Still Secure: Debunking Myths About BlackBerry PGP

PGP, which stands for Pretty Good Privacy, is a widely used method of protecting and authenticating personal and private communication between two parties. The technology works seamlessly on a BlackBerry device, making BlackBerry PGP encryption one of the most reliable forms of secure email communication in the world.

Unfortunately, many myths about the security and reliability of BlackBerry PGP encryption persist. They tend to pop up any time there’s a high-profile story about police claiming they’ve managed to decrypt the private communication of citizens.

We’re here to bust the three biggest myths about BlackBerry PGP encryption:

Myth: Law enforcement agencies have cracked BlackBerry PGP encryption

In reality, it’s virtually impossible to crack encryption. A task like that would take thousands — perhaps even millions — of years to accomplish. You access encrypted data by bypassing or circumventing encryption, not cracking it.

In this case, for communications to be secure from law enforcement, the BlackBerry in question must be paired to a private BlackBerry Enterprise Server (BES). Essentially, a private BES is a private network, where a portion of the encryption key for the device in question is stored on a private server. The device doesn’t contain the entire key, and neither does the server. Data remains encrypted — you can’t access one without the other.

While we have no way of knowing exactly how law enforcement gains access to devices, they likely do it by obtaining passwords from individuals willing to share them, rather than by circumventing the encryption technology itself.

People, rather than technology, tend to be the weakest link in encryption.

Myth: BlackBerry devices are vulnerable to hacking

By not pairing a BlackBerry device with a private BES, it’s true that law enforcement could theoretically access it by physically removing the chips for the device in question and analyzing them forensically, or by using a debugging connection.

To avoid this, users should simply never use PGP encryption on a BlackBerry that isn’t paired to a private BES infrastructure.

In general, 80% of the devices we use every day are already infected with malware. BlackBerry PGP encryption accessed via a reliable provider isolates the use of the phone to just email. None of the other functions of the phone — web browsing, apps, texting, GPS, video, camera or microphone — are available.

This removes the opportunity for someone to use malware to circumvent the encryption.

Myth: Governments can demand access to BlackBerry PGP providers’ servers

Unfortunately, if these servers are located offshore in a politically unstable country, authorities could demand and gain access to a private data center. This is why you need to choose your service very carefully.

Myntex’s servers are managed on-site in Canada and not outsourced to a foreign location. This means we’re able to restrict access and mitigate the corruption issues that come up in other countries.

Ready to offer BlackBerry PGP to your customers? Get in touch.

Leave a Reply