Canadian Cops Can Decrypt PGP BlackBerrys Too by Joseph Cox.
From the post:
On Monday, Motherboard reported that leading Dutch forensics investigators say they are able to read encrypted messages sent on PGP BlackBerry phones—custom devices which are advertised as more suited for secure communication than off-the-shelf models.
A myriad of other law enforcement agencies would not comment on whether they have this capability, but court documents reviewed by Motherboard show that the Royal Mounted Canadian Police (RMCP) can also decrypt messages from PGP BlackBerrys.
“This encryption was previously thought to be undefeatable,” one 2015 court document in a drug trafficking case reads, referring to the PGP encryption used to secure messages on a BlackBerry device. “The RCMP technological laboratory destroyed this illusion and extracted from this phone 406 e-mails, 25 address book entries and other information all of which had been protected.”
In another case from 2015, centering around charges of kidnap and assault, three out of four BlackBerrys seized by the RCMP were analysed by the “Technical Assistance Team in Ottawa and the contents were decrypted and reports prepared.
…
Reports such as this one make you wonder who is lying about encryption?
This report makes current encryption sound like a cheap bicycle lock that can be defeated by anyone.
On the other hand, there are known luddites like FBI Director James Comey, who claim that government must be able to read encrypted files.
Is the “we can’t read the files” simply a ploy for more funding?
Or is current encryption really as good as the “rhythm” method of birth control?
Complicating matters is that encryption is a tough subject that even honest experts disagree about techniques and their safety.
Even with your best encryption, remember two rules for transmitting digital data:
- Send as little data as possible.
- What data you send should have as short a life span as possible.
For example, “Meet at location N in 20 minutes,” has an operational lifespan of about 25 minutes. Beyond that, even if broken, it’s useless.
BTW, don’t save on burner phones by using the same phone day after day. Why do you think they call them “burner” phones?
Note the Canadian case with 406 e-mails. That’s just irresponsible.