The President's BlackBerry

Posted: October 7, 2009 | | Categories: BlackBerry

I've always been a little perplexed about everyone freaking out about Obama's BlackBerry. It always surprised me that everyone was writing articles about how he had to give up his BlackBerry because of security reasons.  Security reasons? It's the most secure mobile device in the market - how could there be security concerns? The headline of every single article I read referenced said security concern but didn't really give the details. It just didn't make sense.  Let's think about it a bit.

The device is so freaking secure that it verifies the security signatures of the OS and the application platform when it starts up. No concern there, right? If a signature was invalid, the device would brick – not even complete the startup process. Even if someone could get their hands on the device, it wouldn't work unless the person who mucked with it had access to the internal signing keys and algorithms that Research In Motion uses in its manufacturing process. I'm pretty sure it's in Research In Motion's business plan to protect them at all costs – any failure on this front and the BlackBerry device couldn't be used by any government in the world and any security conscious company. Nope, no worries there.

An administrator can configure the device so everything is encrypted on the device using US Government approved encryption protocols. No concern there, right? I remember reading somewhere that It’s even so encrypted that when certain critical information such as a password data is held in memory chips that it’s encrypted there – so if someone got their hands on his device and hooked it up to a logic probe – all they would get is the encrypted version of the data. Oh, by the way, the data is encrypted using keys unique to the device - so there’s no reverse engineering one device and using the discovered keys on another device. They keys are renegotiated periodically too and there’s even a session key that’s created for every single message sent to/from the device.

Yep, pretty secure so far.

All of the data transmitted between the President’s device and the White House’s BlackBerry Enterprise Server (BES) is encrypted (both ways) using US Government approved security protocols. At no time is any of his data unencrypted until it gets INSIDE of the White House firewall. Yep, no worries there either, right?

I’m not sure about Verizon and Sprint’s network, but on EDGE (the network used by AT&T and T-Mobile in the US), the transmitted data is encrypted during transmission. Yep, even though the BlackBerry encrypts it, the wireless carrier encrypts it again on the wireless network. No concerns there, right? It’s not US Government approved encryption, but it’s an encryption on top of a US Government approved encryption protocol. Ya, it’s probably OK.

So, what’s the big concern?

I’m not sure if this is really it, but I have been reading BlackBerry Planet: The Story of Research in Motion and the Little Device that Took the World by Storm (Wiley) by Alastair Sweeny and came across something interesting. The book is supposed to be about the history of Research In Motion, but so far, it’s a big discussion of BlackBerry addiction and about Obama’s issues with the BlackBerry. Not what I expected. I already know about BlackBerry addition and honestly, except for this particular article, I really don’t care about the President’s BlackBerry device woes.

Anyway, I digress – so in the book, he said:

The Secret Service and the National Security Agency say that the main danger to the president lay with the cellular radio in the device, which constantly syncs with nearby wireless networks so calls can be routed to the phone. If bad guys ever got access to the cell phone systems that handled Obama’s BlackBerry, they might be able to ping his smartphone to a wireless tower and track his movements. Or they could scan cellular frequencies over several days to triangulate his exact position, even down to one of several identical limousines, even though they could not decode the AES-128 encrypted BlackBerry data.

Having just received certification as a BlackBerry administrator (BES 4.1 and 5.0 thank you), I happen to know that it’s 256-bit key, but that’s not important right now. AES has a fixed block size of 128 bits, but uses a 128-bit, 192-bit or 256-bit key. I’m pretty sure the White House has selected the 256-bit key; if they haven’t, they’re just not thinking.

OK, anyway – so someone interested in doing something bad to the President wants to know where he is. Hmmm, interesting. So, the assumption is that Obama has a BlackBerry and somehow he’s identifiable. Well, he’s surrounded by people who have BlackBerry devices, so how do you identify him out of all of the devices that are around him? You know his staff carries them, his wife carries one, it’s likely that the Secret Service detail carries them. How do you really know it’s him? Well, the premise I guess is that the criminals have gotten access to the mobile equipment (I won’t be calling it cellular equipment because I guess I expected that most people stopped calling it a cellular network when it transitioned from an analog to an entirely digital network) nearby where the president is. In the book passage, they’ve gotten access in order to identify his limo, right? Well, wait a minute. So to accurately triangulate, you have to be able to have access to three towers, right? So here’s the President, his staff, his security detail – oh and all the tens or hundreds of people in the immediate vicinity around them who are all carrying BlackBerry devices and you have to get access to at least three towers and be able to pick out 1 device in 100 or more? Really?

Doesn’t make sense to me.

Did I mention that all of the BlackBerry device data is encrypted in transit? Did I also mention that the carrier’s network usually encrypts it as well? How in the heck are you going to be able to identify a single device out of a hundred devices when all (every single bit) of the data being transmitted is being encrypted? I’m just not getting it. You might say that they’ll somehow identify his device when he’s making a phone call. I don’t know about you, but I don’t expect the President of the United States to be making a bunch of mobile phone calls on his BlackBerry when he clearly has even more secure voice communications available to him. But, did I mention that the carrier encrypts the signal between the device and the network? Yep, even voice data if I remember correctly.

I am just not getting it. It’s probably possible, but whoever did it would have to be very sophisticated and it would take a lot of work and coordination plus a bunch of very expensive tech. I know the NSA could probably do it but who knows – we all think they can crack anything when it’s entirely possible they can’t crack anything and they keep criminals at bay with fear, uncertainly and doubt (FUD). No way of knowing.

OK, this was just a mental exercise on my part. I’m not a security expert; I’m just a BlackBerry guy who found this an interesting topic to write about. I’m just telling a story here. I was just amazed by all of the press back in December and January and was happy that someone finally tried to explain it. All the articles I read provoked the sensationalism and never explained that the BlackBerry was secure, it was other things the NSA was worried about. I don’t know if this guy is right and I doubt I will ever find out. While I didn’t vote for the guy, I think he’s very smart and will ultimately be a very good president (while spending more of my money than I would allow if I could, but that’s another story). I have no issues with him or his administration and I harbor no ill will toward him and his family.

Let me know what you think. Fill in some blanks for me. Ignore me, agree with me or prove me wrong – I’m curious what other people think about this topic. If you’re going to disagree with me or prove me wrong, please be polite doing it. I’m rather sensitive

Part II

OK, so I started looking around for articles about this topic and came across this: Three reasons why Obama's BlackBerry is a national security THREAT. Having read through this article two things pop out – one is that the author doesn’t understand the BlackBerry platform very well and the second is that he’s assuming that criminals would have physical access to the device. Sorry, not likely. It’s all this ridiculous sensationalism generated by the media and others that’s causing this problem.

He argues that there were 9 vulnerabilities in the last three years, so the President’s device would get hacked three times a year for four years. Huh? Just because the vulnerabilities exist doesn’t mean they haven’t been patched and again a criminal would need access first to take advantage of them.

He argues that anyone with $100 could get keys that would allow them to write malware that would affect the President’s device. Huh? Um, the keys have been $20 for almost 2 years. And, sure I could write a piece of malware, anyone could – but how do you get your malware installed on the President’s device? You think he’s trolling the Internet looking for cool applications to install on his device? Seriously? Ok, want to buy a bridge? I have one for sale, it’s in NY Harbor, but you can move it anywhere you want once your check clears.

He points to a Wikipedia article about determining the location of a mobile device – yep, it’s called e911 and it’s federally mandated. It’s all about the carrier (the guys who are running the wireless network) being able to locate a device they’re already talking to. It’s not about hijacking the location of the device – it’s about identifying the device (because they’ve called 911) and being able to tell the emergency call center where the caller is located. I may be ignorant, but I don’t see the connection here.

He refers to a roaming phone tap used in some mafia trial – yep, it was roaming alright, it was a physical transmitter physically implanted in the suspect’s phone. Yep, needed physical access to the device to be able to install the hardware. When the President says ‘you can have this when you pry it from my hands’ do you think that means it will be easy to implant the transmitter? If you can get close enough to implant a transmitter in the President’s smartphone, you probably already have the access you need to do bad things.

He even for some bizarre reason argues that one would need to maintain a database of malware information and regularly check for it on the device. Not true – with a few very simple (simple, seriously – I promise) you can completely lock down a BlackBerry device and protect it from any malware. Because of the security capabilities of the BlackBerry device – there’s a reduced need for antivirus software on the BlackBerry.
Every single one of you should immediately go to www.blackberry.com/security and do some reading. There are a couple of very simple settings you can set on the device – the first of which is the most important. Disable access to any third party applications. There, got it set? OK then, nobody can install any malware on your device. Even if the user physically cables the device to a computer and tries to manually install ANY application – it won’t install and it definitely wouldn’t run on the device. Done, done and done. Next!

There’s an option to support white listing of applications as a way to block all applications then specifically list the ones that are allowed – but that’s still pretty secure. If the President tries to install an application with a digital signature different than any of the applications on the white list, it won’t install – nope, just won’t.

Next you turn on encryption to all data on the device is encrypted at all times. Got it done? Ok, then even if someone gains physical access to the device, they can’t see ANYTHING on the device without NSA level decryption capabilities (which could or could not exist, who knows).

Now, in an article called Obama's BlackBerry Security Strategy (since removed) it says:

According to Mitnick, who is credited with hacking Motorola, Nokia, Sun Microsystems, FBI, and Pentagon networks (among many others,) the best course of action for a hacker would probably be to infiltrate the personal computer of somebody close to Obama. Then, the hacker would have to use that person's identity to divert Obama to a compromised website that would upload malicious code onto the BlackBerry.

More sensationalism, argh! Nope, can’t be done. You turn on setting about restricting all third party applications then none of this is possible. Even if he could get redirected to a malicious web site by someone who’s impersonating a friend ‘Hey Barack, I just found this amazing downloads site for BlackBerry applications – check out the cool new Bass Fisherman application, you’ll love it!’ there’s no way he’d do it. Never, not in a million years. He was barely able to keep his BlackBerry device – you think he didn’t make any promises to the NSA to be allowed to keep it? I am pretty sure that one of them was ‘yep, I promise not to download any applications off of the Internet onto my super secure device.’

Here’s another one: Microsoft: Obama's BlackBerry Is Security Risk.

This one is at least accurate – yes, every single message the President sends from his BlackBerry device does leave the country – it travels through a Network Operations Center (NOC) maintained by Research In Motion in one or more locations around the globe. It’s true, and it is a potential security risk, but if you keep in mind that first of all, Research In Motion has passed every single relevant security certification for the device and has passed many security audits in its data center – you’d have to know that the data is secure. Remember, everyone around the president and most of the important people in the US Government are already carrying BlackBerry devices and all that traffic goes through Research In Motion’s data centers – what seriously are the chances that it can be intercepted? Remember, the device uses US Government approved encryption protocols, the only entities that know the keys are the device and the BES and the session key is changed with every single message that is sent. It’s secure.

Anyway, that’s my little rant for today. I hope you enjoyed it. Again though, I’m just musing about this whole security thing. Of course, having worked for Research In Motion, I’m a little biased in my opinion here but I do trust the certifications and validations of the BlackBerry security. Again, just my thoughts – I’m not a security expert. Please be polite if you’re going to blast me.

Next Post: BlackBerry Development Fundamentals

Previous Post: BlackBerry Development Links

Header image: Photo by Randy Lu on Unsplash.