8

One of Blackberry's strongest assets is the "network" that it uses. Can someone explain, or link to technical information that covers what this secure network is, and what it does better than the rest?

makerofthings7
  • 50,488
  • 54
  • 253
  • 542

3 Answers3

8

How dare you! How dare you question the most secure mobile platform available to mankind! My attempt at humor there.. now to a serious answer before the mods attack. Blackberry has some whitepapers regarding security here: http://us.blackberry.com/ataglance/security/

I would argue the network is not RIM's strongest asset. Corporate and government adoption of the product due to the level of control they have over the devices is RIM's strongest asset. MDM is a hot topic now, but people seem forget that RIM has been doing it for 14 years.

Unfortunately for RIM the pendelum has swung away from corporate control towards the "bring your own device" philosophy, and with good reason. Android and IOS offers a better user experience.

securityishard
  • 731
  • 5
  • 3
6

Obscurity. No seriously though. Thanks to Blackberry enterprise server (which has been out for years), corporate mobile phones were able to be managed and controlled through a policy set or a group of "rules".. Not altogether unlike your windows user account at work on your company domain controlled by Active Directory GPO. I think this was initially what brought blackberry proliferation to the insane levels it reached in the early 2000's in the corporate world.

Alex K
  • 61
  • 1
  • 1
    I would agree with your statement. Blackberry made it their mission to provide a really good business experience. This is the same reason that despite all its faults, Windows is still the king in a business environment, at the end of the day you have control have nearly every element in Windows. – Ramhound Jan 26 '12 at 13:07
3

Blackberry Architecture is designed in such a way that the entire communication (data and not voice channel) is managed by the blackberry servers ecosystem in highly secured manner. The telco data channel acts as a carrier and transport medium of data packets to and fro between the mobile device and the blackberry servers like BIS and BES.

For establishing the ecosystem the telco is needed to host blackberry servers and applications in its network infrastructure. Hence to use the blackberry service it is important that the telco have the blackberry infrastructure setup.

In my knowledge there are 2 unique things about blackberry compared to other devices in a telco network ecosystem:

  1. Blackberry devices have a secured element in them. The secure element can be compared to a secure smart card (Not the SIM card provided by telco). Blackberry initializes it with some keys and certificates in the manufacturing time. The mapping is referred as the device PIN.
  2. Unlike other devices in network, blackberry devices are allowed to listen in a socket port which typically is not allowed by telco in other devices. This is from where the true sense of push mail or push messaging originates. In sense blackberry devices have true push support while other devices actually perform pull and make it look like push. This is one more reason why blackberry device have high battery life even after performing heavy data transmission operations.

Now the security; as discussed in one of the post many documents are public. AFAIK the session key which is derived in between blackberry servers and mobiles is generated in such way that key is not recoverable even on the server. For this reason, blackberry has been pushed by many nations to host some servers and do some modifications so that the intelligence agencies can trace data transmitted and received by the devices.

Blackberry devices from long have the processing capability of performing crypto operations like AES, RSA, ECC and many more. It supports full fledged PKI operations like signing and validations. In-fact BB was one of the first to have ECC support and own the Certicom Infra.

Mohit Sethi
  • 692
  • 4
  • 7