Quite a few readers sent me this new update from Cellebrite wondering what my take was. Cellebrite has been offering forensics tools for BlackBerry and many other platforms for years. The only thing they are guilty of is never mentioning the huge caveats in their headlining claims. For example, they have now extended their image decoding of a BlackBerrys NAND memory to include BBM group chats and deleted messages. They also go on to say how organized criminals have been using “encrypted BBM communications” to “hide” activities from the police. When you first read this it may sound like a HUGE security breach on BlackBerrys until you read the fine print and FAQs.
Fine Print Caveat #1:
According to Cellebrite’s public FAQ they only support extracting ANY data from a BlackBerry which has NO PASSWORD and thus no encryption. If there is a password set then you need to provide it.
Fine Print Caveat #2
They falsely state that BBM messages are encrypted. As we have clarified in the past BBM messages are not encrypted (more info in this post) but are scrambled using a public key that is on every single BlackBerry. If a criminal really wanted to they could get attached to a BES that does offer full BBM encryption but will not let you BBM anyone outside your BES.
In other words this Cellebrite tool is only useful for forensics purposes on a BlackBerry without a set password (or where you have access to the password) and no encryption enabled. In other words Cellebrite is mostly just going to give forensic specialists access to data they already have access to without Cellebrite. The new claim to giving access to deleted BBM messages seems interesting but I will have to check into that. If I am not mistaken that deletion is completed at the next reboot but I have to confirm.