Dutch Police Claim They Can Crack Emails On Special Encrypted Blackberries

Dutch Police Claim They Can Crack Emails on Special Encrypted Blackberries

Blackberry already trades on the strength of its software's security, so you'd think that a special $US2000 ultra-encrypted Berry would be a guarantee of privacy. According to Dutch police, not so much. In a report on Dutch blog misdaadnieuws.com, since confirmed by Motherboard, the Netherlands Forensic Institute has claimed to break a series of encrypted emails held on Blackberrys modified by Canadian firm Phantom Secure.

The company claims to offer a "high-end communication service designed for sophisticated and exclusive executives", but the reality seems to be a little different. According to leaked documents, the NFI managed to pull 325 emails off a device, and decrypt 279 of them.

The technique only seems to work when authorities have physical access to a device, so it's hardly going to be a solution to the problem of encryption that politicians so love to discuss. But it's a good reminder that nothing — not even a special hyper-secure device — is impervious to the long arm of the Dutch law.

[Motherboard]


Comments

    The problem with UBER-Security, the passwords/keys become too long to remember, and too complicated to write down or type in.

    Solution: Use a memory stick or security dongle, just don't store the key/password on the actual device. So if you have your files accessible to you (ie. you have the security decryption device on your person), and the device and/or dongle falls into the wrong hands, the files are also available to your enemies (or the authorities) in relatively short order.

    The only way to ensure the files are very difficult (nothing is impossible, just implausibly difficult) to decrypt is to ensure the key and device are never in the same space, but then that degrades the utility of the encryption. It's a problem, one which is only solvable if one has a security army at their disposal.

    Remember, even if you are using 1028Mb encryption (implausible) the weak link is (apart from SSL) the "n" digit password you have memorised.

    It would take "all of eternity" to crack the encryption, but a relatively shorter time to crack the static password

Join the discussion!

Trending Stories Right Now