Re: [Discuss-gnuradio] "A scanner with a digital output" address@hidden pwright.com: @stake wows the wireless rubes...]

[Nick Waterman]

Sure...

Wandering offtopic a bit, and sounding like I'm advertising my company a bit
too much, but...

MOST Blackberrys use the corporate solution. Each user has their own
personal key. Keys are generated by about 30 seconds of mouse-wiggling on
the desktop, there are no forced zeros or ones or anything. Keys are sent to
your corporate BES server over your corporate LAN (not radio or internet)
and sent to the device over the serial link when you cradle it. Encryption
is then done end-to-end, IE it's encrypted by the BES after copying your
mail out of exchange (or lotus, or whatever) and sent encrypted across the
net, through RIM (yes, even RIM can't read your mail) and through the
wireless carriers, across the air to your device, which has the means to
decrypt it. The keys never go "over the air", but you're right - gnuradio
would allow you to prove that for yourself rather than taking my (or RIM's
marketting people's) word for it.

Biggest risk would be on the corporate LAN itself, but if someone's already
there, they can sniff your mail in far easier ways.   :-)

The one that CAN be sniffed is the "blackberry internet edition" bought by
the man-on-the-street. There's no corporate BES to do the encryption, email
is sent across the (insecure) internet in plaintext SMTP to RIM, and sent in
plaintext to the carriers, across the air, to the pagers. There's no
realistic way to exchange keys and little point anyway. I suppose some sort
of public/private method would theoretically be possible, but seems
pointless considering this particular solution is supposed to be no more
secure than any other 2-way pager - just the added convenience of being
"real email". This is NOT supposed to be used for secure corporate mail -
for that you'd buy the more expensive but more popular BES enterprise
version, and use the end-to-end encrypted service.

Anyway - enough blackberry waffle - I joined this list to feed my radio
amateur and computer geek obsessions, not to represent my company (which
admittedly happens to sort of feed the same 2 obsessions - cool eh?)!    :-)

-- 
Nick Waterman. Senior Systems Administrator, Research In Motion
mailto:address@hidden  http://noseynick.com/  http://www.rim.net/
#include <stddisclaimer>   Sent from my Blackberry Wireless Handheld!


-----Original Message-----
From: John Gilmore <address@hidden>
To: Nick Waterman <address@hidden>
CC: address@hidden <address@hidden>
Sent: Thu Mar 21 12:27:47 2002
Subject: Re: [Discuss-gnuradio] "A scanner with a digital output"
address@hidden: @stake wows the wireless rubes...] 

> For what it's worth, the vast majority of Blackberry traffic is 
> triple-des encrypted end-to-end with quite long keys.

One of the great things about GNU Radio is that we are building and
spreading the tools for raw spectrum access, such that anyone who
cares can easily check whether statements like this are true.  Or
can examine the radio traffic from their OWN blackberry to see whether
it's encrypted or not.

        John

PS:  Mere use of long keys doesn't end the security inquiry.  If it's
easy for an attack to discover what those keys are, it doesn't matter
how long they are.  Like, if every Blackberry uses the same key :-),
or if they send it to new units over the air when initializing them,
or if, like in GSM phones, some of the key bits somehow end up as zeroes,
via sub rosa intervention from government wiretap representatives.