Canada Warns Users About Security Risks of Using BlackBerry Messenger

While the BlackBerry Z10 might be a hot-selling smartphone up north, Postmedia News reports that the Canadian government Department of Public Safety has once again warned users, particularly those in enterprise, that communicating over BlackBerry Messenger, or BBM for short, is the most vulnerable method of communication possible.

“Although PIN-to-PIN messages are encrypted, they [sic] key used is a global cryptographic ‘key’ that is common to every BlackBerry device all over the world,” the memo reads. “Any BlackBerry device can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry device.”

BBM was the forerunner to iMessage, allowing BlackBerry users to send and receive messages from other BlackBerry devices without having it counted as a traditional text message. BlackBerry is the smartphone of choice among at least two-thirds of Canadian federal executives, with the rest using iPhone or Android-powered smartphones. The government memo continues:

“PIN-to-PIN messaging bypasses all corporate e-mail security filters, and thus users may become vulnerable to viruses and malware code as well as spam messages if their PIN becomes known to unauthorized third parties,” the memo warns.

The fact that PIN-to-PIN communication is insecure is nothing new, as the Canadian government has repeatedly issued warnings in the past about the risks of using such services. Nevertheless, it’s an untimely blow for BlackBerry, with the iPhone dominating enterprise and Samsung putting in its best effort to get some recognition for its Galaxy S III and other devices among enterprise users.

When reached for comment, a BlackBerry spokesperson provided BGR with the following statement:

“BlackBerry communications remain the most secure, preferred mobile communications used by governments worldwide. In fact, BlackBerry uniquely offers scalable, customizable security options for businesses and governments which allow them to apply their desired level of security.”

[Postmedia News via BGR]

Post a response / What do you think?