View Single Post
Old 10-07-2011, 10:45 AM   #39 (permalink)
the-economist
CrackBerry Addict
 
Join Date: Dec 2008
Location: Airport lounges and starbuxxx
Model: 9900
OS: 7.0.0.296
Carrier: Vodafone Business
Posts: 573
Post Thanks: 1
Thanked 5 Times in 4 Posts
Default Re: Elcomsoft breaks BB password by hacking encrypted media card

Quote:
Originally Posted by penguin3107 View Post
.
If the encryption keys are based on the device ID as opposed to the handheld password, then this vulnerability goes away.

100% agree , no question about it. Problem is when a security feature is exploitable (which is rather common in the software world and nothing close to the drama some posts in the thread made it to be) the solution is vendor acknowledgement and patching of the vulnerability rather than the user running in circles trying to protect themselves from a poorly executed implementation.

You and i and some thousands of forum users may be some technically inclined. That doesn't extend to the whole of the platform's userbase.

The "vulnerability gone away" solution should only come down through the official vendor channels that manage the codebase of said software. In this case that means Research In Motion Ltd.
Offline   Reply With Quote