A report by the Dutch law enforcement agency says that custom Blackberry may not be completely safe for private communication. According to the Netherlands Forensic Institute (NFI)’s investigators, they could read the encrypted emails protected by the high-security devices of Blackberry. The investigation details published by Motherboard report that Tuscha Essed, NFI press officer, said that they were easily able to obtain encrypted data from the PGP Blackberry devices.
NFI handles the forensic part of the criminal cases in the Netherlands. The whole issue came to the fore when the Crime News published secret documents allegedly from NFI in December 2015. The Dutch blog ‘misdaadnieuws.com’ also published the documents reporting that it was possible to read deleted messages as well as encrypted emails using Cellebrite, a private security firm’s software.
However, the agency has not explained the technique it used for tracking down the secret emails and messages.
A cause of worry for Blackberry users
According to the report, to decrypt the content in the device, law officials will have to access the device physically. This new revelation has become a cause of worry for many Blackberry users who until now have been using their device for forwarding many secret messages and emails with the belief that their full communication is secured and encrypted. It also means that a Blackberry device empowered with highly secured PGP encryption capabilities can also be accessed easily.
Many people buy modified versions of Blackberry from vendors that come with additional security as a replacement to the disabled microphone and a configured USB port for charging. These devices are used only for receiving and sending emails and messages. Law enforcement agencies from other countries including National Crime Agency of UK and Drug Enforcement Administration and the Federal Bureau of Investigation have not confirmed the Motherboard reports.
All the Blackberry Smartphones come with secure messaging software. Even then, few people prefer custom models that offer even more security-PGP encrypted mail. However, the reports from the Dutch agency now suggest even this so-called highly secured software is not safe enough.