View Single Post
Old 09-25-2005, 10:53 PM   #14
barjohn
BlackBerry Extraordinaire
 
barjohn's Avatar
 
Join Date: Sep 2004
Location: Riverside, CA
Model: 8700
Carrier: AT&T
Posts: 1,068
Default

Anyone that believes that you can't crack the memory cards doesn't understand encryption. (Sorry Mark but I must disagree and don't take such nonsense as the CIA couldn't crack [try NSA]).
I used to own a company that produced a product called UnLock. Back when it was legal to remove copy protection I reverse engineered more copy protection schemes that were supposedly unbreakable than I care to count. All used some form of encryption. All one needs today is a good hardware CPU emulator (I did it the hardway with just MS debug and later Black Ice). The encryption.decryption algorithm exists in the hardware and even if it is encrypted, it must be decrypted to execute. Typically, blocks of code are decrypted just prior to execution. With a hardware emulator you can stop the process just after decryption and dump the code for examination. If the key is stored in the unit it becomes easy to find the key and decrypt anything you want afterwards. Since the Blackberry has you generate a key for storage on the device, I think we can presume the key is contained on the device. Given the low power CPU the encryption algorithm can't be too complex or it would slow the unit down to an unacceptable level.

Some of you may even remember the system created and patented by a Westlake Village Company called Vault Corporation. It used a spot burned by a laser on the floppy disk and thus they claimed it was impossible to break their copy protection scheme. It was the first system I broke and I didn't even know the assembler when I started. It did take me 30 days using MS Debug to painfully capture and dissasemble the code, find the key and remove the copy protection by writing code that circumvented it!
__________________
John

For more information see barJohn Reviews It
Active PIN 203A5535
Offline