04-12-15 02:41 PM
83 1234
tools
  1. boody78's Avatar
    I have a question, does blackberry retain timed, or retracted messages in a readable format? Seeing as how it is going to be subscription based I would hope not. I would hope that once a timed message has expired or a message has been retracted, it would no longer be readable on the server.

    Posted via CB10
    04-08-15 01:22 PM
  2. tchocky77's Avatar
    You need to get your "brain washed" dude if you think the US government cannot hack into iMessage or WhatsApp.





    Posted via CB10
    Like I said,...earlier in the thread...I take it for granted that ONE government agency can read ANYTHING they make up their mind to. What I'm saying is that Apple can't just hand it to the local police. Even with a warrant. That's the nature of the encryption involved.

    Posted via the CrackBerry App for Android
    Cynycl and sentimentGX4 like this.
    04-08-15 01:25 PM
  3. Cynycl's Avatar
    I have a question, does blackberry retain timed, or retracted messages in a readable format? Seeing as how it is going to be subscription based I would hope not. I would hope that once a timed message has expired or a message has been retracted, it would no longer be readable on the server.

    Posted via CB10
    I think the safest bet is to believe that once on the net................always on the net.
    04-08-15 01:31 PM
  4. Berry-cracked-up's Avatar
    Correct me if I'm wrong here, but the issue here isn't that the government decrypted the data and they had access to it...if they could do that, than they wouldn't have needed to ask Blackberry for the data. The data is secure, and that is why the government needed to get it from BB themselves. The comments about FBI cannot crack imessage is all fine, and I'm sure the FBI is also not able to crack BB...but if they ask the company for the data, especially if the courts are asking, then they can hand it over. This has nothing to do with how secure the data is when it is sent from one device to the other. My concerns is people snatching my conversations out of the air. I would assume that is secure. But if I'm doing something illegal, and the police have good reason to request my chats, that's not a 'secure' issue at all. Blackberry is known for their security to prevent hackers or un-wanted people from accessing the data. So as far as I'm concerned, the data is still secure.
    nhanken, BanffMoose and Alvin Loh like this.
    04-08-15 01:36 PM
  5. Glenn Biddle's Avatar
    Glenn. Its not FUD. It's a well documented fact that BBM is no longer the secure solution. And even if it were,...blackberry can just choose to read them for anyone that asks.

    Apple can't.

    WhatsApp can't.

    Those are facts, my man.

    Posted via the CrackBerry App for Android
    Do you not think it is FUD to insinuate that BlackBerry is going to allow just any one to read any one else's BBM messages. Yes if you come with a court order BlackBerry will allow you access to standard BBM messages, if you have Enterprise BBM protected it is my understanding that even BlackBerry it's self doesn't have access to those messages so they wouldn't be able to allow people to read those messages even with a warrant. As I've already said if you need that level of security then you will be to pay for it. Hopefully BlackBerry will be able to keep this level of security out of the hands criminal and terrorist organizations but then that's just my opinion.

    Posted via CB10
    04-08-15 01:39 PM
  6. Witmen's Avatar
    I have a question, does blackberry retain timed, or retracted messages in a readable format? Seeing as how it is going to be subscription based I would hope not. I would hope that once a timed message has expired or a message has been retracted, it would no longer be readable on the server.

    Posted via CB10
    Timed messages are a joke on BBM anyway. I'm not sure how they work on BlackBerry devices, but on Android timed messages just let the recipient know to get ready to take screen captures because something good is on the way.

    BBM isn't capable of preventing Android devices of taking screen captures.
    04-08-15 02:37 PM
  7. Bla1ze's Avatar
    BlackBerry/RIM has always complied with legal documents when presented. If they took the time to research what they needed they would have known. My thoughts are the same as always. BBM is NOT secure unless attached to BES with established encryption keys.
    Bingo. Nothing new there at all. Same thing that happened with the London riots, India, Canadian Govt. being advised to not use PIN messages etc etc etc etc etc. One could even go so far as to say that when BlackBerry introduced BBM Protected, they were basically saying that BBM wasn't as secure as 'some' folks thought it to be.
    04-08-15 02:41 PM
  8. Prem WatsApp's Avatar
    All these companies still operate under the government's laws. They have to handle over data regardless.

    Nobody is secure. Unless you setup your server and run through there.

    Posted via CB10
    And then it gets confiscated la Lavabit...
    And the keys subpoenaed... :-(



      Passposted while waiting for the Z-lider....  
    MarsupilamiX likes this.
    04-08-15 11:06 PM
  9. BCITMike's Avatar
    Instead of the messages being able to be read in realtime by sniffing the traffic, they'll just use the hacks on the phones themselves where the messages are decrypted and silently copy them and upload. Plenty of evidence of background surveillance hacks for spying on users without their knowledge.
    04-09-15 02:12 AM
  10. tchocky77's Avatar
    Do you not think it is FUD to insinuate that BlackBerry is going to allow just any one to read any one else's BBM messages. Yes if you come with a court order BlackBerry will allow you access to standard BBM messages, if you have Enterprise BBM protected it is my understanding that even BlackBerry it's self doesn't have access to those messages so they wouldn't be able to allow people to read those messages even with a warrant. As I've already said if you need that level of security then you will be to pay for it. Hopefully BlackBerry will be able to keep this level of security out of the hands criminal and terrorist organizations but then that's just my opinion.

    Posted via CB10
    What I'm saying is that Apple and WhatsApp have made "that level of security" the default. They don't have weak encryption so they can sell stronger.

    Posted via the CrackBerry App for Android
    04-09-15 02:37 AM
  11. diegonei's Avatar
    Glenn. Its not FUD. It's a well documented fact that BBM is no longer the secure solution.
    Proof or please quiet down.
    04-09-15 08:29 AM
  12. sentimentGX4's Avatar
    Correct me if I'm wrong here, but the issue here isn't that the government decrypted the data and they had access to it...if they could do that, than they wouldn't have needed to ask Blackberry for the data. The data is secure, and that is why the government needed to get it from BB themselves. The comments about FBI cannot crack imessage is all fine, and I'm sure the FBI is also not able to crack BB...but if they ask the company for the data, especially if the courts are asking, then they can hand it over.
    I'd like to point out we don't know if the data is secure or not simply because messaging apps like iMessage are safe from the FBI. Inter-governmental organization do not necessarily share technology. Your local police force obviously does not have much capability to hack anything. The same is true outside the United States as well. There are the "in" government agencies and the "out" government agencies.

    In the United States, the FBI is simply a glorified police force. The big dogs are the NSA, CIA, and other agencies associated with the military. Even some corporate entities in the tech sector may have more hacking prowess than the FBI if they were compelled to ever do so.
    04-09-15 08:43 AM
  13. Superdupont 2_0's Avatar
    I have a question, does blackberry retain timed, or retracted messages in a readable format? Seeing as how it is going to be subscription based I would hope not. I would hope that once a timed message has expired or a message has been retracted, it would no longer be readable on the server.
    Posted via CB10
    Nope, BlackBerry does not retain messages "in the normal course of business".
    See under

    BBM TERMS OF SERVICE

    this

    (k) Storing of Messages. The contents of messages that have been delivered by the Services are not maintained or archived by us in the normal course of business. BBM messages are sent via data services to servers operated by or on behalf of us, and routed to the recipient(s), if the recipient(s) are online. Once a message has been delivered, it no longer resides on our servers. If the recipient(s) are not online, the undelivered message is held in servers operated by or on behalf of us until it can be delivered for up to thirty (30) days, after which the undelivered message will be deleted from our servers. The contents of any delivered messages reside directly on the sender's and recipient's devices unless deleted by those users, or by auto-delete features of the software used by such users.
    Notwithstanding the above, we may retain transactional details associated with the messages and devices (for example, date and time stamp information associated with successfully delivered messages and the devices involved in the messages), as well as any other information that we are legally compelled to collect.

    … but if LEA are knocking on their door with a warrant:


    18. USER DATA
    In addition to any disclosures authorized by Section 17, You and Your Users consent and agree that the BlackBerry Group of Companies may access, preserve, and disclose Your or Your Users' data, including personal information, contents of Your communication, or information about the use of the Services functionality and the services or software and hardware utilized in conjunction with the Services where available to us ("User Data"), to third parties, including foreign or domestic government entities, without providing notice to You in order to: (i) comply with legal process or enforceable governmental request, or as otherwise required by law; (ii) cooperate with third parties in investigating acts in violation of this Agreement; or (iii) cooperate with system administrators at Service providers, networks or computing facilities in order to enforce this Agreement. […]
    04-09-15 02:16 PM
  14. BigAl_BB9900's Avatar
    I have a question, does blackberry retain timed, or retracted messages in a readable format? Seeing as how it is going to be subscription based I would hope not. I would hope that once a timed message has expired or a message has been retracted, it would no longer be readable on the server.

    Posted via CB10
    In the UK, mobile phone companies have a legal requirement to store customers' phone records for at least a year - I have always assumed that this included messaging. If this legal requirement does include messaging, then it will definitely include timed messages.
    EE, Vodafone and Three give police mobile call records at click of a mouse | World news | The Guardian
    https://ico.org.uk/media/for-organis...e-road-map.pdf

    BlackBerry will have to fulfil it's legal obligations in whichever country the messages are sent (and I'm sure that the legal requirements will vary greatly from country to country).
    04-09-15 03:07 PM
  15. Old_Mil's Avatar
    My thoughts are the same as always. BBM is NOT secure unless attached to BES with established encryption keys.
    So what then is the correct solution for private messaging on the Blackberry platform?

    Posted via CB10
    04-10-15 08:16 PM
  16. MobileMadness002's Avatar
    So what then is the correct solution for private messaging on the Blackberry platform?

    Posted via CB10
    Already stated. Run a BES server with BBM encryption enabled. Of course that means that you would only be able to chat with members on the same BES as they would need the same encryption keys.
    04-10-15 08:23 PM
  17. jope28's Avatar
    BlackBerry BBM is very secured that is why these crooks used to BBM each other, but it is not really secure when it comes to deal with the Government. No matter what, the Government can force the company to give them access anyway. This is how I understand! It is secure if people use it to do business that do not break the law, but it is unsecured if people use it to do evil things.
    If "it's not secure when it comes to deal with the government" , than it isn't secure.

    [Hopefully NOT edited by admin to be fair lol. ] Frosty White Q10/10.3.1.2708 CB10
    04-10-15 08:31 PM
  18. jope28's Avatar
    Already stated. Run a BES server with BBM encryption enabled. Of course that means that you would only be able to chat with members on the same BES as they would need the same encryption keys.
    Wouldn't this be safe even though it doesn't use a BES? (poor TLS gets no respect anymore lol)
    https://www.blackberrycentral.com/ne...bbm-protected/
    Attachment 346837

    [Hopefully NOT edited by admin to be fair lol. ] Frosty White Q10/10.3.1.2708 CB10
    Attachment 346838
    Last edited by jope28; 04-10-15 at 08:50 PM.
    04-10-15 08:38 PM
  19. vrud's Avatar
    Personally I feel that BlackBerry started to be more open with various authorities just after they released BBM Pro.
    I don't find this as a coincidence, they want to sell you protected as the pure BBM is free and users no longer pay for it through carrier contract.

    Do I care personally?
    Yes and No.

    No - I value social security along with privacy of my messages. I wouldn't like some interns working for data center or authority reading my BBM messages. At the same time, I would like to avoid crimes on the streets.

    Yes - If they have my chats then please share it with ME too. My friend lost her BBM messages when phone died. Activating the account on another phone restores contact list but no chats !!??
    04-10-15 08:39 PM
  20. vrud's Avatar
    What I'm saying is that Apple and WhatsApp have made "that level of security" the default. They don't have weak encryption so they can sell stronger.

    Posted via the CrackBerry App for Android
    You should never trust marketing materials!

    iMessage turns to plain text SMS which can't be controlled by the user - completely insecure

    WhatsApp was first hacked by a student and they had to partner a 3rd party to bring some security and even after trying that they are still below BBM Pro according to this.
    04-10-15 08:47 PM
  21. LazyEvul's Avatar
    You should never trust marketing materials!

    iMessage turns to plain text SMS which can't be controlled by the user - completely insecure

    WhatsApp was first hacked by a student and they had to partner a 3rd party to bring some security and even after trying that they are still below BBM Pro according to this.
    Both of those sources regarding WhatsApp were written prior to the implementation of end-to-end encryption. The third-party they brought in to implement end-to-end has a very good reputation among the security community, and has passed the scrutiny of independent audits - hardly a bad thing. In fact, the encryption that they brought to table is the same protocol used in their TextSecure app, which receives all 7 checkmarks on the EFF scorecard.

    You are sort of correct about iMessage, however - if iMessage is down or data services are unavailable, it will fallback to SMS by default. This can be disabled in the settings, but it will still have to use SMS when you message a non-Apple device. The way it is implemented, Apple could also fiddle with the keys and start collecting your messages if they wanted to. From what I understand though, any messages that were sent before they decided to monitor you could not be read by them, however.

    Wouldn't this be safe even though it doesn't use a BES? (poor TLS gets no respect anymore lol)
    https://www.blackberrycentral.com/ne...bbm-protected/
    Attachment 346837
    Yes it would be. BBM Protected is very good, at least on paper, and operates similarly to WhatsApp. End-to-end, forward secrecy, keys are dealt with locally on the device, all that good stuff. Just a shame it's not free, but I suppose what you're really paying for is that FIPS 140-2 certification - WhatsApp doesn't have that, nor does iMessage. Doesn't make much of a difference for consumers, though.
    Last edited by LazyEvul; 04-11-15 at 03:30 PM.
    04-11-15 03:12 PM
  22. skibnik's Avatar
    I don't understand what all the fuss is about? The Brazilian government obtained lawful warrants to access the info, and BlackBerry being the lawful corporation that it is complied with said legal warrant.

    If the crooks were using BES then the government would also get warrants to access the crooked corporate servers as well and that would be out of BlackBerry's hands.

    Loving my Passport!
    BigAl_BB9900 likes this.
    04-11-15 08:44 PM
  23. vrud's Avatar
    You are sort of correct about iMessage, however - if iMessage is down or data services are unavailable, it will fallback to SMS by default.
    Can you show which settings control that?
    Note that there are 3 possible states :
    1. always send as sms
    2. never send sms
    3. prefer iMessage and fallback to sms if no data connection

    How to set #2?

    Posted via CB10
    Last edited by vrud; 04-12-15 at 08:41 AM.
    04-12-15 07:42 AM
  24. vrud's Avatar
    Both of those sources regarding WhatsApp were written prior to the implementation of end-to-end encryption. The third-party they brought in to implement end-to-end has a very good reputation among the security community, and has passed the scrutiny of independent audits - hardly a bad thing. In fact, the encryption that they brought to table is the same protocol used in their TextSecure app, which receives all 7 checkmarks on the EFF scorecard.
    Oh, that's good marketing, really. Anyways, do you feel that the WhatsApp company was interested in providing security for their chats if they were using a simplistic encryption first and then their chats were easily accessible to games installed on your android and then were forced to partner with some 3rd parties? If there is a breach then who is responsible - WhatsApp, the user who installed the game or the 3rd party that provides encryption? Check history of hacks for WhatsApp and BBM or another chat messaging service in order to understand what to expect from them.

    Posted via CB10
    04-12-15 07:52 AM
  25. Madhuchandran's Avatar
    Making a mountain out of a mole hill!

    Posted via CB10
    04-12-15 08:01 AM
83 1234

Similar Threads

  1. WTS: BlackBerry Chargers & Mini USB Cables
    By crazigee in forum The Marketplace - Buy, Sell & Trade
    Replies: 4
    Last Post: 04-06-15, 04:12 PM
  2. I'm having trouble installing the dater app. Can anyone help?
    By Charliefreak_112 in forum BlackBerry Q5
    Replies: 1
    Last Post: 04-06-15, 03:42 PM
  3. How can I remove Blackberry Link from my device?
    By CrackBerry Question in forum BlackBerry Link
    Replies: 1
    Last Post: 04-06-15, 03:18 PM
  4. WTS: BlackBerry Curve 8830 Cases
    By crazigee in forum The Marketplace - Buy, Sell & Trade
    Replies: 1
    Last Post: 04-06-15, 03:17 PM
  5. BlackBerry offers up a quick look at apps on the BlackBerry Leap
    By CrackBerry News in forum CrackBerry.com News Discussion
    Replies: 0
    Last Post: 04-06-15, 02:22 PM
LINK TO POST COPIED TO CLIPBOARD