Dutch police are able to decipher encryption on PGP equipped BlackBerrys
We all know that BlackBerry handsets are known for their security. Some 'Berry handsets are even more protected thanks to the use of PGP encryption. That would make the phone extremely secure, which is why organized crime is said to use PGP equipped BlackBerry models to engage in conversations that can't be viewed by the prying eyes of the law.
The PGP equipped BlackBerrys are offered by online firms like TopPGP and GhostPGP. Purchasing phones with such high levels of encryption can be as easy as whipping out a credit card. One company selling these enhanced BlackBerry handsets, called Phantom Secure, notes that "no information is required with purchase" of one of the phones, and that "Your data connection and device are not registered to you."
While the Netherlands Forensic Institute says that it has broken the code, it hasn't been able to do so in every case. In one test, 279 out of 325 encrypted emails were cracked by the organization. In addition, the actual BlackBerry handset that contains the encrypted message needs to be in the possession of the law enforcement group aiming to decipher the code. This limits the usefulness of the method in real-life applications.
The phone used in the test is rumored to be the BlackBerry 9720.
Some PGP vendors claim that their BlackBerry phones remain 100% secure. According to GhostPGP, "We have not been affected. Our services are completely secure and have never been compromised."
source: Motherboard via Engadget
However, law enforcement officials with the Netherlands Forensic Institute say that they have been able to break down the code. While the Dutch police didn't give away the method used to achieve this, but there is speculation that software from Cellebrite was employed. One possible method requires removing a memory chip from the circuit board and dumping the data from it.
While the Netherlands Forensic Institute says that it has broken the code, it hasn't been able to do so in every case. In one test, 279 out of 325 encrypted emails were cracked by the organization. In addition, the actual BlackBerry handset that contains the encrypted message needs to be in the possession of the law enforcement group aiming to decipher the code. This limits the usefulness of the method in real-life applications.
The phone used in the test is rumored to be the BlackBerry 9720.
"We wrote about this years ago. This affects all mobile devices including Android offerings! Weak passwords will always be the weak link. Content protection is on by default for all our units. This has been the case since day one. Without it, the devices are easily cracked. [BlackBerry] devices can still be brute forced via chip-off. It could possibly be that Cellebrite has found a way to brute force without a chip-off: this I have not verified,"-Jay Phillips, SecureMobile.ME
Some PGP vendors claim that their BlackBerry phones remain 100% secure. According to GhostPGP, "We have not been affected. Our services are completely secure and have never been compromised."
source: Motherboard via Engadget
Things that are NOT allowed: