Results 1 to 2 of 2

I work for a co. that is currently implementing a policy push from our BES ... RIM Handheld OS forum

  1. #1
    obergs2's Avatar
    obergs2 no está en línea Stack level 1
    Join Date
    Nov 2008
    Posts
    1

    Question Non encryption Security question

    Advertisement



    I work for a co. that is currently implementing a policy push from our BES server that includes encryption, 4 char password and auto wipe after 10 incorrect password attemps.

    A question has come up from upper executives as to the necessity for encryption as it eats battery time and it slows the OS.

    My question is what tools are available to access data on a stolen BB that has a 4 char password WITHOUT ENCRYPTION and how quickly could that said device be cracked.

  2. #2
    Thyth's Avatar
    Thyth no está en línea Stack level 3
    Join Date
    Sep 2007
    Posts
    273
    This highly depends on the motivation of your attacker. If someone really wants the data stored on a hand held, they would tap the flash chips, and read the data out that way. With the correct equipment, dissembling the device and extracting data from flash would be a matter of minutes.

    With the 10 password entry limitation, brute forcing the password wouldn't be a good way to access the device.

    Make the call based on your threat model.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •