BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 01-26-2005, 05:08 PM   #1 (permalink)
Thumbs Must Hurt
 
Join Date: Sep 2004
Model: 9530
Carrier: Verizon
Posts: 101
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Curious: Can Criminals Avoid Message Interception with BB

Please Login to Remove!

Just out of curiosity, I was watching an old episode from the TV show, "Alias", and during one of the scenes, they showed "the bad guys" using BlackBerrys to PIN each other, thus avoiding their messages being intercepted by the CIA or NSA. I was wondering if this IS possible, and if so, I can't imagine the federal government not putting a backdoor in. As I said, I'm just curious. I know PIN messages are from BB to BB, but I can't imagine them NOT being used by criminals if that's the case. Can anyone shed some light?

cfjacksn
Offline  
Old 01-26-2005, 05:11 PM   #2 (permalink)
rcg
Platinum Sponsor
 
rcg's Avatar
 
Join Date: Oct 2004
Location: California
Model: 7290
Posts: 1,185
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

PIN to PIN messages still travel through the BlackBerry NOC and thusly could be monitored.
__________________
Discount BlackBerry Accessories and More...
Click Here: [ SmartPhoneDepot.Com ]
BlackBerry Forums Platinum Sponsor

AIM: SmartPhoneDepot
Offline  
Old 01-26-2005, 05:13 PM   #3 (permalink)
BlackBerry Extraordinaire
 
Join Date: Aug 2004
Location: West of Ottawa, Canada
Model: 9900
OS: 7
Carrier: Telus
Posts: 1,068
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Curious: Can Criminals Avoid Message Interception with

Quote:
Originally Posted by cfjacksn
Just out of curiosity, I was watching an old episode from the TV show, "Alias", and during one of the scenes, they showed "the bad guys" using BlackBerrys to PIN each other, thus avoiding their messages being intercepted by the CIA or NSA. I was wondering if this IS possible, and if so, I can't imagine the federal government not putting a backdoor in. As I said, I'm just curious. I know PIN messages are from BB to BB, but I can't imagine them NOT being used by criminals if that's the case. Can anyone shed some light?

cfjacksn
What sort of future activities did you have in mind? - running for office?
Offline  
Old 01-26-2005, 05:29 PM   #4 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

also to keep in mind. if something is encrypted, it can be decrypted. and most likely the company doing the encrypting also has the decryption algorithm. so, with that said, nothing is safe (especially something that is owned by a company who's largest customer is the government).

__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Old 01-26-2005, 05:56 PM   #5 (permalink)
Talking BlackBerry Encyclopedia
 
Talldog's Avatar
 
Join Date: Jan 2005
Location: Connecticut
Model: 8330
Carrier: Verizon
Posts: 213
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

This issue has been in the news just this month.

http://yro.slashdot.org/article.pl?s...9&from=rss
__________________
Talldog
Offline  
Old 01-26-2005, 06:10 PM   #6 (permalink)
Thumbs Must Hurt
 
Join Date: Sep 2004
Model: 9530
Carrier: Verizon
Posts: 101
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Hey Cool

That's satisfies that curiosity. Now if anybody knows........


J/K, acutally Roofus, I was appalled at the possibility that criminals could possibly do something like that and my nefarious days are long behind me.

Thanks all for responding.
Offline  
Old 01-26-2005, 07:33 PM   #7 (permalink)
BlackBerry Extraordinaire
 
Join Date: Aug 2004
Location: West of Ottawa, Canada
Model: 9900
OS: 7
Carrier: Telus
Posts: 1,068
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Hey Cool

Quote:
Originally Posted by cfjacksn
That's satisfies that curiosity. Now if anybody knows........


J/K, acutally Roofus, I was appalled at the possibility that criminals could possibly do something like that and my nefarious days are long behind me.

Thanks all for responding.
Ah good! I can sleep tonight!
Offline  
Old 01-27-2005, 07:08 AM   #8 (permalink)
BlackBerry Extraordinaire
 
Join Date: Dec 2004
Location: in a house...
Model: lots
Carrier: Rogers
Posts: 1,148
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

BAH!!! I love using my BB pin-to-pin for crooked things... like...

my wife sending me a list of things to get from the grocery store on my way home...

my boss wondering where in the building I am...

my friends knowing they can get through to me no matter where I am (luv Rogers coverage) or what time it is (see leash in dictionary)...

etc...

But really there is actually a bit more involved in sniffing in on messages. Obviously RIM is the only one who can sniff out PIN msg's thanks to the 3DES encryption used. For people who have a GSM/GPRS based carrier, the wireless traffic is also encrypted over the entire GSM/GPRS network, so the occasional hacker would have to have pretty intimate knowledge of the wireless network to even get close to sniffing.

For what it's worth, any of the more involved crooked people I know actually do use BB's and pin-to-pin messaging for shady communication. As well, I know several 'higher-up' people at RIM and they haven't heard of any case where pin-to-pin messages have been subpoena'd by the authorities, this isn't saying that it hasn't happened, but just that they have never heard of it.

Kinda funny how something like virtually untracable pin-to-pin messaging would be a feature put into the only handheld that meets the data security requirements of the US Gov't... but hey, nothing shady ever goes on there right?

I think this just goes to show that for every action there is an equal and opposite reaction... good people use it, bad people use it...

cd.
Offline  
Old 01-27-2005, 07:18 AM   #9 (permalink)
Grumpy Moderator
 
NJBlackBerry's Avatar
 
Join Date: Aug 2004
Location: Somewhere in the swamps of Jersey
Model: i5s
Carrier: AT&T
Posts: 27,806
Post Thanks: 33
Thanked 441 Times in 381 Posts
Default

Corey - are you sure that PIN to PIN messages use 3DES? I think that only message processed through the BES are 3DES.
Offline  
Old 01-27-2005, 07:29 AM   #10 (permalink)
BlackBerry Extraordinaire
 
Join Date: Dec 2004
Location: in a house...
Model: lots
Carrier: Rogers
Posts: 1,148
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Everything that leaves the handheld is encrypted... data is encrypted between the handheld and the carrier, as well as between the handheld and the relay... RIM training told me so...

cd.
Offline  
Old 01-27-2005, 08:49 AM   #11 (permalink)
Grumpy Moderator
 
NJBlackBerry's Avatar
 
Join Date: Aug 2004
Location: Somewhere in the swamps of Jersey
Model: i5s
Carrier: AT&T
Posts: 27,806
Post Thanks: 33
Thanked 441 Times in 381 Posts
Default

Quote:
Originally Posted by corey@12mile
Obviously RIM is the only one who can sniff out PIN msg's thanks to the 3DES encryption used.
No one from RIM ever said that PIN to PIN messages use 3DES encryption
Offline  
Old 07-26-2005, 02:50 PM   #12 (permalink)
Thumbs Must Hurt
 
Join Date: Jul 2005
Model: 7290
Carrier: carrrier
Posts: 55
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by corey@12mile
Everything that leaves the handheld is encrypted... data is encrypted between the handheld and the carrier, as well as between the handheld and the relay... RIM training told me so...

cd.
PIN messages are NOT 3des at all!
Offline  
Old 07-26-2005, 04:38 PM   #13 (permalink)
BlackBerry Extraordinaire
 
Soapm's Avatar
 
Join Date: Apr 2005
Location: The Mile Hi City
Model: 9780
OS: 6.0
Carrier: TMO
Posts: 2,790
Post Thanks: 3
Thanked 4 Times in 4 Posts
Default

Corey? That's you that said that? Oh, this is an old post????
Offline  
Old 07-26-2005, 08:47 PM   #14 (permalink)
Thumbs Must Hurt
 
Rancor's Avatar
 
Join Date: Jun 2005
Location: Dathomir
Model: 7730
Carrier: Zefr
Posts: 171
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I realised it is an old post but,
Quote:
Originally Posted by corey@12mile
Everything that leaves the handheld is encrypted... data is encrypted between the handheld and the carrier, as well as between the handheld and the relay... RIM training told me so...
I recommend revising your training documents, there is a lot of info in there, and it is easy to overlook or confuse a few things.

Encryption requires keys at each end to encrypt and decrypt data, therefore the possibility of decrypted PIN to PIN messages outside your own organisation doesn't make any sense.
Where would people outside the organisation get a matching key from?

Your PIN to PIN messages are actually able to be read by anyone able to intercept and assemble your data packets as they travel from one device to the other. (which is how the plans to the Death star were intercepted), but not very likely

IT policy can be set on the BES to allow only encrypted PIN to PIN messages to other users within the organisation using the same BES.
This disables the ability to send them outside the organisation but can still receive them.
__________________
!

Last edited by Rancor : 07-26-2005 at 08:55 PM. Reason: just woke up to the fact Corey posted it months ago
Offline  
Old 07-28-2005, 06:14 PM   #15 (permalink)
New Member
 
Join Date: Jul 2005
Model: 7290
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Messages Sent from the BlackBerry are encrypted and compressed. This applies to PIN messages as well. They cannot be monitor or intercepted from the air. All BlackBerry traffic email and PIN travel through the BlackBerry infrastructure.

PIN messages are more secure because they do not travel through the internet. Mail messages must travel via the internet. This happends after the messages leave your corporate mail server and get delivered to the recipients. During internet travel BlackBerry email is not encrypted nor is it compressed unless you are using S/MIME end to end encryption.
Offline  
Old 07-28-2005, 11:58 PM   #16 (permalink)
Thumbs Must Hurt
 
Rancor's Avatar
 
Join Date: Jun 2005
Location: Dathomir
Model: 7730
Carrier: Zefr
Posts: 171
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

LOL. that sounds like a "Trust me - Everything is secure!" answer from Research In Motion.

RIMemployee can you explain how a PIN to PIN message can possibly be encrypted and unencrypted at each end without a matching encryption key?
__________________
!

Last edited by Rancor : 07-29-2005 at 01:29 AM. Reason: Grammer
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.