BlackBerry Forums Support Community

BlackBerry Forums Support Community (http://www.blackberryforums.com/)
-   Aftermarket Software (http://www.blackberryforums.com/aftermarket-software/)
-   -   Email Encryption Application (http://www.blackberryforums.com/aftermarket-software/103922-email-encryption-application.html)

kgn1224 11-08-2007 04:08 PM

Email Encryption Application
 
Does anyone know of any applications that will encrypt emails on a BB8820? Aside from locking my handheld, I would prefer an application that scrambles only designated emails.

I used SecretMail on my 8800 and can't get it to load on the 8820.

I use BIS

Thanks!

djm2 11-08-2007 05:29 PM

DataVault will encrypt emails, but the receiving BB must also have DataVault installed. There is no parallel program at this time to encrypt/decrypt on the desktop.

Iceberg 11-28-2007 04:45 PM

Do I understand correctly that there is nothing on the market that will allow encrypted email between a BB and a laptop/desktop/whatever?

wcberry 11-28-2007 05:52 PM

PGP should do what you want if you are on BES. Not sure it works on BIS.

JSanders 11-28-2007 06:14 PM

Your email is already encrypted when sent on BIS.

Iceberg 11-28-2007 10:54 PM

I'm not on BIS or BES. Just a couple blackberries that need to send and receive email from a couple windows machines.

I visited the PGP web site. I don't think their application works on independent blackberries.

zerog46 11-28-2007 11:04 PM

If you are sending email to and from a BB you have to be on either BIS or BES if I am not mistaken.

Iceberg 11-29-2007 01:06 PM

I'm a newbie; but so far I can send and receive email using my BB just like any other computer. I use the same addresses and protocols. Just can't secure the email.

There must be some way to not send all email like a person was mailing a postcard. That is without going the BIS/BES route. We are a small operation and that would be prohibitive.

Sith_Apprentice 11-29-2007 01:26 PM

the Email is secture. BIS stands for blackberry internet service and BES is blackberry enterprise server (usually when it is a business blackberry) if you recieve push email you have one or the other. BIS is standard with a blackberry data plan.

Iceberg 11-30-2007 01:36 AM

Help me understand what you mean please. You seem to be saying that an email involving a Blackberry would be secure from end to end and not just while on the Blackberry system. I don't see how that could be.

Scenario: Email from a Blackberry in California to a business computer not on the Blackberry system in another state. It seems to me it could be secured while using the Blackberry Data System. But, as soon as the email is forwarded to the other computer's email provider it is plain text.

The only way to overcome this is to use some common encryption system; which I haven't been able to find.

Please let me know where the holes are in what I've written. I'm trying to understand the complexities of this new tool.

Iceberg 11-30-2007 01:31 PM

I came back today to state more clearly what I understand so you can either correct me, or agree.

It is my understanding that the Blackberry piggy backs on the existing cell system. Further that the only way one can exchange encrypted information is if the devices on both ends of the exchange have common software.

Given that; it seems to me that any email exchange over the public cell system will be vulnerable to intercept and perusal unless encrypted. Therefore, in the circumstance this thread is talking about a person would need some kind of encryption software. That, in fact, emails are not secure during the enroute phase of the email exchange.

Right? Wrong?

mhreljac 12-20-2007 02:03 AM

Correct. At the point at which the email leaves the BIS/BES, the email is unsecured. The reason is that it runs through SMTP normally, which could have anywhere from 1 to n hops, at which each hop would retain a copy of the email sent out (though, many not for long, others for a long time -- set up on the SMTP server).

People in this thread are assuming you are using BIS/BES and have it connected internally to mail server in your own company. If you were to send emails from person to person in your own company, it would be secure because the BIS/BES communicates with the Blackberry securely and would never go to a hop outside the company infrastructure.

To sum it up: the email from the Blackberry to the BIS/BES is secure (as they have their own compression/encryption algorithms common on both sides, created by RIM) but once the BIS/BES sends the email via SMTP outside their own network, it's plaintext for the world to see. Therefore, people that are on a carrier plan (independent or small company) should be made aware of the fact that email sent from the Blackberry will be unsecure, just the same as if you sent it from your desktop. That's just the way SMTP is set up -- and the reason PGP came into being.

If anyone is interested, I'm currently working on a PGP addon for the Blackberry. I won't bore you with any of the details on how/why/when, but I will need a few people to beta test it in a couple of months. PM me if you are interested.

derby 12-21-2007 11:41 AM

I appreciate email encryption too, and was wondering if the email message is secure if you are subscribed to a large carrier, like att or verizon, and their BIS plan, and the reciever of the message is also subscribed to a large carrier. If, say, att and verizon are both running Blackberry's BIS, then would the message be secure at both ends?

purevol 12-21-2007 04:29 PM

The link below might be useful, its a PDF about the PGP(Pretty Good Privacy) Package For BB Devices

Livelink - Redirection

mhreljac 12-22-2007 12:16 AM

Thanks for that link. I was planning on including most of that functionality, but that's a very rich implementation of PGP.

That was released earlier this year by PGP Corp/RIM, but it requires your BB to be on a BES in order for it to work (as well, it's currently priced at $220/seat). My implementation is going to be a standalone application using J2ME libraries so that any BB user can install it. I won't claim I will be as functionally rich in the first go of it, but I will say that it will have a public keystore, private keystore, be synchronizable (so you can back them up) and be able to send and receive encrypted emails. For me, that's the basis of what I need on my BB, and I believe others do as well. (I will have other things, such as i18n, etc., but I won't know until I fully design it -- up until now I've been writing the J2ME version of the crypto library, and now that it's working, I'm moving onto the application. My thoughts were always that if I couldn't get the crypto to work on the J2ME platform that designing the application and doing anything for it would be wasted effort. ;-) )

M

daphne 12-22-2007 12:32 AM

I would be interested in your program. It sounds great.

attweco 12-28-2007 09:30 PM

We are already using the Open Source implementation of PGP with Outlook: "GnuPGP for Windows". It's really sweet, and it would be even sweeter if there would be some kind of PGP implementation for the Blackberry.

mhreljac: We would definitely pay for this, were it to be available for BIS users. Thanks very much.:smile:

FyreFiend 12-29-2007 03:44 PM

I would also love an GnuPG/OpenPGP package for the BB.


All times are GMT -5. The time now is 09:01 AM.

Powered by vBulletin® Version 3.6.12
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.