BlackBerry's Security is in Question by Canadian Government

By

Just like we have the U.S. Department of Homeland Security, Canada’s homeland security is called Public Safety Canada. Recently, this government department issued a warning that advises citizens, “to think twice before sending a BlackBerry message.” The Public Safety Canada agency is the federal department charged with overseeing cyber security.

One of the factors that has always been strong aboutBlackBerry is its security. That is why it has always been so successful in the corporate world. Now with a warning from the Canadian government criticizing BlackBerry’s security, it has to hurt.

If we delve into the specifics of this warning, you will see that it is very limited. The one page policy memo issued by Public Safety Canada, which was updated in mid-January, attempts to dissuade government BlackBerry users from sending a PIN-to-PIN message. This is largely due to the fact that a PIN-to-PIN message can basically be read by any BlackBerry user anywhere in the world.

According to the published warning, sending messages by this method is not secure. The encryption of such messages is vulnerable because the default encryption key is not unique to a BlackBerry, but the same for all BlackBerrys. This makes it easy to decrypt a sensitive message sent by PIN-to-PIN. The documents were released under the access to information act and say PIN-to-PIN messaging isn’t “suitable for exchanging sensitive messages” because protected or classified information could be inadvertently leaked, or a mobile user could inadvertently download malware or viruses that would compromise their phone.

Just about two thirds of the federal government mobile users in Canada use BlackBerry. If they are all sending PIN-to-PIN messages, you can see why Public Safety Canada would be concerned. There is also the threat that sending messages outside government firewalls and security filters could lead to a user opening a virus attached with a PIN message. The memo also warns that PIN-to-PIN messaging bypasses all corporate e-mail security filters, and thus users may become vulnerable to viruses and malware code as well as spam messages if their PIN becomes known to unauthorized third parties.

In the U.S., BlackBerry has always been the mobile device of preference for the Department of Defense (DoD). Recently, the DoD released its Commercial Mobile Device Implementation plan. This plan has details of using commercial off the shelf devices such as Samsung and Apples devices.

Teri Takai, Defense Department chief information officer, said, “The Department of Defense is taking a leadership role in leveraging mobile device technology by ensuring its workforce is empowered with mobile devices. As today’s DoD personnel increasingly rely on mobile technology as a key capability enabler for joint force combat operations, the application of mobile technology into global operations, integration of secure and non-secure communications, and development of portable, cloud-enabled capability will dramatically increase the number of people able to collaborate and share information rapidly.”

BlackBerry is struggling to keep a hold of the government and corporate contracts that it currently has. This is another body blow causing BlackBerry to take a few steps back to get some breathing room.




Edited by Brooke Neuman
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

TechZone360 Contributing Writer

SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More