A little disclaimer to pacify the wrath (that I may face) of BlackBerry lovers: The idea behind this article is not to denounce or to find faults with the BlackBerry OS. If anything, I believe it to be one of the most secure mobile operating systems in the world. Instead, it is an effort to talk about how the integrity of communications originating from a BlackBerry device can be compromised. The ‘memo’ crisis in the country (hint: an ambassador, a businessman, and the media) makes the argument more interesting, as a claim is being made that BBM (BlackBerry Messenger) messages might be forged or spoofed, while the authorship of those text messages is yet to be confirmed.
Well, let’s not get carried away and just start off with the basics. In a BlackBerry, PIN-to-PIN messaging uses Triple Data Encryption Standard (Triple DES). It is relatively more secure than regular unencrypted e-mail, because the messages are not exactly travelling over the internet; rather, they are routed via the path described below:
- A BBM PIN-to-PIN message sent by a user is sent to the cellular service provider’s network.
- The cellular service provider then forwards the message to the Research in Motion (RIM) relay station in Canada.
- The RIM relay station then relays the message to the receiving BlackBerry’s cellular service provider.
- The (receiving) cellular service provider then transmits the message to the intended recipient.
The Achilles’ heel of BBM is that while PIN-to-PIN messages are encrypted using Triple DES, RIM adds a global cryptographic “key”, which is shared between every BlackBerry device manufactured. This automatically allows a situation (in theory, at least) where, if the messages can be intercepted at the cellular service provider’s network and the hacker party manages to spoof the intended recipient’s PIN, any BlackBerry device can be used to decrypt all PIN-to-PIN messages sent by any other BlackBerry device.While this has never happened as yet, or at least has not been brought to our attention, the scenario lies entirely within the realm of possibility.
The same key, used by all BlackBerry devices to be able to decrypt PIN-to-PIN messages, can be used by RIM at their relay station to decrypt any user’s messages. Again, this is not to suggest that RIM is in the business of reading their users’ content. However, if legally put to the task, RIM can provide decrypted PIN-to-PIN messages in clear-text to law enforcement authorities.
In addition to the above mentioned methods, commercial software is available in the market that can be:
- deployed on your BlackBerry device by a non-authorised user or
- remotely deployed by either state agencies or the network service provider on their behalf.
These software essentially act as key loggers on your BlackBerry, copying and transmitting all sorts of information that you view and have access to your smartphone. Furthermore, a BBM’s data can only be removed by carefully going through the list of applications/services installed on the device or by hard-resetting it.If, as a business, you choose to keep the message exchange between you and your employees secure, you will need to install a BlackBerry Enterprise Server (BES) at your premises. That is the only way to enhance the security of the message before it leaves your BlackBerry handheld. While it is also possible to deploy Pretty Good Privacy (PGP) encryption on the BlackBerry, it exceeds the scope of this article.
However, it should be understood that if you are not using BES, you should not consider PIN-to-PIN messages as ‘secure’ and/or encrypted. The messages are only scrambled to the point where a normal third party cannot view them.
Now, coming down to the argument being presented in the current political fiasco, it’s understood that privacy advocates will come down hard on RIM to keep it from invading the privacy of the involved users. At the same time, we should also consider the Britain’s Regulation of Investigatory Powers Act, which carries stringent provisions for protecting user rights, and makes it nearly impossible, without long court battles, to get hold of the data.
Additionally, many people argue that it is entirely possible that BB chat exchanges can be created, distorted or even modified. This, while possible, remains a highly unlikely eventuality, as this would require alteration of data on the cellular service provider’s network, before being fed into the RIM relay station. As for this Memogate scandal, the Pakistani diplomat was staying in the US back then, therefore it would automatically imply a foreign government’s involvement.
If we take a closer look at events in the past, then this might not be the first time that demand for access to exclusive data has been put forward. RIM’s encrypted communications have caused grievances to oppressive regimes in the Middle East as well. Several countries of the region threatened to ban BlackBerry services altogether if RIM didn’t give them access to BB chat exchanges, primarily for “counter-terrorism purposes”. RIM did eventually agree to provide access – and that is probably what will happen in Pakistan’s case as well.
Abdullah Saad is the co-founder of Wccftech.com and is a freelance writer. He wrote this article for the February 2012 edition of Spider Magazine.