Sorry Folks,
I mean that I received the reply directly from BB to my email address. I have a T support contract with BB and asked my support account manager for an official response today. The article states that BES10 employs the algorithm so I had to find out.
According to the response I received they do not use the algorithm at all so the article is mostly moot aside from the fact that BB owns the patent on it.
Below is what I mailed in and follows in the response with names removed :) Feel free to ask BB yourself if you have a T support code.
Cheers
From: xxxxx
Sent: Monday, January 20, 2014 10:59 AM
To: xxxxx
Subject: Globe and Mail
Quite the bombshell in the paper today – Does BB have an official statement to this?
The strange connection between the NSA and an Ontario tech firm - The Globe and Mail
It essentially says BES10 is compromised as it employs Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator).
Can I get a technical statement if possible to let me know what part of BES10 employs DEC?
Thanks,
xxxx
From: xxx [mailto:
[email protected]]
Sent: Monday, January 20, 2014 xxxxx PM
To: xxxxx
Subject: RE: Globe and Mail
Hey sentin709 (changed),
Here is the official reply from our Security team:
“BlackBerry does not use the Dual EC DRBG algorithm in our products. We work closely with certification authorities around the world to validate the security of our products, and remain confident in the superiority of our mobile platform for customers using our device and enterprise server technology. BlackBerry public statements and principles have long underscored that there is no 'back door' to our platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications.”