Think your BlackBerry data’s safe because it’s encrypted on the phone, in the air, and on backup? Unh-unh-unh, there goes the neighborhood!
Competitive Russian software developers ElcomSoft and AccentSoft together have developed effective password-cracking programs for most common desktop encryption formats and have targeted the BlackBerry with a Phone Password Breaker that was previously limited to Apple mobile devices. Because the device itself can wipe itself if attacked directly, they developed a tool that works on the backups that the phone and its software can create on your desktop.
Like all password-cracking programs, this tool is a double-edged sword. It can save your behind if you really need to get at the data backed up from a phone that’s been stolen or remotely wiped. On the other hand, criminals who get their hands on your backup now have a way to read your business data.
In testing, It takes much less time to brute force a password if the password is all one case, subject to a dictionary attack, or is partially known. It only takes 3 days to break a 7-letter mixed-case password. A little longer if there are numbers and special characters in the password, or the password is longer.