On Fri, 5 Jul 2002, Brizendine, Erik wrote: > Be sure to use a password to restrict access to the 'crackberry. > > If the device is lost it is easy enough to stop the flow of emails to > the handheld, but it takes Blackberry.net two days to shutdown the > device's ability to send emails. If you have a password enabled, after > 10 bad tries the Blackberry will lock the screen. > > There is also no way to remotely empty a device of information. Again, > use a password.
I'll comment on my experience with the Blackberry 950 - other models may or may not be the same. The password is only useful to keep someone from accessing existing information on the device. It really doesn't do anything to prevent someone from sending or receiving e-mails if they are willing to reset the device. You can set an idle timeout (ranging from one minute up to an hour) after which time it will "lock" and prompt for a password. You can also "lock" it via the keyboard. After the device is locked, they have 10 chances to unlock it. If they fail in all 10 attempts, the Inbox, sent-items, notes, calendar, etc. are wiped. (Basically, a soft-reset of the device to the initial settings, as I understand it.) But... once the device is reset, they can access it without the password, and can use it until the service provider disables the unit. If someone were to find a Blackberry with the password feature enabled, but which hadn't "locked" yet, they could use it until either: - They leave the device idle for however long the idle-timeout is set to - The battery runs out, or is removed for whatever reason (The unit defaults to locked mode when the battery is replaced) The password is also required to enter the security dialogue, and the same "10 chances" applies to that as well. So, definitely use a strong password and set a reasonable idle-timeout, but be aware of the limited protection that the password provides. Hope that helps :) -- Ken Fischer, CCNA <[EMAIL PROTECTED]> PGP Fingerprint: 9523 54B6 D67B BBFB 53B3 2F3B 7E81 0891 C495 CB50 -- > -----Original Message----- > From: Gino Genari [mailto:[EMAIL PROTECTED]] > Sent: Friday, July 05, 2002 8:07 AM > To: [EMAIL PROTECTED] > Subject: Blackberry/Wireless devices > > > > Can anyone tell me what security concerns there are with the Blackberry > devices or Pocket PC's? > I am not concerned with the firewall piece of the puzzle (except for any > additional ports that are needed to be opened). > > At this point I am mostly concerned with the sniffing of transmissions, > or > the hacking of the devices themselves. > > > Thanks, > > Gino >
