Slashdot Mirror

← Back to Stories (view on slashdot.org)

BlackBerry's Encryption Hacked; Backups Now a Risk

Posted by Soulskill on from the good-news-for-india dept.

GMGruman writes "InfoWorld blogger Martin Heller reveals that a Russian passcode-breaker developer has broken the encryption used in BlackBerry backups. That can help recover data when passwords are lost, but also gives data thieves access to a treasure trove of corporate secrets. And the developer boasts that it was easier to crack the BlackBerry encryption than it was to crack Apple's iOS."

12 of 120 comments (clear)

  1. But... the playlists! by Kenja · · Score: 4, Funny

    Notice how the blackberry adds have shifted from being about business apps and security to how cool it is that you can edit a MP3 playlist.

    Whole thing smacks of desperation.

    --

    "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
    1. Re:But... the playlists! by jimicus · · Score: 5, Insightful

      Probably because it was only a few years ago that there was no other serious business phone that did a half-decent job of email and had management features built right in (such as encforcing endpoint encryption and remote wiping).

      Now more-or-less every smartphone offers such features, and non-smart phones are rapidly starting to look like an endangered species. Blackberry no longer offer anything particularly special.

    2. Re:But... the playlists! by BobNET · · Score: 4, Funny

      I cannot believe I said "factoring primes".

      Hi, Bill!

      "The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers."
      -- Bill Gates, 'The Road Ahead'

    3. Re:But... the playlists! by treeves · · Score: 4, Funny

      Well, it's true: adding IS easier than factoring primes. It's also easier than dividing by zero, trisecting an angle with a compass and straightedge, and calculating the last digit of pi.

      --
      ...the future crusty old bastards are already drinking the Kool-Aid.
    4. Re:But... the playlists! by AliasMarlowe · · Score: 5, Funny

      The last digit of pi is "7". You can take my word for it, or prove me wrong.

      Nope, you're wrong. The last digit of pi is zero.
      This is because pi is exactly 10 (base pi).

      --
      Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  2. Simple solution by Prune · · Score: 4, Interesting

    Back up to a non-encrypted IPD file and put it into a TrueCrypt volume--or better yet, don't back up to an insecure machine! This story would have been much more newsworthy if they had broken the actual phone's encryption, AES and elliptic curve D-H.

    --
    "Politicians and diapers must be changed often, and for the same reason."
    1. Re:Simple solution by mbourgon · · Score: 4, Informative

      Um, no. My last two jobs mandated them. They work exceptionally well in a business environment, and while I love the iPhone it's not yet as good for the enterprise. So for personal use, "don't get one hurr" may work, for the majority of bberry users it's not an option. That being said, most users don't back it up - if you're tied to exchange, all the important stuff is synched to it and all you need to do with a new bberry is to associate it to the same acct.

      --
      "Sometimes a woman is a kind of religion, she can save your soul & set you free from all your sins" - Bad Examples
    2. Re:Simple solution by mlts · · Score: 4, Interesting

      It is still a hole though, and one that is completely preventable. Most serious crypto products around uses key strengthening, be it KeePass with its variable number of rounds that are user selectable, TrueCrypt with its 1000 rounds, or iOS 4's 10,000 rounds. Heck, even the venerable crypt(3) mechanism had a number of rounds to slow down people running Crack over 20 years ago back before passwords were stored in /etc/shadow.

      How can this be fixed? Use a reasonable amount of rounds (enough so it slows down brute forcing, but not too many that it kills day to day normal operation.) Also, use a salt, so rainbow table pre-computation of keys is impossible.

      In the meantime, the parent poster probably has the best solution. For maximum security, add a cryptographic token and store a TC keyfile on that. This way, if someone tries to brute force the token's passphrase, they have 3-20 tries before the token permanently fries itself.

  3. Not "encryption hacked" by blueg3 · · Score: 5, Informative

    The encryption itself is just fine (at least, for now). While it's interesting that the data is transmitted in the clear and then encrypted by the backup software, they don't propose exploiting this (which would be an inconvenient attack).

    This is simply a brute-force password cracker that's specific to BlackBerry backups. It's not particularly specific, either, as the backups are encrypted with AES and the key is derived from a password using the standard PBKDF2. There are tons of PBKDF2-crackers out there (like coWPAtty). The surprising thing is that they only use single-iteration PBKDF2, which is a joke.

    This, incidentally, is what is meant by the statement in TFS that cracking BlackBerry backup passwords is easier than cracking iOS passwords. Difficulty in password cracking (amount of computational time per password) for PBKDF2 is roughly proportional to the number of iterations. IIRC, WPA uses 4096, Apple's FileVault uses 1000, and BlackBerry backups apparently use 1.

  4. You're doing it the hard way. by McGregorMortis · · Score: 4, Interesting

    This "weakness" seems a little silly.

    You typically make your backups on your office desktop PC, and leave them there. But all the sensitive data in the backup file was already there on that same PC, in your corporate mailbox, completely unencrypted.

    Cracking a Blackberry backup file would be the hardest way to get access to that data.

  5. In other news by RegTooLate · · Score: 4, Funny

    The NSA announced today that they are offering secured online backup for all Blackberry users. RIMM responded saying they were surprised how quickly the DNS poison spread but wish the NSA well in their user friendly backup service. Many Middle East governments are also now offering the easy secure backup service as well.

  6. Why Blackberry still works by markdowling · · Score: 4, Informative

    Remote Application Deployment from BES
    Application Policies
    Applications can be installed from PCs or BES, not just The Apps Steve Likes
    They sell an integrated keyboard, or a narrow-factor phone, not just The Touchscreen Steve Likes