They cite a blog post from last August by Matthew Green http://blog.cryptographyengineering.com/2012/08/dear-apple-please-set-imessage-free.html
I follow Green's blog and can recommend it to anyone that is seriously interested in cryptography and/or data privacy.
Blackberry's BBM (Blackberry Messenger) http://en.wikipedia.org/wiki/BlackBerry_Messenger has long been secure as well, though I believe in recent years government pressure has forced some changes in that.
For more on BBM see http://computer.howstuffworks.com/e-mail-messaging/blackberry-messenger.htm
For general info on Blackberry security see http://www.berryreview.com/2010/08/06/faq-what-communication-is-encrypted-on-your-blackberry/
Note there are differences between BES (Enterprise Blackberry) and BIS (Consumer Blackberry), but (AFAIK)
According to http://bgr.com/2013/02/27/blackberry-messenger-security-vulnerability-346634/ it seems that BBM on BIS lacks higher level security options just like email:
"“Although PIN-to-PIN messages are encrypted, they key used is a global cryptographic ‘key’ that is common to every BlackBerry device all over the world,” Public Safety Canada official stated in the memo. “Any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device.”"
and
"It should be noted that Public Safety Canada has failed to take into account the fact that organizations have the ability to change the encryption key to a unique one, ensuring that only BlackBerry devices using the same BES network can communicate with each other. There are also several ways to encode BBM messages such as S/MIME, which adds another layer of security."
No comments:
Post a Comment