BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 09-22-2007, 12:55 PM   #101 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Oct 2004
Location: ∂pnp
Model: 8310
OS: 4.5
Carrier: AT&T
Posts: 232
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Please Login to Remove!

Quote:
Originally Posted by BigA View Post
Most importantly if anyone can crack RIM's security (AES). Not only have you cracked RIM's security you have crack all of the cryptograhpy world too.
You guys keep talking about encryption and RIM's impregnable security, but none of that matters. The message spends a lot of time traveling between mail servers on open non-encrypted links. Why do I need to break into your Blackberry if I can just sniff the traffic coming out of your Exchange server?!

Remember: Blackberry -> carrier -> BES/BIS -> mail server -> internet -> mail server -> BES/BIS -> carrier -> Blackberry.
__________________
-Dude
PlayBook, 8310, 8800, 8700, 7280, 957, 950
Offline  
Old 09-22-2007, 02:52 PM   #102 (permalink)
Thumbs Must Hurt
 
Join Date: Dec 2006
Location: Texas
Model: 8700c
PIN: Nope
Carrier: Cingular (8700c?)
Posts: 67
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I don't know where he was coming from but if he had anything I think he would have posted it a long time ago instead of taking all that abuse.

Now, did I ever tell you about the 100 MPG carbureator that a friend of an inlaw of my distant cousin knows all about that was bought off by the oil companies and buried?

MikeyMike
Offline  
Old 09-23-2007, 08:08 AM   #103 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Oct 2004
Location: ∂pnp
Model: 8310
OS: 4.5
Carrier: AT&T
Posts: 232
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by MikeyLikesIt View Post
I don't know where he was coming from but if he had anything I think he would have posted it a long time ago instead of taking all that abuse.

Now, did I ever tell you about the 100 MPG carbureator that a friend of an inlaw of my distant cousin knows all about that was bought off by the oil companies and buried?

MikeyMike
He posted his original (and first) question on 9/17 at 8:44pm. His last post was at 10:11pm. By 11:55pm that night, he's had enough abuse to never have logged on to this board again.
__________________
-Dude
PlayBook, 8310, 8800, 8700, 7280, 957, 950
Offline  
Old 09-23-2007, 01:02 PM   #104 (permalink)
BlackBerry God
 
LunkHead's Avatar
 
Join Date: Jan 2005
Location: Here
Model: 850
OS: 0.0.00001
PIN: kie swear
Carrier: USPS Priority
Posts: 10,992
Post Thanks: 160
Thanked 160 Times in 59 Posts
Default

Quote:
Originally Posted by Dude View Post
He posted his original (and first) question on 9/17 at 8:44pm. His last post was at 10:11pm. By 11:55pm that night, he's had enough abuse to never have logged on to this board again.
Please do tell about this abuse that you speak of.... I for one will be very, very interested in hearing this...

My theory on why the OP has not returned is because either RIM or the *security expert*, or both, set the OP straight and it turned out to be nothing...

If RIM or the *security expert* had information to prove post #1 of this thread then you could bet your last buck the OP would have returned to rub this proof in the faces of the nay-sayers (read: me)

Have a great day

Note to self: Add another to your block list..

Kris

Last edited by LunkHead : 09-23-2007 at 01:05 PM.
Offline  
Old 09-24-2007, 01:33 PM   #105 (permalink)
New Member
 
jsconyers's Avatar
 
Join Date: Jul 2007
Location: In a van down by the river.
Model: NOTE2
OS: 4.1
PIN: <- Where do I find this?
Carrier: Sprint
Posts: 15,071
Post Thanks: 139
Thanked 140 Times in 121 Posts
Default

Quote:
Originally Posted by Dude View Post
You guys keep talking about encryption and RIM's impregnable security, but none of that matters. The message spends a lot of time traveling between mail servers on open non-encrypted links. Why do I need to break into your Blackberry if I can just sniff the traffic coming out of your Exchange server?!

Remember: Blackberry -> carrier -> BES/BIS -> mail server -> internet -> mail server -> BES/BIS -> carrier -> Blackberry.

This statement is not true when using a BES. The message is encrypted prior to leaving the handheld or BES and then decrypted once being received by the handheld or BES.

Message flow to a handheld

1) New Message arrives: the Microsoft message transfer agent delivers message to userís desktop email mailbox.

2) Message notification: Blackberry maintains a MAPI connection to the userís mailbox. The connection enables the server to use the same notification for new mail, blackberry processes message as it arrives.

3) Message filters are applied: BES checks message fields against global filter rules.
BES then applies user-defined filters.

4) Message ID is assigned: BES randomly generates a reference id and tag.

5) Message is compressed and encrypted.

6) Message sent to wireless network: BES sends the first portion of the message through port 3101 to the wireless network, which verifies the PIN belongs to belongs to a valid handheld registered on the network
7) Confirmation is returned: The network locates the handheld and delivers the message.
8) Arrives on handheld: The handheld decrypts and decompresses the message and notifies the user of new mail.





Message flow from the handheld

1) Message sent from handheld, on the handheld the message is assigned a reference id.
2) Message is compressed and encrypted.

3) Message is sent to BES Server, through port 3101 to the wireless network to the Blackberry Server.

4) Message is decrypted and decompressed: BES decrypts and decompresses the message. If the message does not match the users encryption key, the message is discarded.

5) Message is placed in outbox on the Exchange Store.

6) Message delivery: The Exchange MTA delivers the message.

7) Copied to sent items folder: A copy of the message is placed in the userís desktop email program sent items folder.

Therefore if you do happen to "sniff the traffic coming out of the Exchange server" you would only get an encrypted message. Now for BIS, I am not to sure. Also We do not know what mail client the OP was using, nor do we know if he was using BIS or BES.
Offline  
Old 09-24-2007, 03:12 PM   #106 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Oct 2004
Location: ∂pnp
Model: 8310
OS: 4.5
Carrier: AT&T
Posts: 232
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

But what happens to the message as it travels between mail servers of two different companies?
__________________
-Dude
PlayBook, 8310, 8800, 8700, 7280, 957, 950
Offline  
Old 09-24-2007, 11:19 PM   #107 (permalink)
Knows Where the Search Button Is
 
Join Date: Sep 2005
Model: 7520
Carrier: nextel
Posts: 26
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Dude View Post
But what happens to the message as it travels between mail servers of two different companies?
That part isn't encrypted, but it doesn't matter -- the OP's beef was that the original message stored on the blackberry was modified as well as the one the recipient received.

THAT is the part that just isn't possible -- once the message has been keyed, encrypted, and sent out, it's locked down.
Offline  
Old 09-26-2007, 07:04 PM   #108 (permalink)
New Member
 
Join Date: Aug 2007
Location: Washington, DC
Model: 9700
PIN: N/A
Carrier: T-Mobile
Posts: 13
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by jsconyers View Post
Therefore if you do happen to "sniff the traffic coming out of the Exchange server" you would only get an encrypted message. Now for BIS, I am not to sure. Also We do not know what mail client the OP was using, nor do we know if he was using BIS or BES.
Thats not right when the e-mail message leaves the senders e-mail server it is not encrypted, the senders BES server unencrypts and decompress it before handing it off to the e-mail server.

and I am getting this from the RIM Certification guide as I am currently working on my RIM Certification
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.