Unlike Geo Claims, Blackberry Communication Can’t be Altered

I assume that everyone is aware of recent “Memogate” scandal, so instead of narrate all the details, I will go straight to point to uncover those faces who are playing with our national interests to save the names of few.

Geo TV, in it’s show “Ajj Kamran Khan Kay Sath”, reported that Blackberry communication can be altered, following is what exactly Mr. Ikram Sehgal said in the show:

Blackberry communication can be altered even after the handshake of protocol is carried out, there’s no doubt about it.

You can watch the video clip yourself by clicking this link

This claim or Mr. Sehgal is absolutely wrong. According to RIM, no communication between two blackberries can be intercepted. No one can even read it let alone altering this communication.

The whole world knows that security of communication is the only feature that RIM has relied on to build it’s business.

When I asked the same question from Mr. Abdullah Saad, the chief of WCCFTech, a security expert, he simply denied the possibility of altering a BBM (Blackberry messenger) communication, saying “if Blackberry communication can be altered ‘after’ the security handshake then it would be the first recorded case in the history of Blackberry”.

BBM messages, they are sent using a global PIN key, which can be broken / decrypted only using RIM’s master keys. This is why countries from around the world, in order to access encrypted blackberry messenger information, reach out to RIM to provide them with the master keys to decrypt this information.

To put this in simpler words, you will have to decrypt the communication after message is sent out of blackberry device, alter it while on the go, encrypt it again before it reaches the recipient blackberry device. And you will have to do that without breaking the security key (attached with every BB message).

Now one can’t break such kind of encryption without keys unless you are NSA, rather tough for even NSA to achieve.

It won’t be out of place to mention here that if altering blackberry communication was so easy then why India, Saudi Arabia, UAE and many other nations are having tough time even monitoring it. At the end they were provided with tools from RIM to monitor BBM traffic, that too only Date Stamps and PIN IDs and not the actual message.

Just to add, BBM data (only the date stamps and PIN IDs, but not the actual message) can be fetched from RIM servers upon government’s request.

Only way to temper a BB Device:

Having said all this, there’s one way of tempering BBM data, and that’s only one possible way of doing it if you have physical access of any BB device. Once you have such kind of access, you can use it the way you want to prove that device has sent/received messages according to your wish.

Additionally, with having physical access to a blackberry device, you can install third party spyware – it shall enable the third party to access the data on a BB device (encrypted or otherwise). This includes information about geo-location, emails, BBM messages and text messages on that particular device.

In case of ambassador Hussain Haqqani, it is not being suggested that his BBM messages were ‘lawfully’ or ‘unlawfully’ accessed and read but that some hacker got access to his phone and used it to fabricate / send the said messages to Mansur Ijaz. If proven in a court of law, this shall be the first such incident of its kind involving RIM.

Tech reporter with over 10 years of experience, founder of ProPakistani.PK

  • “Who isn’t aware of recent memogate scandal? I guess everyone, ”

    This sentence means that “everywhere isn’t aware of recent memogate scandal”

    I think the author wanted to communicate that “no-one isn’t aware” or “every one is aware”

  • Only way I can think of altering BB message is playing “Man in the middle attack” – that to requires extreme sophistication…

  • Lol

    luks like pentagons in trouble bcuz if some1 crackd bb it wud take em a few secs to crack the pentagons security

    I guess.a firesale is round the corner

    bloody crack heads

  • Amir, I didn’t took you to be this naive. Please do a search about RSA hack where over 500+ Global giants had their private keys stolen recently. Do you really think its that bigger a deal for special service agencies to steal those private keys from RIM — even if they’re not aware of it? Once you have the keys; all you need is a proxy in between which again is not that bigger a deal.

    Disclaimer: I’m not a supporter of that ambassador nor any political parties. This is purely my technical opinion.

  • @imkhalid @raheel but geo is much more anti pak channel then any other.they always give wrong news against pak and also at the same time claim themselves to be most loyalist channel of the country.


    Like you already know that blackberry handset can be configured in two ways for data services: either with Blackberry Internet Services (BIS) or with Blackberry Enterprise Server (BES)

    In the context of blackberry Internet Services (BIS), Blackberry Messenger uses triple DES (168-bits key) to encrypt BBM messages which is definitely quite strong encryption algorithm. But the security of this open algorithm lies totally on the secrecy of encryption/ decryption keys. In the case of BBM communication, the key is not secret because the same key is embedded in every blackberry handset that is manufactured by RIM. The little analysis of any Blackberry handset can reveal this key. Once anyone get to know this symmetric encryption/decryption key, he/she can theoretically decrypt/modify/encrypt BBM messages. That is why even RIM calls this encryption / decryption process “Scrambling” and “descrambling” in the context of Blackbery Internet Services (BIS) because its not true encryption.

    This global encryption/Decryption key can be changed only when blackberry handset is configured with Blackberry Enterprise Server (BES). BES is a commercial product available from RIM which any organization can install in their network to let thier employees have access to their corporate network, corporate email server etc through thier BB handsets. The administrator of BES server can change blackberry messenger’s encryption/decryption key. The scope of this encryption and decryption key would then be limited to the users of that particular BES. This means that BB handsets configured with any particular BES would be sharing the BBM encryption / decryption key. This is what mostly agencies are concerned with. Just to illustrate this concept… what if the BES server is physically located in Pakistan and blackberry user is in india. Then agencies of India cannot approach Pakistan for encryption / decryption key.

    India had asked RIM to provide Indian agencies with tools or master keys through which they can intercept BBM and other BB’s encrypted communication. RIM has provided india agencies with tool that can intercept BIS based BBM traffic and for this purpose they have installed BBM Server in india for BIS based BBM traffic but india is asking for more. RIM is trying to tell india that even RIM is not capable to decrypt BES based BBM traffic when encryption key is changed but INDIAN authorities are not willing to understand and still putting a pressure on RIM and asking for Some kind of Master Key (koi Jaadu ka chiragh de do humain bhai… RIM).

    And just think about which countries were mostly concerned about RIM encryption…UAE, India, Saudi Arabia etc. Why not some developed countries showed their concern over encryption used by RIM…don’t they like to intercept traffic for intelligence purpose.

    Interception/Modification of BBM traffic in the context of BIS is theoretically possible and any agency capable of intercepting traffic can do so. However practically its little difficult. Why? because mobile carriers either establish direct dedicated links with RIM’s NOC or use VPN connection with RIM’s NOC. So its difficult to intercept and modify traffic going to or coming from RIM’s NOC without the help of Mobile carriers. However, passive monitoring of BBM traffic is easily possible through Off the air (Radio Interface) GSM interception tools.Even there exists GSM Interception solution that can intercept and modify traffic. They user Flase Base station attack and removes the GSM Radio interface encryption.

  • >