

    "Before you get too excited, there is a catch. The new feature requires Media Card encryption to be switched on and set to either 'Security Password' or 'Device Password' mode. If this condition is met, EPPB will be able to run password recovery against device security password ... Actually, we only need one specific file from that media card, so yes, the recovery can be off-loaded and the password can be recovered offline."
    --re Elcomsoft Password Recovery Software

    Any questions?

    /s/ dunshine
    (composed with the help of a friend)
    04-24-13 03:43 PM
  2. BerryGuy4040's Avatar
    Good, accurate post
    04-24-13 05:29 PM
  3. OnyxFruit's Avatar
    One could argue that an even safer option is not to use a SD card at all. Secuirty sometimes comes at the expense of functionality.
    04-24-13 05:36 PM
  4. dunshine's Avatar
    One could argue that an even safer option is not to use a SD card at all. Secuirty sometimes comes at the expense of functionality.
    Once a Device Key is introduced with one of the other modes they're back to square one. It has to be encrypted using the Security Password/Device Password mode for them to benefit from it because with that mode all the information they need is stored on the micro SD card. If a Device Key is part of it, they don't have all the information, because the Device Key part is not on the card; it's inside the handset.
    04-24-13 05:44 PM

Similar Threads

  1. Replies: 10
    Last Post: 06-04-12, 07:22 PM
  2. Replies: 9
    Last Post: 03-13-12, 02:18 PM
  3. pattern lock / slider lock (how secure is the data?)
    By wmscottmc in forum BlackBerry Storm Series
    Replies: 7
    Last Post: 05-11-09, 12:05 AM
  4. How bright is the Trackball on your Sprint/VZ curve?
    By Success100 in forum BlackBerry Curve Series
    Replies: 14
    Last Post: 07-11-08, 11:40 AM
  5. How good is the GPS on this phone?
    By leemoreau in forum BlackBerry 88xx Series
    Replies: 11
    Last Post: 03-04-08, 04:48 PM
LINK TO POST COPIED TO CLIPBOARD