Blackberry, Encryption and the RCMP

by Jeff Wiener on April 22, 2016

encryption-keyFor years Blackberry built its reputation on uncompromising mobile security, an ironclad commitment to creating secure encryption keys that were un-hackable and inaccessible to even the company itself. That commitment subsequently led to widespread adoption of Blackberry devices across government, enterprise, and law enforcement sectors, providing the necessary security to those whose jobs demanded it.

Heck, Blackberry’s reputation for security was even part of the reason for its downfall, as the encryption wars truly began years ago when various countries (strange that the encryption battle started with what we might consider oppressive regimes, and has now arrived on our doorstep) pressured Blackberry for the key to its mobile kingdom, threatening sanctions and penalties that ultimately resulted in Blackberry leaving many of the markets in question.

But even after the company’s prolonged downfall it still remains the secure choice for many, which makes the next bit of news that much more devastating,  that Blackberry has reportedly already given the “global encryption key” to the Royal Canadian Mounted Police. Translation: Your Blackberry isn’t as secure as you think it is.

According to an report issued last week by tech site Motherboard, the RCMP have had the ability to crack Blackberry devices using a so-called “global encryption key” since 2010, and the law enforcement agency used that ability to crack a high profile case against members of a U.S. crime syndicate accused of murder.

Through the case the news came to light that the police force had intercepted and cracked approximately one million PIN-to-PIN messages (previously thought to be practically inaccessible), and the report states that the RCMP has the ability to crack “virtually any BlackBerry message sent from one device to another.”

Now the RCMP tried to have such revelations closed to the public, wanting to maintain their access path I would assume, but they came to light nonetheless, leaving Blackberry in a very awkward position; the one and only factor that ever differentiated it from the rest of the mobile market now lying on the floor in pieces.

For its part, Blackberry has been on the defensive ever since, with company CEO John Chen acknowledging that his company, like any other tech company, complies with lawful, warranted access requests, and maintained that the company’s proprietary mobile security technology is still “the most secure mobile platform for managing all mobile devices.”

“I can reaffirm that we stood by our lawful access principles,” Chen wrote in a blog response, noting that this was old news that recently came to light. But he does not mention anything about a “global encryption key,” which the initial report stated was what the RCMP used to gain access to Blackberry devices.

Chen also reaffirmed the fact that his company doesn’t have access to every Blackberry phone, and that the company stands in the same position as Apple, where its technology is “impenetrable,” even by Blackberry itself.

“Not that we can crack every phone, but from the standpoint of BlackBerry’s philosophy, policy and principles, we will help whenever there is a formal subpoena that comes to us and we have been doing it for many, many, years,” said Chen.

As expected, whether accurate or not, this has stirred up a firestorm of controversy among Blackberry faithful (the only reason that it’s not front page news is that there aren’t many faithful left), as juxtaposed to Apple’s defiance of government intrusion into mobile encryption, this story makes Blackberry look like a government stooge and has many wondering whether this revelation will be the final nail in the company’s slowly closing coffin.

Previous post:

Next post: