Memo warns federal workers in Canada about BlackBerry messaging

Memo warns federal workers in Canada about BlackBerry messaging

Summary: BlackBerry might not be as secure as believed -- even in the company's home country of Canada.


Just as the Department of Defense is working to open its networks to iOS and Android mobile devices, a new report reveals that Canadian federal workers are being warned about potential security holes on BlackBerry.

See also: Symantec chief: Security about more than 'shiny new objects'

According to, Public Safety Canada -- the federal agency that manages cyber-security within the government -- issued a memo back in January with a severe warning to government employees about PIN-to-PIN messaging.

Not mincing words, Public Safety Canada said that it found this form of mobile communication "to be the most vulnerable method of communicating on a BlackBerry." Here's more:

The documents, released to Postmedia News under the access to information act, say PIN-to-PIN messaging isn’t “suitable for exchanging sensitive messages” because protected or classified information could be inadvertently leaked, or a mobile user could inadvertently download malware or viruses that would compromise their phone.

This is a startling statement given BlackBerry's reputation for offering what could have been thought of as the most secure mobile platform worldwide, which was the Waterloo, Ontario-based corporation's last saving grace -- at least ahead of the pending launch of BlackBerry 10.

Frankly, this memo couldn't come at a worse time for Blackberry, which was formerly known as Research In Motion until the mobile device maker rebranded itself in January.

Not only is the company banking everything on the upcoming release of its new mobile operating system and handhelds to go with it in the face of global domination over the mobile market by Apple and Google's Android ecosystem.

But again, this follows the news that the Pentagon is moving on from BlackBerry in response to current mobile trends to equip and support its employees that want to use iOS and Android devices -- effectively removing the near-monopoly BlackBerry had over the home base of the U.S. military.

To put that into perspective, Bloomberg cited that the DoD has more than 600,000 mobile devices in circulation -- of which 470,000 them run on BlackBerry OS while iOS accounts for 41,000 devices and Android covers approximately 8,700.

Topics: Security, Government, Mobility, BlackBerry, Smartphones

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Question to security expert

    Rachel, is this something new or it has been there for years? What are more secure alternatives for text message exchange than PIN-to-PIN texting on other platforms?
    • Security

      BBM is the secure and encrypted communication method and, as it always has been, PIN to PIN is no more secure than a text message. I'm not sure why anyone would use PIN to PIN anyway since if you have their pin you can add them to BBM contacts and BBM them
      • What do you mean

        Are you trying to say that Rachel is either incompetent or is deliberately misleading?
  • Misleading headline

    Pin to pin messaging has never been any more or less secure than text messages or email... In fact it is a text message and does not go through blackberry servers at all. This article should distinguish between BBM, which is encrypted and secure, and PIN to PIN which is not.
  • Good sign that Blackberry is challenging MS

    MS must be worried if Rachel is blogging this.
  • FUD

    Not insecure.
    Plus, enterprise customers could also change the pin-certificate to their own, which would on the one hand disable pin-messaging to BB-users from other enterprise network but also strengthen the security.
    Furthermore, BB-pin messaging is still far more secure than skype/wazapp and all the stuff BB10 user could now run in their private environments but would on other platforms share the same environment as the business data since there are no seperate profiles on other platforms.
    This news is FUD.
  • Blackbery 10 BBM is no longer PIN-based!!
  • 2011 story misses extra security features

    The 2011 document this is based on misses the fact that if you run a BES server, you can set an organisational global encryption key instead; that stops users BBMing people outside the org who don't have the same key. If you're really worried, set a policy in BES to turn off BBM altogether. One would hope people who run secure Canadian departments understand how to use the security features in BES...
  • Errrrr

    If the Blackberry is government owned, the employee will return it to the government. They won't be keeping it and selling it off. What the government IT department does is a different story. As by the time they get it back it has been warn well, the IT department would probably wipe the contents of the device and destroy it.
    So this stuff regarding a potential security issue is FUD.
    BTW, in an odd thing. Between 2011 and 2012 as Blackberry sales were on the decline, the Canadian government actually bought more!
  • Erroneous information about the 470,000 Blackberrys at DoD

    Journalism died 30 years ago, most of the Liberal media, 98%, can't be trusted to just give the facts, always some left wing propaganda attached, or some AAPL shareholder who is p*ssed off at his precious stock that he bought at $650 which was supposed to go to $1,111.11 later revised to $888.88, and then it fell below $400 and the only thing self-loathing Liberals can do is lash out at the competitor, that way they *feel* good about themselves.
    I've seen on several web sites that the iPhone and Samsung got the DoD approval but not Blackberry. Do you people even bother checking facts or just write your left wing bs? Go check your facts on Blackberry RECEIVING APPROVAL by the Dept. of Defense, and then apologize.