BlackBerry: police did not break our encryption
BlackBerry would like its users to know its phones are “as safe as they have always been” after claims that Dutch police are capable of accessing encrypted BlackBerry messages.
In an unsigned post on BlackBerry's corporate blog, the mobile phone manufacturer said it did not have any details about the specific devices that the authorities said had been decrypted. “If such an information recovery did happen, access to this information from a BlackBerry device could be due to factors unrelated to how the BlackBerry device was designed, such as user consent, an insecure third party application, or deficient security behaviour of the user,” the company wrote.
Almost two weeks ago, a press officer for the Netherlands Forensic Institute (NFI) told the tech site Motherboard that the law enforcement body is “capable of obtaining encrypted data from BlackBerry PGP devices”.
Dutch authorities may have successfully accessed BlackBerry messages if device owners had not installed updates. It is also possible that NFI was able to exploit zero-day vulnerabilities to access devices, a practice regularly used by US agencies.
Blackberry stated that it does have any backdoors and wrote in its blog, “BlackBerry does not store [and] cannot share BlackBerry device passwords with law enforcement or anyone else.”