Griffin Boyce: > Jacob Appelbaum <ja...@appelbaum.net> wrote: > >> When people ask how secure BBIM is - I suppose we can now cite RIM's >> official documentation on the topic - without a BES server, it's >> encrypted with a key that is embedded in all handsets. >> > > This was critical in the London Riots case back in 2011. As most people > on this list know, building in the ability to decrypt *some* users means > that they can decrypt *all* users. Which is basically what happened [1]. > > Surely someone has already extracted this Triple DES 168-bit key, right? > > > Yep, though you may not even need it if you use another Blackberry device > (and not, say, a laptop). A Blackberry device can spoof the PIN of another > and read all of its messages. It's been a bit of a controversial topic for > a few years now, as you might imagine. > > BBM is perhaps *slightly* more secure than plain email or SMS, but users > aren't protected in case of government interest or vindictive exes. > > best, > Griffin Boyce > > [1] > http://www.guardian.co.uk/uk/2011/aug/15/mi5-social-messaging-riot-organisers-police >
Blackberry secures the connection if other firms want to get your data. If the government wants it then you should better use open source encrypted Hardware. I have been a BB user for years, but there are some mail accounts that are only used on my Laptop, not on the BB. Andreas -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
