

BlackBerry Q10 stores your unencrypted email password on its own servers - uuwe
http://frank.geekheim.de/?p=2379

======
chmars
tl;dr:

As soon as you have created a new mail account on a BlackBerry 10 mobile, IMAP
and SMTP connections are made to IP 68.171.232.33 using your mail credentials.

68.171.232.33 is part of RIM's network range, the server is located in Canada.
The routing goes via the UK (GCHQ) and the US (NSA). BlackBerry has your mail
credentials anyway.

BlackBerry 10 users should immediately stop using the default mail app, delete
their credentials from the phone and create new passwords.

~~~
chmars
Official summary in English:

'When you enter your POP / IMAP e-mail credentials into a Blackberry 10 phone
they will be sent to Blackberry without your consent or knowledge. A server
with the IP 68.171.232.33 which is in the Research In Motion (RIM) netblock in
Canada will instantly connect to your mailserver and log in with your
credentials. If you do not have forced SSL/TLS configured on your mail server,
your credentials will be sent in the clear by Blackberrys server for the
connection. Blackberry thus has not only your e-mail credentials stored in its
database, it makes them available to anyone sniffing inbetween – namely the
NSA and GCHQ as documented by the recent Edward Snowden leaks. Canada is a
member of the “Five Eyes”, the tigh-knitted cooperation between the
interception agencies of USA, UK, Canada, Australia and New Zealand, so you
need to assume that they have access to RIMs databases. You should delete your
e-mail accounts from any Blackberry 10 device immediately, change the e-mail
password and resort to use an alternative mail program like K9Mail.

Clarification: this issue is not about PIN-messaging, BBM, push-messaging or
any other Blackberry service where you expect that your credentials are sent
to RIM. This happens if you only enter your own private IMAP / POP credentials
into the standard Blackberry 10 email client without having any kind BER,
special configuration or any explicit service relationship or contract with
Blackberry. The client should only connect directly to your mail server and
nowhere else. A phone hardware vendor has no right to for whatever reason
harvest account credentials back to his server without explicit user consent
and then on top of that connect back to the mail server with them.

Recipe for own experiment: 1\. set up your own mail server with full logging
2\. create throw-away IMAP account 3\. enter IMAP account credentials into
Blackberry 10 device, note time 4\. check mail with Blackberry 5\. look in
logfiles for IP 68.171.232.33 (or others from RIM netblock)'

------
rmk2
Heise.de[1] has a second source confirming this, including further
descriptions and a screenshot, albeit in German.

[1]: [http://www.heise.de/newsticker/meldung/BlackBerry-spaeht-
Mai...](http://www.heise.de/newsticker/meldung/BlackBerry-spaeht-Mail-Login-
aus-1919718.html) [german]

------
tzander
It doesn't seem to do it for my BB10 phone; my server logs show a direct
connection from my phone.

Is this truth, or just one persons interpretation?

~~~
chmars
Why should a connection from your mobile to a BlackBerry server be visible in
YOUR server logs?

~~~
mablae
You did not understand.

~~~
chmars
See [http://frank.geekheim.de/?p=2379](http://frank.geekheim.de/?p=2379) for
the logs.

------
lysium
I'm wondering why are they doing it? RIM does not need your password to check
your email, your phone can do it just fine.

