Another day, another piece of information to correct about BlackBerry…
Today we get a treat regarding the statement that Canadian RCMP had acquired the global decryption key used by BlackBerry. This is bothersome on a few levels. Let’s see why…
A Vice News article decided to print information today that paints a rather ugly picture and insinuates through omission that BlackBerry messaging is not secure because Canadian RCMP have had a global key since 2010. And of course it’s being picked up and regurgitated ad nauseum. There’s a few problems here:
- The global key is from 2010. That means legacy devices only
- The key was used on Pin to Pin messages, not today’s BBM
- This is an old story first told in 2013
Early on, Pin to Pin messages were sent in text but encrypted with a “triple DES” key which I believe was 168 bit. It was not recommended that you send sensitive information using that method because the key was/is global. It was a way to send messages directly device to device through a carrier that had a RIM Relay server.
Who uses that method of communication anymore? Nobody, that’s who. Today we are using BBM which is secured cross platform using TLS (Transport Layer Security). All devices that use BBM use TLS and do not soley rely on a key. This is the same method that banks and such use to communicate securely with your browser for online banking and it is increasingly being adopted for new purposes such as web chat.
The Canadian RCMP do not have or hold a key to BBM messages being sent today, or at the very least that is NOT what the Vice News article is about. Remember, it’s only about legacy Pin to Pin messaging.
This “news” article is nothing but old news. The only reason it’s out there is because of a recent court decision. Don’t get sucked into the click-bait articles or the negative comments. It’s all meaningless. Oh, and BlackBerry… Thanks for helping to keep us safer, unlike some others I could mention.
Move along people… nothing to see here.