BlackBerry's Encryption Hacked; Backups Now a Risk 120
GMGruman writes "InfoWorld blogger Martin Heller reveals that a Russian passcode-breaker developer has broken the encryption used in BlackBerry backups. That can help recover data when passwords are lost, but also gives data thieves access to a treasure trove of corporate secrets. And the developer boasts that it was easier to crack the BlackBerry encryption than it was to crack Apple's iOS."
But... the playlists! (Score:5, Funny)
Whole thing smacks of desperation.
Re:But... the playlists! (Score:4, Funny)
Notice how the blackberry adds
Adding is easier than factoring primes. This might have something to do with the security problem.
Re: (Score:3, Funny)
Damn. I hit submit. I cannot believe I said "factoring primes". I considered playing it off like it was pat of the joke, but that would just be dishonest.
Please revoke my nerd card and send me to business school.
(here is hoping my x minutes since last post allows me to correct myself before I get ripped by 350 nerds)
Re:But... the playlists! (Score:5, Funny)
Hi, Bill!
"The obvious mathematical breakthrough would be development of an easy way to factor large prime numbers."
-- Bill Gates, 'The Road Ahead'
Re: (Score:2)
Re:But... the playlists! (Score:5, Funny)
Re: (Score:1, Troll)
Re: (Score:1)
And THAT's how you do theoretical physics folks... (at least the easy first bit)
Re:But... the playlists! (Score:5, Funny)
The last digit of pi is "7". You can take my word for it, or prove me wrong.
Nope, you're wrong. The last digit of pi is zero.
This is because pi is exactly 10 (base pi).
Re: (Score:1, Informative)
You fail.
10 in base 10 is 10.
2 in base 2 is 10.
Get the pattern?
Re: (Score:2, Informative)
10 in base 10 -> 10
2 in base 2 -> 10
16 in base 16 -> 10
pi in base pi .... -> 10 ....
Re: (Score:1)
0 in base x is 0
x-1 in base x is 1
x in base x is 10
Re: (Score:2)
x-1 in base x is 1
Only for x=2 :-p
10-1 in base 10 is 9, for example.
Re: (Score:1)
But pi isn't imaginary.
Re: (Score:1)
Then where does it exist, except in people's brains?
Re: (Score:1)
Hey, you expect us to read the follow-up before replying with a flame?
This is slashdot, we don't even RTFA!
Re:But... the playlists! (Score:5, Insightful)
Probably because it was only a few years ago that there was no other serious business phone that did a half-decent job of email and had management features built right in (such as encforcing endpoint encryption and remote wiping).
Now more-or-less every smartphone offers such features, and non-smart phones are rapidly starting to look like an endangered species. Blackberry no longer offer anything particularly special.
Re: (Score:1, Informative)
Ahhhhh I wouldn't say that necessarily. Flash? Remote Desktop to a Linux tower or server? Enterprise server?
Yes, that may not entice the "average" user, whatever that happens to be, may not see the need for such things, but that is why there are options.
I love my Blackberry. I put my professors' powerpoints and my notes on it to study wherever I'm at. I have it set up to run my tower at home. I use it as a USB mass storage device as well, so I don't have to worry about forgetting my USB drive at home. T
Re: (Score:2)
The iphone has remote desktop, vnc and ssh clients, as do android phones, they also have voip clients which blackberry handsets seem to be severely lacking and which are great for business use, if your physically in the office and within wireless range calls are routed over that, otherwise they are routed over your cell service.
BES runs on windows (which is not free) and requires a corporate groupware setup such as exchange, notes or groupwise, none of which are free.
Other phones now offer many of the same
Re: (Score:2)
I don't understand how you can claim blackberry is for power users, you have a closed proprietary platform tied to a closed proprietary service and requires you to run another closed proprietary server... You get far more flexibility from android, and even from iOS once you jailbreak it.
Blackberry is aimed at business users who have very limited requirements, quite the opposite of a power user.
Re: (Score:1, Interesting)
How the hell is this "insightful?"
Wake me up when Apple provides end-to-end encryption for e-mails. Oh that's right: they don't. That's why you don't see India or any other 3rd world country threatening to "shut off" iPhones. BBM isn't simply a stupid e-mail application accessing a POP3 server someplace.
The iPhone is great for people who are distracted by shiny things. But don't fool yourself into thinking what RIM is doing is "nothing special."
In addition, the summary is bogus. RIM's encryption has
Re: (Score:2)
I am pretty sure you could get that with imap over ssl on an iphone.
Re: (Score:2)
The iphone supports SSL for IMAP, POP3 and SMTP... It also supports SSL for Activesync.
There is also support for establishing a VPN connection.
Sure, Apple don't mandate the use of a proprietary service and give you the option to use plain unencrypted imap/pop3 if you want to.
What RIM are doing is locking users in to their proprietary service and proprietary server, android and ios based phones will talk to any number of standards compliant servers from a multitude of different sources with or without encryp
Re: (Score:3, Interesting)
Well, initially the Black Berry was a corporate device. Then a lot of consumers decided they want one so they could do messaging and email.
However, Apple and other manufacturers have been making smart phones which have way more consumer features than business and have been correspondingly taking a lot of market share away from RIM. In
Re: (Score:2)
I'd say that they're getting very desperate. Like 'em or hate 'em, the iPhone and its ilk have become hugely popular for non business users -- arguably, a much larger market.
Even for business users.
I've heard of many places opening up their email/calendar/directory (or Exchange) servers to iPhones and the like. Many users don't want to carry around two devices which perform the same functions.
At our place we have a How To for iPhone users but don't support beyond that. Company-supplied Blackberries
Re: (Score:2)
One of the companies I work for recently switched all employees over to iPhones because it was cheaper (and easier) to buy new phones than to buy a BES server.
"Business" users identify with luxury goods (Score:2)
Business users identify with luxury goods. There's a crossover point between cool, high tech, trendy and luxury goods that attracts business people. The iPhone is seen as high end, and this naturally draws in business people.
Re: (Score:1)
Re: (Score:2)
I didn't mean to imply you couldn't do that, hence the smiley face ... I was more sniping a little at the whole "PC vs Mac" joke and how people use the devices.
Many of the people buying smartphones specifically didn't want to do "business" activities. It is Facebook and Twitter and YouTube, not spreadsheets and concalls. The things like editing playlists was more important to the
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Funny)
pYou know you're a geek when you read the above sentence and first think it's describing the encryption algorithm that was hacked (add, shift).
Re: (Score:1)
Simple solution (Score:5, Interesting)
Re:Simple solution (Score:5, Informative)
Um, no. My last two jobs mandated them. They work exceptionally well in a business environment, and while I love the iPhone it's not yet as good for the enterprise. So for personal use, "don't get one hurr" may work, for the majority of bberry users it's not an option. That being said, most users don't back it up - if you're tied to exchange, all the important stuff is synched to it and all you need to do with a new bberry is to associate it to the same acct.
Re: (Score:2)
Where iPhone wins for me is one device for work and play. I can set up Activesync with the exchange gateway for work, and with GMail for personal use. I aslo have my own iMAP server for archiving to when GMail gets large.
Blackberry, Android and WinMobile to date can still only synch with one source at a time as far as I know.
If the company is paying, then I guess it would be a blackberry, because it is their phone, not mine. They can block extra apps, and enforce device encryption, adn it is setup automatic
Re: (Score:1)
BIS Can integrate up to 7 Email accounts and Keep them in sync with your device. A BES can do one either Exchange/Novell Groupwise/Domino. Combine a BIS and BES (Its called Enterprise-Prosumer Plus), and you get both features.
Re: (Score:1)
Remote administration by the Enterprise owner.
Why Blackberry still works (Score:5, Informative)
Remote Application Deployment from BES
Application Policies
Applications can be installed from PCs or BES, not just The Apps Steve Likes
They sell an integrated keyboard, or a narrow-factor phone, not just The Touchscreen Steve Likes
Re: (Score:2)
You can get an iPhone keyboard if you really want one. ThinkGeek will be selling a special case that adds a flip out keyboard [thinkgeek.com] later this year, in fact.
Unfortunately it just flips out, it doesn't kill people.
Re: (Score:2)
Before outlook has a chance to get it
Outlook doesn't get e-mail, outlook displays e-mail. The Mail Transport server "get"s e-mail, and stores it in a database. all outlook does is present users an interface for that database.
I think what you were trying to say was that the phones provide notification of e-mail before outlook does.
Re: (Score:2)
Outlook doesn't get e-mail, outlook displays e-mail. The Mail Transport server "get"s e-mail, and stores it in a database. all outlook does is present users an interface for that database.
I think what you were trying to say was that the phones provide notification of e-mail before outlook does.
Since Outlook version 2003 the default setting is to locally cache the content. So Outlook does indeed get email. It stores the information in a .ost file so Outlook can be used in an offline status.
Re: (Score:1)
Outlook doesn't get e-mail, outlook displays e-mail.
Configured to access a mailbox via POP3, it gets email.
Well, okay, it RETRs email, but that's just an implementation detail.
Re:Simple solution (Score:5, Interesting)
It is still a hole though, and one that is completely preventable. Most serious crypto products around uses key strengthening, be it KeePass with its variable number of rounds that are user selectable, TrueCrypt with its 1000 rounds, or iOS 4's 10,000 rounds. Heck, even the venerable crypt(3) mechanism had a number of rounds to slow down people running Crack over 20 years ago back before passwords were stored in /etc/shadow.
How can this be fixed? Use a reasonable amount of rounds (enough so it slows down brute forcing, but not too many that it kills day to day normal operation.) Also, use a salt, so rainbow table pre-computation of keys is impossible.
In the meantime, the parent poster probably has the best solution. For maximum security, add a cryptographic token and store a TC keyfile on that. This way, if someone tries to brute force the token's passphrase, they have 3-20 tries before the token permanently fries itself.
Re: (Score:3, Informative)
PBKDF2, which the BlackBerry backups use, always uses a salt. One round is a joke, though. The 4096 rounds of WPA aren't really sufficient, and the 1000 rounds of FileVault are really a mistake.
Re: (Score:2)
What would be ideal is functionality that KeePass has. It has the option to scale the amount of rounds to one second of your hardware's CPU time with the ability to edit the rounds up and down to preference. For BB users who don't want this detail, this can be a semi-hidden option and the device can compute how many rounds it does to suck up a second or two of CPU times automatically.
It is understandable why TrueCrypt doesn't do this (because it has to guess a number of times with various combinations of
Re: (Score:2, Funny)
why was it easier? (Score:2, Insightful)
If only the article supplied more information (Score:4, Funny)
If only the article had the above information on page 2, you'd have the answer to your question. If only.
Re: (Score:2)
What makes this generation so 'smart' and 'unique' when faced with a few simple solution when getting into telco work.
Open to a select few gov's or you are not a telco...
Or good crypto is expensive and made the device seem laggy during testing
Solution (Score:2)
Re: (Score:1)
Need access to the backup machine too (Score:2)
But then access to a Wintel box is trivial these days, especially with Adobe helping out.
I administer 130 blackberrys and there isn't an IPD file in the entire outfit - that's what BES and its backups are for.
Does this make them legal in the Middle East now? (Score:3, Funny)
Re: (Score:1)
Not "encryption hacked" (Score:5, Informative)
The encryption itself is just fine (at least, for now). While it's interesting that the data is transmitted in the clear and then encrypted by the backup software, they don't propose exploiting this (which would be an inconvenient attack).
This is simply a brute-force password cracker that's specific to BlackBerry backups. It's not particularly specific, either, as the backups are encrypted with AES and the key is derived from a password using the standard PBKDF2. There are tons of PBKDF2-crackers out there (like coWPAtty). The surprising thing is that they only use single-iteration PBKDF2, which is a joke.
This, incidentally, is what is meant by the statement in TFS that cracking BlackBerry backup passwords is easier than cracking iOS passwords. Difficulty in password cracking (amount of computational time per password) for PBKDF2 is roughly proportional to the number of iterations. IIRC, WPA uses 4096, Apple's FileVault uses 1000, and BlackBerry backups apparently use 1.
Re: (Score:1, Redundant)
Okay... so it's not AES that got cracked... (Score:1)
Look out for flying hockey pucks at (Score:3, Funny)
You're doing it the hard way. (Score:5, Interesting)
This "weakness" seems a little silly.
You typically make your backups on your office desktop PC, and leave them there. But all the sensitive data in the backup file was already there on that same PC, in your corporate mailbox, completely unencrypted.
Cracking a Blackberry backup file would be the hardest way to get access to that data.
Re: (Score:3, Insightful)
You typically make your backups on your office desktop PC, and leave them there. But all the sensitive data in the backup file was already there on that same PC, in your corporate mailbox, completely unencrypted.
Cracking a Blackberry backup file would be the hardest way to get access to that data.
It would create the least amount of loggable activity.
And it's much faster to copy 1 file than to dig around for XYZ # of files.
In other news (Score:4, Funny)
UAE and Saudi (Score:2)
Don't hack my blackberry... (Score:1)
why do they implement proprietary encryption? (Score:2)
Re: (Score:2)
They don't. They use industry-standard algorithms, and the encryption itself wasn't compromised.
Re: (Score:2)
They implemented perfectly good encryption in a flawed way, you don't just need industry standard algorithms, you need to be able to verify that they are implemented correctly.
Re: (Score:2)
They're implemented fine. They chose a particularly poor value for one of the parameters. Your implementation of PBKDF2 is the same regardless of the number of rounds; number of rounds is simply a parameter.
Re: (Score:2)
Choosing defaults values for parameters are done at the implementation stage, especially if those parameters are not modifiable by the user later.
since it is blackberry (Score:1)
Of course! (Score:1)
How long after the code was given to the Indian government that now it is in the wild with all sorts of hacks,
atleast we know who we can point the finger at, and hopefully learn from this, that in future when they ask for code,
just say "NO, dat is not vedy vedy nise!"
I must break you... (Score:1)
Not just secure for today (Score:2, Insightful)
Conspiracy Theory (Score:2)
RIM has been under pressure to open up backdoors for its user data to governments. This is against its official policy and promise. If it does not comply, it risks losing business in foreign markets. Now it can do so more easily because it's already leak^^^^hacked.
Decryption Snake Oil, or Panic? (Score:4, Informative)
So, it takes 3 days to crack the 7 character password. Adding 8 characters to the set (say, !@#$%^&*) would then increase that 3 days to...
2^21 more effort. Or, roughly 3 to 4 million days. Seems from the discussion that elcomsoft was able to brute force quickly (millions of passwords per second).
Add a few more characters and the effort to brute-force the thing goes up... exponentially. Unless, of course, elcomsoft has actually "cracked" the encryption, and not simply reduced the time to try a key.
What I would warn about is my "usual" advice for password generation (optional random character) word (optional random character) word (optional random character), because, as far as I can tell, that can be now be broken by elcomsoft in 2 to 3 days (assuming they know that this is the pattern used, which we have to).
Very curious to see a review of this (before panic sets in).
ratboy666
Re: (Score:2)
Re: (Score:2)
Why? Isn't the entropy increase the same? Should that not be (60-52)^7?
Re: (Score:2)
If that were the case, increasing the alphabet by 1 would have no effect since (53-52)^7 = 1.
The number of different 7-character passwords using a 52-character alphabet is 52^7, while using a 60-character alphabet it is 60^7: an increase by a factor of 60^7/52^7 = (60/52)^7.
Apple Encryption vs BB Encryption (Score:2)
The article says that but I was under the impression that the iPhone encryption was worthless because it never lets you access data in an encrypted format. What I mean is there was a race condition where you could have an iPhone plugged into a computer and turned off and when you turn the pho
Give us a break (Score:3, Insightful)
Both the headline and the article are overheated.
The "crack" requires that
More than a bit of a stretch.