In my company we turn on journalling on our Exchange server to trap all in/outbound ... Server Admins forum
In my company we turn on journalling on our Exchange server to trap all in/outbound messages for litigation search purposes. My IT manager disabled PIN messaging on the blackberries except for the execs because he said it was a security issue with respect to PIN messages since they cannot be traced. My CEO thinks otherwise since he says SMS messages can be traced. Is there any truth to PIN or SMS messages? Is PIN messaging secure between two parties?
PIN messaging is Blackberry to Blackberry with no logging by RIM or the carrier. The BES can log the messages but I have never heard of a security issue involving PIN messages.
Now SMS is logged by the carrier so that could be subpoenaed. Once you end a Blackberry Messenger conversation on the device, the conversation is gone and cannot be retrieved.
Since the BES logs the messages can they be retrieved/searched with a built-in or external utility?
external yes, they are just text files.
Obi-Wan Kenobi says "Use the search Luke", and Yoda says "RTFM, you should"
Torch 9800 on BES 4.1.7 MR3, SQL 2005, Exch 03 with 250 hopeless users
A few quick security notes.
PIN messages travel like this:
device1 -> carrier1 -> RIM -> carrier2 -> device2
RIM says they do not log PIN messages, but I can't find a reference to that. The instructor in BES advanced class said so, but I want to find it in print.
PIN messages are scrambled, not encrypted.
Also, through IT policy you can have devices report back with PIN messages to the server for logging. This happens during the wireless backup cycle (every 15 minutes, iirc.) The user may delete messages before that cycle and they will not be logged. (Actually need to test this one, but I know this is true for call logs which are similarly transmitted
PIN message scrambling
During the manufacturing process, Research In Motion® (RIM®) loads a common peer-to-peer encryption key onto BlackBerry devices. Although the BlackBerry device uses the peer-to-peer encryption key with Triple DES to encrypt PIN messages, every BlackBerry device can decrypt every PIN message that it receives because every BlackBerry device stores the same peer-to-peer encryption key. PIN message encryption does not prevent a BlackBerry device other than the intended recipient from decrypting the PIN message. Therefore, consider PIN messages as scrambled—but not encrypted—messages.
You can limit the number of BlackBerry devices that can decrypt your organization’s PIN messages by generating a new peer-to-peer encryption key known only to BlackBerry devices in your corporation. A BlackBerry device with a corporate peer-to-peer encryption key can send and receive PIN messages with other BlackBerry devices on your corporate network with the same peer-to-peer encryption key. These PIN messages use corporate scrambling instead of the original global scrambling.
You should generate a new corporate peer-to-peer encryption key if you know the current key is compromised. You can update and resend the peer-to-peer encryption key for users in the BlackBerry Manager.
The logs are stored as .csv files on the BES, and are readable by Notepad or Excel, among other utils.
Interesting, yet on another post one member commented that when composing a PIN there is an option field above the To: filed that offers encoding options: Encrypt, Plain Text, Sign, and Sign and Encrypt with "default" as the default setting whatever that may be.
I have my BES setup so the users can only send PIN messages to each other. They cannot send them to BB's outside of the Organizations BES. You can receive from outside, just not send out. People complain about it all the time, but what can you do.
We've tried turning the logs on, and it just collects a lot of crap, and conversations that people wouldn't want recorded.
Tags for this Thread