BlackBerry Encryption Broken

TechWorld reports a Russian security company, Elcomsoft, who sells forensic software to Law Enforcement and security specialists, has upgraded their phone password cracking suite with the ability to crack the master device password for Research in Motion’s BlackBerry devices. Elcomsoft Phone Password Breaker enables forensic access to password-protected backups for smartphones and portable devices including Apple iOS platforms.

 

Before Elcomsoft developed the product, there was no way that I am aware of to crack a device password on a BlackBerry smartphone or PlayBook tablet.  BlackBerry PDAs are configured to wipe all data if a password is typed incorrectly after 10 attempts.  Elcomsoft found a way around the problem using a removable media card, IF a user has configured their smartphone to encrypt data on any inserted media cards.  This feature is disabled by default, but around 30% of BlackBerry users have it enabled as a best practice for extra security.   Might want to review your standards and check on this setting.

Advertisements