BlackBerry Forums Support Community - View Single Post

6502programmer · 02-19-2008, 02:33 PM

I think it's a stretch to say it's "unhackable". NOTHING is unhackable.

What is more accurate is to say that it would take sufficient resources and sufficient time such that the value of any attack on it is worthless. Security is not about making something unreachable, it's about making it so difficult to get to something that it takes enough time, money, and resources that it becomes unprofitable to do it.

Given millions of dollars, I'm pretty sure someone could find who has access to the signing keys, determine who in the list has the easiest to exploit weakness, and then aim for maximum hurt. My guess RIM is prepped for that, and has thoroughly vetted anyone and everyone who even knows where the keys are kept. They've built a formidable reputation for security, but as a private corporation, I doubt they could fend off a motivated nation-state.

02-19-2008, 02:33 PM	#39
6502programmer Thumbs Must Hurt Join Date: Aug 2005 Model: 9000 OS: 4.6.0.266 Carrier: AT&T Wireless Posts: 69	I think it's a stretch to say it's "unhackable". NOTHING is unhackable. What is more accurate is to say that it would take sufficient resources and sufficient time such that the value of any attack on it is worthless. Security is not about making something unreachable, it's about making it so difficult to get to something that it takes enough time, money, and resources that it becomes unprofitable to do it. Given millions of dollars, I'm pretty sure someone could find who has access to the signing keys, determine who in the list has the easiest to exploit weakness, and then aim for maximum hurt. My guess RIM is prepped for that, and has thoroughly vetted anyone and everyone who even knows where the keys are kept. They've built a formidable reputation for security, but as a private corporation, I doubt they could fend off a motivated nation-state. __________________ 957 => 5820 => 7280 => 7290 (UL) => 8820 (UL) => 9000 (UL/DB) => 9800
Offline