Published in Mobiles

Blackberry plays down Elcomsoft security claims

by on07 October 2011


You can't really guess the password
Fudzilla has been told by the BlackBerry Security Incident Response Team (BBSIRT) that it is extremely difficult for its smartphones to be hacked using the technique developed by Elcomsoft.

Last week we wrote a story where Elcomsoft claimed that it was possible to use its tool to brute-force attack to guess the smartphone password by attempting to decrypt the contents of a media card that has been removed from the smartphone. However according to a Blackberry spokesman for this tool to do what Elcomsoft claims, an IT administrator or the smartphone user must have chosen to encrypt the contents of the media card with the smartphone password only.

Not only that the attacker must have access to the media card from the smartphone, and the tool would have to successfully guess the password. To then use the password to unlock the smartphone, that attacker would also have to have access to the smartphone. If users want stronger protection, they can encrypt the contents of an optional media card, choose the option to encrypt using a device key or the combination of a device key and the device password.

Anyway, RIM recommends that users always use strong passwords which have punctuation marks, numbers, capital and lowercase letters does not include the user name, account name, or any word or phrase that would be easily guessed.
Rate this item
(0 votes)