Blackberry B/U Encryption Cracked

Think your BlackBerry data’s safe because it’s encrypted on the phone, in the air, and on backup?   Unh-unh-unh, there goes the neighborhood!

Competitive Russian software developers ElcomSoft and AccentSoft together have developed effective password-cracking programs for most common desktop encryption formats and have targeted the BlackBerry with a Phone Password Breaker that was previously limited to Apple mobile devices.  Because the device itself can wipe itself if attacked directly, they developed a tool that works on the backups that the phone and its software can create on your desktop.

Like all password-cracking programs, this tool is a double-edged sword.  It can save your behind if you really need to get at the data backed up from a phone that’s been stolen or remotely wiped.  On the other hand, criminals who get their hands on your backup now have a way to read your business data. 

In testing, It takes much less time to brute force a password if the password is all one case, subject to a dictionary attack, or is partially known.  It only takes 3 days to break a 7-letter mixed-case password.  A little longer if there are numbers and special characters in the password, or the password is longer.  

ElcomSoft

Advertisements