Elcomsoft breaks BB password by hacking encrypted media card
Read this very carefully...
ElcomSoft Recovers BlackBerry Device Passwords It doesn't say they can hack your BB password directly from the device, but rather if your media card is encrypted using the device password. They are hacking the media card, NOT the device. Simple answer - either don't encrypt your media card or encrypt it another way, such as device key + device password. No need to panic. BB has not been hacked. |
Re: Elcomsoft breaks BB password by hacking encrypted media card
Quote:
|
Re: Elcomsoft breaks BB password by hacking encrypted media card
The card is being hacked, not the device. Without the card being encrypted in a certain way, the hacking they are doing would not gain access to the device.
|
Re: Elcomsoft breaks BB password by hacking encrypted media card
Quote:
Following your logic if i break into your house through a window, your premises' security is not compromised because i didn't structurally compromised the walls by breaking through the bricks of the building. |
Re: Elcomsoft breaks BB password by hacking encrypted media card
Quote:
|
Re: Elcomsoft breaks BB password by hacking encrypted media card
My question is which device, OS, etc was hacked? Was it OS 4.x, 5, 6, 7? If it was an earlier OS, has this issue been corrected in more recent OSes?
|
Re: Elcomsoft breaks BB password by hacking encrypted media card
Quote:
|
Re: Elcomsoft breaks BB password by hacking encrypted media card
*sigh*
|
Re: Elcomsoft breaks BB password by hacking encrypted media card
Let's go back to the house window analogy. If you used the open bedroom window to break into my house, but I have locked the bedroom door from the outside, you ceratinly have gained access to my bedroom-but no where else in my house.
|
Re: Elcomsoft breaks BB password by hacking encrypted media card
Quote:
Recovering the device password off the media card does in fact give you access to the entire device. Once you know what the password is, the device is compromised. (Assuming you have physical possession of said device.) Make no mistake about it... if this software does what it says it does, it's a security problem and headache that RIM is going to need to face. The last thing they need is more bad press... so just the fact that this news is "out there", whether confirmed or not, is going to be a big deal for RIM. |
Re: Elcomsoft breaks BB password by hacking encrypted media card
There's no disputing that getting the password from the media card gives you access to the device.
However, the 'hack' happened on the card, NOT the device. That's the difference. Either way, it's not good, but the device itself was not hacked, per say. It's as if I locked my house, but left a key under the flower pot on the front door. A 'hack' would mean someone picked the lock to get in. However, because they found the key under the flowerpot the key was not 'hacked'. Still bad they got in the house, but how they got there is different. |
Re: Elcomsoft breaks BB password by hacking encrypted media card
I agree with Penguin, no matter how you look at it, it is bad for RIM and their reputation for security.
|
Re: Elcomsoft breaks BB password by hacking encrypted media card
We can use analogies to describe security models until we're blue in the face. Things are rather simple though.
1) The handset + the OS are RIM products. 2) The filesystem + the encryption are RIM products. 3) The feature that allows the user to protect the card using the device password is a RIM product. 4) Getting the device password via ANY possible attack vector compromises Blackberry security. From the above combined we get that if certain conditions are met (rather common) an attack on files stored on SD compromises blackberry security to device level and exposes all confidential info stored. It's a flaw, a RIM flaw, juwaack wants to blame the SD card. That's a dumb magnetic medium. Never promised you or offered any kind of security protection. RIM did both. |
Re: Elcomsoft breaks BB password by hacking encrypted media card
The vendor's website says the software works on all versions of the BlackBerry OS and all iOS devices up to 4.x. Price is reportedly $200.
|
Re: Elcomsoft breaks BB password by hacking encrypted media card
Yup iPhones too.
And on the BlackBerry, it can only be an alpha password either all lower or uppercase, no password with a numeral or special character or mixed case can be hacked. |
Re: Elcomsoft breaks BB password by hacking encrypted media card
Quote:
We can use analogies to describe security models until we're blue in the face. Things are rather simple though. 1) The handset + the OS are Apple products. 2) The filesystem + the encryption are Apple products. 3) The feature that allows the user to protect the card using the device password is an Apple product. 4) Getting the device password via ANY possible attack vector compromises Apple security. From the above combined we get that if certain conditions are met (rather common) an attack on files stored on SD compromises blackberry security to device level and exposes all confidential info stored. It's a flaw, a Apple flaw, the-economist wants to ignore this and focus only on RIM. . That's a dumb apple fan boi. Never promised you or offered any kind of security protection. Apple did both. Works? By the way, the-economist, Raphael gave me a message to give you. |
Re: Elcomsoft breaks BB password by hacking encrypted media card
Quote:
i'm trying hard to find the word apple or any apple inc products mentioned anywhere in the thread until you started trolling... :? |
Re: Elcomsoft breaks BB password by hacking encrypted media card
It wasn't.
But the same software does the same does the same on the iPhone. Don't tell me you didn't know that. You can't be that daft, can you? |
Re: Elcomsoft breaks BB password by hacking encrypted media card
So what have we learned
Use a complex password ie 8lack8eRry2081!! and well now very difficult to obtain |
Re: Elcomsoft breaks BB password by hacking encrypted media card
Quote:
Also I posted that it works on iOS before JSanders posted. Did you not read that either? The last time I checked iOS was an operating system for Apple mobile devices. |
All times are GMT -5. The time now is 11:34 PM. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.