BES aside, which I know very little about.... For the consumer on BIS, so far as I know there is no malware that on its own without permission of the user can install on a blackberry. There is one case I heard of -- only one case -- of malware produced for blackberry, perhaps as a proof of concept, but it still required the user to install it.
For that matter, nothing installs on the blackberry without the user allowing it. And the user has control over the application permissions.
When the user sets a device password, there is a default 10 allowed attempts, or the max allowed attempts set by the user, and after that the device wipes. If the user has also enabled content protection, then the memory is scrubbed. There is no security question. No time out. Exceed the max attempts and all user data is removed.
Content protection, when enabled, encrypts data on the device so that data cannot be accessed even by direct access to the chips.
Blackberry messenger messages are strictly speaking not encrypted, but are scrambled.
All this is public information. A little searching will find this, and more.
Last edited by aiharkness : 10-01-2010 at 04:47 PM.