There are CDMA, GSM, and iDEN versions of BlackBerry’s. In addition to the either an ESN/MEID or IMEI number on the compliance plate, a PIN will also be observed on each BB device. The PIN is unique to each BlackBerry and consists of 8 alpha numeric characters. Message pathways for all BB devices are set up as follows: first through the NSP where the device is hosted and then through a RIM Relay maintained by RIM in Waterloo, Ontario, Canada, their worldwide corporate headquarters.
BlackBerry Messaging:
There are several messaging options with a BlackBerry device.
1. PIN to PIN
2. SMS
3. MMS (Multimedia Messaging Service)
4. Email
According to BlackBerry Enterprise Solution Security Version 4.0.x Technical Overview paper, the following is stated on PIN, SMS and MMS messaging with respect to BlackBerry devices:
“A PIN uniquely identifies each BlackBerry device on the wireless network. If a user knows the PIN of another BlackBerry device, they can send a PIN message to that BlackBerry device. Unlike an email message that the user sends to an email address, a PIN message bypasses the BlackBerry Enterprise Server and the corporate network.
During the manufacturing process, RIM loads a common peer-to-peer encryption key onto BlackBerry devices. Although the BlackBerry device uses the peer-to-peer encryption key with Triple DES to encrypt PIN messages, every BlackBerry device can decrypt every PIN message that it receives because every BlackBerry device stores the same peer-to-peer encryption key. PIN message encryption does not prevent a BlackBerry device other than the intended recipient from decrypting the PIN message. Therefore, consider PIN messages as scrambled—but not encrypted—messages.
BlackBerry Security Mechanisms: Password protection can be applied to a BB device. The password length can vary depending upon the content protection strength, which is level 0 by default. It can be either user or administrator configured. There are a maximum of 10 attempts allowed. Password tampering, in attempt to unlock the device, can reduce the number of attempts by half, if Duress Notification IT policy is enabled. Or worse, initiate a device wipe that completely overwrites the data if the incorrect password is typed 10 times, if the Set Maximum Passwords Attempts Policy rule allows. According to RIM there is no back-door to unlock a password protected device (Brown, January 2007).
BlackBerry Examinations: Examination of BB devices is treated no differently than the steps described in Device Handling & Procedures explained earlier. The acquisition of data from a BB device requires that an examiner make an IPD file. The .IPD (Inter@ctive Pager Backup) file contains a backup of the BB device database. Using the BlackBerry Desktop Manager software, selected or all databases can be backed up while the BB device is connected through a USB cable to the acquisition computer.
0 Response to "BlackBerry Knowledge Base!!"