BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 02-18-2008, 02:11 PM   #1 (permalink)
New Member
 
Join Date: Feb 2008
Model: 8100
PIN: N/A
Carrier: T-Mobile
Posts: 13
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default What is Security Options > Content Protection option?

Please Login to Remove!

Under Options > Security Options > General Settings there is a Content Protection option. I'm guessing that if this option is turned on, that means I'm doing an encryption on the entire device, including all applications and data. Am I correct? If not please correct me. Also, there are 3 protection strengths: strong, stronger, and strongest. That doesn't means squat unless I can compare it to known encryption levels, such as DES, 3DES, AES, etc. Can anyone tell me what these protection strengths correspond to? Thanks.
Offline  
Old 02-18-2008, 02:48 PM   #2 (permalink)
Talking BlackBerry Encyclopedia
 
Sci-Tek's Avatar
 
Join Date: Jan 2008
Model: 8000
OS: 4.6.0.303
Carrier: TDC
Posts: 359
Post Thanks: 1
Thanked 0 Times in 0 Posts
Default

I'm interrested in this aswell, tried to google for it.. but failed :(
__________________
Cheers,

Sci-Tek

Only dead fish follow the stream
Offline  
Old 02-18-2008, 04:07 PM   #3 (permalink)
BBF Moderator
 
John Clark's Avatar
 
Join Date: Jun 2005
Model: Z30
OS: 10.2.1.x
PIN: s & needles
Carrier: AT&T
Posts: 34,686
Post Thanks: 4
Thanked 100 Times in 72 Posts
Default

When content protection is on then the free memory is actually wiped instead of marked as available to write over. If you wipe the device when content protection is enabled it will take several hours to wipe the device.
Offline  
Old 02-20-2008, 03:54 PM   #4 (permalink)
New Member
 
Join Date: Feb 2008
Model: 8100
PIN: N/A
Carrier: T-Mobile
Posts: 13
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

John, I don't quite understand what you mean by "free memory is actually wiped instead of marked as available to write over". You also mention wiping the device takes several hours. It seems like you use the word "wipe" with different meanings in different contexts. I guess this is what confused me.
Offline  
Old 02-20-2008, 04:16 PM   #5 (permalink)
Thumbs Must Hurt
 
Join Date: Apr 2005
Location: New York City
Model: 8310
Carrier: ATT
Posts: 132
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

It's a headache

OK now seriously, it's actually a feature which encrypts ALL of the data on the device. A few issues are experienced while using CP such as not having tasks sorted by category, not being able to change the password of a device remotely and having activations last a lot longer (and risk failure)

CP is a good idea in theory, but as John said, if you have it enabled and wipe the device, you will be out of commission for an hour and a half at least.

Another tip is to remember that you can enable CP from the IT Policy, however, if you change your IT Policy to not force CP, and the device already had the original policy enabling CP, CP will not switch off without manual intervention.
Offline  
Old 02-20-2008, 05:25 PM   #6 (permalink)
New Member
 
Join Date: Feb 2008
Model: 8100
PIN: N/A
Carrier: T-Mobile
Posts: 13
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I'm taking a guess here: all memory on the device, including both occupied and free memory, are encrypted so any read/write from/to memory, including both read/update to an occupied memory area or a read/write to a free memory area, the memory area under question must be unencrypted first (there is no way to tell whether the memory area under question is occupied or free). Am I correct?

If this is true then wiping the entire device means unencrypting each and every single memory location, then write some pre-determined pattern to that memory location, then encrypt that memory location. This has to be done for all of the 16MB, 32MB, or however much memory the device has. Am I correct?

Also, my original question of the protection strengths of strong, stronger, and strongest correspond to what encryption levels (DES, 3DES, AES-256, etc.) is still unanswered. Anyone knows?
Offline  
Old 02-20-2008, 05:48 PM   #7 (permalink)
Thumbs Must Hurt
 
Join Date: Apr 2005
Location: New York City
Model: 8310
Carrier: ATT
Posts: 132
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Strong: 160-bit ECC public key; provides good security and good performance, adequate for most situations
xxx8226;Stronger: 283-bit ECC public key; provides better security but slower performance than the Strong setting
xxx8226;Strongest: 571-bit ECC public key; provides the highest level of security but the slowest performance of the three settings

This is in the BES Policy Reference guide.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.