[Dshield] Thoughts on Blackberry Security?

Michael Bitow mbitow at GuardianCapital.com
Thu Oct 7 12:47:06 GMT 2004


Odd.  My Blackerry has a password.

> -----Original Message-----
> From: list-bounces at lists.dshield.org
> [mailto:list-bounces at lists.dshield.org]On Behalf Of Wayne Beckham
> Sent: Wednesday, October 06, 2004 2:12 PM
> To: 'General DShield Discussion List'
> Subject: [Dshield] Thoughts on Blackberry Security?
> 
> 
> It seems the latest trend is for everyone to buy a blackberry 
> and use it for
> accessing corporate email.  I'm researching the security of 
> such devices.
> >From what I read on the net, RIM uses a blackberry enterprise server
> (required) to encrypt corporate email through the firewall, where's it
> decrypted on the local device.  So far so good.  But is it 
> really end-to-end
> encrypted?  
> 
> Many of my users don't have the BB secure server - they're 
> just setting up a
> rule that forwards their email to their blackberry account.  
> SOOOOO, their
> email, is being sent clear text.  Problem #2 - I read else 
> where that a
> blackberry has no passwords, local data encryption, etc., and a stolen
> blackberry is a thief's dream.  
> 
> I'm just starting to figure this out and I don't have a blackberry to
> experiment with.  I'd appreciate anyone else's insight on 
> such practices.  
> 
> - Wayne
> 
> 
> _______________________________________________
> DShield and the Internet Storm Center are sponsored by the 
> SANS Institute.
> To learn more about current SANS training, see http://www.sans.org .
> 
> _______________________________________________
> send all posts to list at lists.dshield.org
> To change your subscription options (or unsubscribe), see: 
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list