1. dag99's Avatar
    I have encryption turned on and have discovered that the new Blackberry Protect does not work with encryption ON. So that raises some questions.

    Which is more secure? A blackberry with encryption turned on or a blackberry with protect running?

    On the one hand I like the idea of being able to remotely wipe the blackberry but that requires me to know the instant it's been stolen. I wonder if it's better to use encryption and hope that someone can't crack the password without hitting the magic number of 10 and wiping the device anyway.

    Thoughts?

    Thanks.
    03-21-11 07:31 AM
  2. wu-wei's Avatar
    If you use a strong password, 10 tries is nowhere near enough to run the risk of being cracked.
    03-21-11 08:06 AM
  3. SplinterCell's Avatar
    You can have a password without using encryption, resulting in the device being wiped after x amount of tries as well.

    Posted from my CrackBerry at wapforums.crackberry.com
    03-21-11 10:31 PM
  4. T
    I use encryption. Any remote wiping app will only work if your device is connected to the network. Imo, a password and encryption is exponenetially more secure. And I wouldn't bank on just a password either. I read on the site here that it's relatively easy to remove a password by booting into safe mode, plugging into a pc, and using a readily available utility. Therefore, encryption's a must for me. Also, I haven't read a whole lot about the new app, but it would seem a website that can be used to access your blackberry could be a weak link. I mean, couldn't someone brute force that from anywhere in the world, steal data, and wreak havok on your device?

    Posted from my CrackBerry at wapforums.crackberry.com
    03-22-11 01:23 AM
  5. SplinterCell's Avatar
    I use encryption. Any remote wiping app will only work if your device is connected to the network. Imo, a password and encryption is exponenetially more secure. And I wouldn't bank on just a password either. I read on the site here that it's relatively easy to remove a password by booting into safe mode, plugging into a pc, and using a readily available utility. Therefore, encryption's a must for me. Also, I haven't read a whole lot about the new app, but it would seem a website that can be used to access your blackberry could be a weak link. I mean, couldn't someone brute force that from anywhere in the world, steal data, and wreak havok on your device?

    Posted from my CrackBerry at wapforums.crackberry.com
    Brute force what? Hack RIM then hack your info on their servers and do what? I use AES and higher to encrypt everything, my whole PC, my backup drives, thumbdrives, my Linux machine, and I'll admit the encryption method for the BlackBerry is unpractical; that is the media card I'm talking about.

    When you're logged in and running your info is readable because, you've deciphered the otherwise random data. That's why Facebook and alike can access your encrypted data.

    I don't know what they're attacking that they couldn't already have attacked with or without BlackBerry Protect.

    All in all, I'm probably missing the point here or something? But I'm very much interested in whatever the point is, so please don't take this the wrong way.
    03-22-11 02:14 AM
  6. SplinterCell's Avatar
    I can't find any facts on the matter of BlackBerry Protect and device encryption so I'm just guessing. BlackBerry Protect in theory wouldn't work once your BlackBerry was locked, especially after a reboot so, they disabled the option to use it and encryption all together.

    Now personally, I'd rather have BlackBerry Protect over BlackBerry's device encryption method. The device encryption is just not the same in terms of use compared to on the fly encryption for a pc. With just a simple password your device is secure at least the average person isn't going to get to your info before the device wipes itself after exceeding the max number of password attempts, or you locate it and/or wipe it via BlackBerry Protect.

    I wish I could run TrueCrypt on my BlackBerry!
    03-22-11 02:52 AM
  7. T
    Brute force what? Hack RIM then hack your info on their servers and do what?
    All in all, I'm probably missing the point here or something? But I'm very much interested in whatever the point is, so please don't take this the wrong way.
    Not having any idea what I'm talking about, I was just wondering if someone could, with relative ease, get into the website you use to remotely access your BlackBerry by entering your log in credentials and guessing passwords. Or does the site lock you out after a certain amount of wrong password attempts? I've often read people say that they wish they could access their @carrier.blackberry.net email from a pc, but I've always said that I like having an email address that can't be accessed from any pc -- one that the snoop would have to have physical access to my blackberry to access. That's all I meant. You often hear of people hacking someone's yahoo or msn email. Could someone access your blackberry protect account the same way?

    Posted from my CrackBerry at wapforums.crackberry.com
    03-22-11 03:16 AM
  8. SplinterCell's Avatar
    Now I understand. Just use a good password for the BlackBerry Protect website and don't let an adversary socially engineer you. If your password is at least 9 characters and it's random with a special character and number, no ones going to brute force their way in any time soon. e.g., XCQ@Qg`47 it would be easier/faster to water board you for this password than attack it with a script.
    Last edited by SplinterCell; 03-22-11 at 10:52 AM.
    03-22-11 10:45 AM
  9. dag99's Avatar
    When I loaded BB Protect, it gave a message stating that it wouldn't run if file encryption was on.
    SplinterCell likes this.
    03-22-11 07:16 PM
  10. SplinterCell's Avatar
    When I loaded BB Protect, it gave a message stating that it wouldn't run if file encryption was on.
    That's exactly what we're talking about.
    03-22-11 07:25 PM
  11. david9962000's Avatar
    I use incryption but with BB protect you can locate your device.
    01-05-12 10:22 PM
  12. TheRealFixxxer's Avatar
    I hate to bring a dead post back to life but I figured I would ask my question in a thread that already exists.

    My question is this; why (read: what are the fundamental reasons) doesn't BlackBerry Protect and encryption work together?

    My little understanding does allow me to realize that information that is encrypted should be (and is) difficult to locate, thus disallowing BlackBerry Protect to work. However, when the device is unlocked, the information is no longer encrypted, correct? Only once you lock the device and the padlock on the homescreen is "locked" is the data on the device encrypted, no?

    I prefer encryption just because I like feeling (I'll use that word instead of "knowing" because I am still pretty ignorant on the subject) that my data is secure even if someone gets their hands on my device. I know people like having the ability to remote wipe the device, but if someone with half a brain takes the device they should know enough to take it off the network before the owner has the chance to wipe it.

    I figure if the device is encrypted, has strong password and only 5 attempts at entering the password before it auto-wipes, that may thwart any attempts at compromising the data. Of course for all I know my security measures are easily circumvented.

    Just thought I'd ask the smart guys over here at CB.

    03-16-12 01:58 PM
LINK TO POST COPIED TO CLIPBOARD