BlackBerry's Encryption Hacked; Backups Now a Risk

← Back to Stories (view on slashdot.org)

BlackBerry's Encryption Hacked; Backups Now a Risk

Posted by Soulskill on Friday October 1, 2010 @04:51AM from the good-news-for-india dept.

GMGruman writes "InfoWorld blogger Martin Heller reveals that a Russian passcode-breaker developer has broken the encryption used in BlackBerry backups. That can help recover data when passwords are lost, but also gives data thieves access to a treasure trove of corporate secrets. And the developer boasts that it was easier to crack the BlackBerry encryption than it was to crack Apple's iOS."

12 of 120 comments (clear)

But... the playlists! by Kenja · 2010-10-01 04:54 · Score: 4, Funny

Notice how the blackberry adds have shifted from being about business apps and security to how cool it is that you can edit a MP3 playlist.

Whole thing smacks of desperation.

--

"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
1. Re:But... the playlists! by MyLongNickName · 2010-10-01 05:03 · Score: 3, Funny
  
  Notice how the blackberry adds
  Adding is easier than factoring primes. This might have something to do with the security problem.
  
  --
  See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
2. Re:But... the playlists! by MyLongNickName · 2010-10-01 05:05 · Score: 3, Funny
  
  Damn. I hit submit. I cannot believe I said "factoring primes". I considered playing it off like it was pat of the joke, but that would just be dishonest.
  Please revoke my nerd card and send me to business school.
  (here is hoping my x minutes since last post allows me to correct myself before I get ripped by 350 nerds)
  
  --
  See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
3. Re:But... the playlists! by BobNET · 2010-10-01 05:15 · Score: 4, Funny
  
  I cannot believe I said "factoring primes".
  Hi, Bill!
  "The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers."
  -- Bill Gates, 'The Road Ahead'
4. Re:But... the playlists! by treeves · 2010-10-01 05:26 · Score: 4, Funny
  
  Well, it's true: adding IS easier than factoring primes. It's also easier than dividing by zero, trisecting an angle with a compass and straightedge, and calculating the last digit of pi.
  
  --
  ...the future crusty old bastards are already drinking the Kool-Aid.
5. Re:But... the playlists! by noidentity · 2010-10-01 06:03 · Score: 2, Funny
  
  Notice how the blackberry adds have shifted from being about business apps and security to how cool it is that you can edit a MP3 playlist.
  
  pYou know you're a geek when you read the above sentence and first think it's describing the encryption algorithm that was hacked (add, shift).
6. Re:But... the playlists! by AliasMarlowe · 2010-10-01 07:34 · Score: 5, Funny
  
  The last digit of pi is "7". You can take my word for it, or prove me wrong.
  Nope, you're wrong. The last digit of pi is zero.
  This is because pi is exactly 10 (base pi).
  
  --
  Those who can make you believe absurdities can make you commit atrocities. - Voltaire
Does this make them legal in the Middle East now? by Suki+I · 2010-10-01 05:11 · Score: 2, Funny

Does this solve that encryption complaint the UAE, Saudis and others had about Blackberry?

--
Home of The Suki Series
If only the article supplied more information by apparently · 2010-10-01 05:15 · Score: 3, Funny

Backup encryption uses AES with a 256-bit key. So far, so good. An AES key is derived from the user-supplied password, and this is where the problem arises. In short, standard key-derivation function, PBKDF2, is used in a very strange way, to say the least. Where Apple has used 2,000 iterations in iOS 3.x, and 10,000 iterations in iOS 4.x, BlackBerry uses only one.
If only the article had the above information on page 2, you'd have the answer to your question. If only.
Look out for flying hockey pucks at by BoRegardless · 2010-10-01 05:20 · Score: 2, Funny

RIM headquarters.
In other news by RegTooLate · 2010-10-01 05:37 · Score: 4, Funny

The NSA announced today that they are offering secured online backup for all Blackberry users. RIMM responded saying they were surprised how quickly the DNS poison spread but wish the NSA well in their user friendly backup service. Many Middle East governments are also now offering the easy secure backup service as well.
Re:Really? by bigrockpeltr · 2010-10-01 05:41 · Score: 2, Funny

Up, Up, Down, Down, Left, Right, Left, Right, B, A, send

--
$ unzip, strip, touch, finger, grep, mount, fsck, more, yes,fsck,fsck,fsck,umount, sleep