I was speaking with a respected colleague today about the security of Blackberries vs. other mobile devices. The conventional wisdom of the business community, apparently, is that the Blackberry is some form of superhero-grade magical device, impervious to all forms of cybersecurity attack, and hence suitable for handling all levels of sensitive communication (and soon suitable for President Obama).
It’s true that RIM (Research in Motion), Blackberry’s maker, has an excellent marketing department (and, as excellent marketing departments are hard to come by, I at least give them kudos for that). They have spun a fantastic tale about how, by simply installing their superduper-secure Blackberry Enterprise Server (BES) product, you have created a secure channel between the enterprise network and a user’s eyes/ears. As far wireless communications channels go, they have an “ok” solution for securing transport to the Blackberry device itself. The highest security risk of using a Blackberry is NOT that your data is compromised while being transmitted wirelessly. Instead, there really are two high risk scenarios when using a Blackberry in an enterprise:
We run WordPress for our blog and like it. I have been debating whether to upgrade our the barkingseal.com WordPress installation – we were at version 2.6.5 and it didn’t look like there were any important security issues fixed in 2.7 and 2.7.1. Patching is all about balance – the risk of security vulnerabilities versus the risk and effort of applying the upgrade. Plus, in this case, I sure don’t want to be too far behind the Web 2.0 curve (a little bit of sarcasm). 
), we know that by using aircrack in conjunction with packet injection/replay