RCMP Have BlackBerry’s Encryption Key, Over 1M Messages Intercepted

Bbm

There was a time when the Royal Canadian Mounted Police (Canada’s federal police force) had backdoor access to encrypted BlackBerry messages, Vice Canada reports. During that time, the RCMP intercepted and decrypted “over one million” BlackBerry messages.

To understand how the RCMP did that, you need to understand how BlackBerry’s encryption works: It encrypts BBM messages using a single “global encryption key” loaded onto every handset during manufacturing. Those who own that key can read all BBM messages sent between BlackBerry phones. The only exception is Business Enterprise Server, which
allows corporations to use their own encryption so not even BlackBerry can access it.

Now, as discovered by Vice Canada, the RCMP somehow obtained this global encryption key and used it during an investigation in a mafia slaying called “Project Clemenza”. The investigation ran between 2010 and 2012.

According to more than 3,000 pages of court documents pertaining to the case that resulted from Project Clemenza, obtained by VICE Canada, the RCMP maintains a server in Ottawa that “simulates a mobile device that receives a message intended for [the rightful recipient].” In an affidavit, RCMP sergeant Patrick Boismenu states that the server “performs the decryption of the message using the appropriate decryption key.” The RCMP calls this the “BlackBerry interception and processing system.”

Okay, so you may argue that BlackBerry has been collaborating with law enforcement agencies, just as Apple did and does now when forced to by law – except the San Bernardino iPhone 5c. You know what happened there, and you may also know that Apple assists law enforcement agencies in their investigations.

The problem with this case is that it is not known whether BlackBerry subsequently changed the global encryption key. If not, it means (metaphorically) that the RCMP has a key to your home and can “pay a visit” at any time without your knowledge. That’s alarming. You can read the full story at Vice Canada.

Technology enthusiast, rocker, biker and writer of iPhoneinCanada.ca. Follow me on Twitter or contact me via email: istvan@iphoneincanada.ca

  • Mark Holoubek

    With BB’s future apparently hinging on being the “most secure” Android solution, that is a bit worrisome, no?

  • It doesn’t sound promising, that’s for sure.

  • erth

    people still use blackberries? wow, i am amazed

  • Anthony Ondre

    BB has been violated more than Monica Lewinski

  • johnnygoodface

    I hope I don’t have to point out the obvious here: that’s where we were heading not so long ago with the FBI request! A backdoor is a backdoor, even if there are many kinds. So Blackberry users never knew what was possibly going on in their own backyard. Can you imagine realizing that you might have been spied upon for the last 6 years of your life, including those moments when you placed your phone right next to your bed! Cute!

  • Master key vs end-to-end encryption. Looks like they should have went with the latter.

  • BigCat

    We will always have hackers trying to gain access into our lives. Such as Banking and personal communications. This something that will always require fixing.

    The Government along with its various agencies is a different story. Our modern technology needs the same kinds of protection that currently protect us from random and dragnet searches of our homes.

    There is a really big gap in privacy protection that the Government is no hurry to resolve. Canadians need to see more stories like this.

  • MartinJdub

    …because working collaboratively with law enforcement on any legal level for the collective good and safety of others is inherently bad. *eyeroll*