1. Technarch's Avatar
    This originally made the rounds in January here, BlackBerry stands by its phones after forensic security group claims to have decrypted private messages | CrackBerry.com

    A bit more detail was available then in the original article Canadian Cops Can Decrypt PGP BlackBerrys Too | Motherboard

    Now convictions have been made, and this article with a decent recap exists RCMP decrypted BlackBerry smartphones helped U.K police land major gun smuggling conviction | MobileSyrup.com

    From the court file:

    [10] The police were presented with a Blackberry cell-phone ….44505 that had been seized from the accused. Their objective was to read the information embedded in that cellphone. The BlackBerry has a reputation for being a very secure means of communication. There were three levels of security. Entry was protected by a password, the device was protected by encryption generally and e-mails processed by this particular device were protected by PGP, a form of e-mail encryption provided as an “add-on” by a third party after-market supplier. This encryption was previously thought to be undefeatable. The RCMP technological laboratory destroyed this illusion and extracted from this phone 406 e-mails, 25 address book entries and other information all of which had been protected. These materials are collected in Exhibit 8.

    Source: R v Tsekouras, 2015 ONSC 1470 (CanLII), par. 10, <http://canlii.ca/t/ggndm#par10>, retrieved on 2016-04-25.
    RCMP decrypted the PGP encryption on the BBs for conviction-chapo-texts-6.jpg
    Attached Thumbnails RCMP decrypted the PGP encryption on the BBs for conviction-256825d1395347835t-john-chen-memes-john-chen-aliens.jpg  
    04-25-16 07:13 PM
  2. Alain_A's Avatar
    There ya go. Dont commit any crime
    04-25-16 08:26 PM
  3. Prem WatsApp's Avatar
    Weak password got brute-forced?

    Wouldn't surprise me... :-D

      There's a Crack in the Berry right now...  
    04-26-16 02:05 AM
  4. sorinv's Avatar
    The article does not explain how it's done, other than suggesting that PGP encryption is not what it it is touted to be. Wasn't the NSA supposed to have that cracked?

    Also, it may very well be that BlackBerry does it for the RCMP.

    The article also does not say what phones were used.
    04-26-16 06:22 AM
  5. rthonpm's Avatar
    There are multiple sidechannel attacks for PGP that can expose the encryption keys. PGP is considered secure in transit and at rest, but like any cipher it's only as strong as it's implementation.

    Posted via CB10
    04-26-16 06:44 AM
  6. Technarch's Avatar
    If one digs they probably say the model somewhere. Still, I can't imagine the password would have been 1234. This demonstrates exploits on every level possible combined with the BBM one we knew about already.

    Posted via CB10
    04-26-16 07:15 AM
  7. smoothrunnings's Avatar
    I am surprised John Chen hasn't said anything. This can't look good for BBRY relations as they have always been a company that claims to be more secure than any other device available. With the RCMP being able to decrypt their phones it's clear the NSA can do it to.
    04-26-16 09:18 AM
  8. rthonpm's Avatar
    I am surprised John Chen hasn't said anything. This can't look good for BBRY relations as they have always been a company that claims to be more secure than any other device available. With the RCMP being able to decrypt their phones it's clear the NSA can do it to.
    These are BlackBerrys sold with poorly implemented third party software. Nothing for John Chen to respond to.
    04-26-16 01:16 PM
  9. Technarch's Avatar
    Device encryption, device password are both BlackBerry. If BB10, the PGP email encryption is them too. I think there are a lot of questions here. For me it is safe to assume that if you are a business that national intelligence will tap you as France does phones in order to give French businesses a competitive advantage.

    Posted via CB10
    04-26-16 01:20 PM
  10. rthonpm's Avatar
    Device encryption, device password are both BlackBerry. If BB10, the PGP email encryption is them too. I think there are a lot of questions here. For me it is safe to assume that if you are a business that national intelligence will tap you as France does phones in order to give French businesses a competitive advantage.

    Posted via CB10
    PGP is supported by BB10, but the certificates aren't generated by it. Do a search for PGP BlackBerry in the forums. We're talking about devices that have been modified by a third party to work through a PGP infrastructure. Nothing in these PGP devices are stock: cameras, microphones, and other applications have been disabled or removed. The fault lies entirely with the third party and their poor implementation of a good protocol.

    Posted via CB10
    anon(8719892) likes this.
    04-26-16 05:44 PM
  11. anon(8719892)'s Avatar
    People are getting confused here. The only case with true Blackberry OS is the Candian Mafia case. The 'Blackberry phones' cracked by UK/Dutch police are Blackberry phones with third party software flashed onto them. I've seen one boot up to a very basic front end & basic OTR messaging system.


    Edit* Just read the article. Strange that they would send the Thrid party phones to the Mounties who have the Master Encryption key key for BBM when the London case does not involve BBM, it involves PGP flashed onto 3rd parties. This doesn't add up & I havent read of this Canadian link to the LND story anywhere else tbh.

    Maybe the Mounties were given Master unlocks for all Blackberry phones. I dont know if the Third party phones still use the BB device encryption?
    Last edited by teknofish; 04-26-16 at 09:31 PM. Reason: extra info
    rthonpm likes this.
    04-26-16 09:26 PM
  12. byex's Avatar
    This applied to OS7 phones I believe.

    Posted via CB10
    04-26-16 11:06 PM
  13. anon(8719892)'s Avatar
    Yeah the Mafia case was on data from 2010. Ps. The flashed third party BB's are also using the older handsets. I havent seen any BB10 phones but they are rumoured to be coming. Are you aware the Dutch police took down the servers for the flashed BBs? Happened last week its in my posts somewhere.
    04-27-16 09:26 AM

Similar Threads

  1. Replies: 23
    Last Post: 03-23-17, 06:17 AM
  2. Why can't I sync my Q10 CALENDAR with Outlook 2007 on my PC?
    By CrackBerry Question in forum BlackBerry Q10
    Replies: 3
    Last Post: 04-26-16, 06:53 PM
  3. Replies: 9
    Last Post: 04-26-16, 10:57 AM
  4. Replaced speakers on my Z30
    By phill57 in forum BlackBerry Z30
    Replies: 4
    Last Post: 04-26-16, 09:16 AM
  5. My BB 9300 curve can't find the network in US, why?
    By CrackBerry Question in forum General BlackBerry News, Discussion & Rumors
    Replies: 1
    Last Post: 04-25-16, 08:01 PM
LINK TO POST COPIED TO CLIPBOARD