Forgot your password?

RCMP Wiretaps PIN Messages

PoliceICE.jpg

On Thursday, the Royal Canadian Mounted Police (RCMP) made a crackdown on crimes, resulting in more than 30 arrests. How did this occur? Well, the police in Quebec, Canada intercepted more than a million BlackBerry PIN-to-PIN communications which allowed them to do these arrests.

In this instance, the RCMP took the rare step of publicly highlighting its interception of the Canadian company’s supposedly secure “PIN-to-PIN” communications.

However, as noted by the globeandmail:

Experts canvassed say that the Mounties could not have directly cracked the codes belonging to BlackBerry, a company that is often still touted as the maker of the world’s most secure commercial smartphones.

Instead, it’s likely that authorities got a judicial order compelling them to help decode communications.

Yet police aren’t saying what happened. Neither is BlackBerry.

However, the article too states that it has been available for about 2 years already. What do you guys think?

Via GlobeAndTheMail

10 total comments on this postSubmit your comment!
  1. If the NSA and RCMP can intercept BlackBerry Messenger messages then BlackBerry’s security feature is just a joke…
    More likely a court order…unless they knew about the heartbleed bug and used that as well.

  2. I’m going with court order, too. Just the more likely scenario.

  3. It’s called a lawful access request. The RCMP used a court order to get lawful access to the specific BB users’ transmissions. Standard stuff.

  4. Ok people! Let’s be clear! This is a known fact! Any BB connected to a BIS server is not totally secure. All the RCMP had to do is route those messages to another BB as well and probably replicate this PIN to this new BB they needed to route the traffic to. Remember that BBM and Pin-to-Pin messages when on a BIS or not (This does not apply to BES customers), are only SCRAMBLED and not ENCRYPTED. Also a BB uses a global encryption key which is present in all BB devices. So all they have to do is take another BB device and ask BB to route the traffic to their BB as well and simulate the pin of the destinated phone. Very simple. There was no hack involved and most probably the RCMP needed a court order to ask BlackBerry to do so.

    Please inform and educate other people who might assume stupid stuff and they may even start saying that BB is not secure. BB is still extremely secure and if those guys would of gotten a BES and the necessary licences for each phones, this wouldn’t of happened unless RCMP gets a warrant to cease their BES access and encryption keys. Which means they would need to arrest the admin of that BES which now becomes way more difficult if he’s loyal to his fellow mobsters.

  5. They must have been using BIS. Im very surprised that mobsters wouldn’t have been smart enough to use BES with PGP

  6. let us be clear PIN to PIN is not BBM and is not secure http://www.theregister.co.uk/2013/02/27/blackberry_pin_to_pin_hypegasm/ Note that the “BlackBerry Solution Security Technical Overview” document published by RIM specifically advises users to “consider PIN messages as scrambled, not encrypted”.

  7. Court Order. Plus we are talking about PIN to PIN here, not BBM, which is pretty much the most secure messaging platform in the world. Looking forward to eBBM and/or a more secure BBM where these authorities can stay out of peoples business.

    Take it as you would like, but the NSA took them over 1 year to eventually crack into BlackBerry’s. iOS took them about 2 weeks, and Android, less than 1 week. Lets not discuss WP8, lol./

    • BBM is not the most secure method of communication, and as seen, a request by government can reduce any security features in place to none (even though the chance of being targeted by such request is very low for ordinary users).
      Only truly secure way of talking to people is by using end-to-end cryptography, which blackberry released earlier this year, but for enterprise customers only. This way no-one can know the contents of the message except for sender and receiver.

      I don’t understand why they would not add end-to-end to all BBM clients. Then they could truly boast that their chat platform is the safest, which would most likely give them additional PR and customer base.

      Oh well, XMPP + ChatSecure work perfectly fine, so no money for BBM or Blackberry. Their loss.

BlackBerry© is a registered Trademark of BlackBerry Limited. BerryReview is in no way affiliated with BlackBerry Limited though sometimes their lawyers send us love letters...

Copyright © 2007-‘2016’ BerryReview LLC