Dutch police hack into "uncrackable" blackberry.

http://m.phys.org/news/2016-01-dutch-police-hack-uncrackable-blackberry.html

The news first leaked in December on a Dutch blog Misdaadnieuws.com which revealed that the Netherlands Forensic Institute (NFI) had broken into Blackberries equipped with the Pretty Good Privacy (PGP) encryption programme Dutch police confirmed Wednesday they have found a way to hack into messages on Blackberry data-encrypted smartphones, which claim to be the world's most secure communications devices.

The news first leaked in December on a Dutch blog Misdaadnieuws.com which revealed that the Netherlands Forensic Institute (NFI) had broken into Blackberries equipped with the Pretty Good Privacy (PGP) encryption programme.

Even deleted emails could "largely" be recovered, although police could not hack into the phones from a distance, but had to have them in their hands, the website said, linking to a number of excerpts from what it said were NFI reports.

The institute, which helps police in retrieving forensic evidence in Dutch criminal cases, told AFP the reports were authentic.

"We can confirm that these reports were indeed from NFI," the spokesman said.

It could prove a blow to Blackberry, which is beloved by many governments--including in the United States, where White House officials are routinely issued with the devices in a bid to keep email communications as secure as possible.

Reporters, businesspeople and criminals have also long been attached to the smartphone which in its heyday was dubbed the "Crackberry"--so addicted did users become.

Blackberry, a Canadian company, said in a statement: "We are confident that BlackBerry provides the world's most secure communications platform to government, military and enterprise customers."

It added however that it could not "comment on this claim as we don't have any details on the specific device or the way that it was configured, managed or otherwise protected".

The company also did not "have any details on the nature of the communications that are claimed to have been decrypted."

Blackberry was a pioneer in the smartphone market, but has gradually lost out to stiff competition as consumers have shifted to devices running on Google Android and Apple's IOS operating systems. It now holds less than a one percent share of the smartphone market.

According to one of the extracts published by the Dutch website dating from January 2015, the police had extracted some 325 encrypted emails from a Blackberry 9720 and managed to open 279 of them.

The method relies on a programme UFED4PC created by the Israeli company, Cellebrite, it said.


Comments


[18 Points] AdventureTimeSupply:

Blackberry data-encrypted smartphones, which claim to be the world's most secure communications devices.

No one considers consumer Blackberry secure. They have been the most vocal phone maker in support of the government's side of the privacy debate. They are open about providing wiretapping when asked, and critical of true end-to-end encryption. With the exception of BBM Enterprise, Blackberry controls their users encryption keys. Blackberry CEO said Apple's stance on privacy has taken us to a dark place.

This hack was done on a legacy BlackBerry no longer supported with security updates. This article is meaningless.


[2 Points] None:

.... While smokin a blunt......


[1 Points] 323203293:

Seems like blackberry did not account for a cold boot attack with their claim of being "uncrackable"?


[1 Points] asimplescribe:

If it can be done, it can also be undone. Reminds me of "indestructible" dog toys that my dog rips apart in 15 minutes.


[1 Points] reddit_lurker242:

If it was hacked into, how was it uncrackable?


[1 Points] Vendor_BBMC:

Governments often start rumours that they can crack something they can't, to stop ISIS from using it.

Its a bit misleading to state that Blackberry messenger uses PGP.


[1 Points] None:

my blackberry q10 , if you get the password wrong six times it reset the entire thing, very good no password cracker could get it right in six tries


[1 Points] QuantikXanax:

I have witnessed over 20 PGP blackberrys seized over the course of my "career", and only ONE of them was ever cracked. They only recovered the messages that were in the phone (around 3 days history) and it was cracked after 8 months of seizure because the password was too short like "dancer1988"

If your password is secure (15+ caracters) and the manufacturer, provider of your phones do not hold the private keys, you have nothing to worry about.


[1 Points] Clix828:

[deleted]

What is this?


[1 Points] Leah_Undercover:

Cold boot attacks, remote possibility of PGP being broken. Another likely scenario is that the OS simply traces the keyboard program when the <encryption> program opens, observes all keyboard entries, and covertly sends it back to the manufacturer during system updates. Until a phone with 100% open source features (firmware included) comes along and gets audited, the only good advice when it comes to phones is not to use one for business.


[1 Points] empirekhan:

Do you think really hacking or blackberry sell with giblets?