Warning: BlackBerry Protect flaw uncovered

A few days ago I tweeted a recommendation to download and install BlackBerry Protect. In my view this is a brilliant application for two reasons. Firstly it allows you to remotely back-up all of your data (which can then be set to occur automatically), and secondly because it provides additional security features in the event that your BlackBerry is lost or stolen.

The security features allow you to locate your phone on a map and also instruct it to emit a loud noise, all of which is great if you’ve simply misplaced it somewhere nearby. Best of all you can remotely lock and / or completely wipe all the data from your handset, which is surely excellent peace of mind for any BlackBerry owner. However – and much to my frustration – I recently discovered a fatal flaw with this application.

In a nutshell if you lock your handset online with a password, the phone will indeed lock itself, but the password will then not work on the phone. In other words if you lost your phone and subsequently locked it online with the password “torch123”, should you be lucky enough to find your phone again, you would not be able to unlock it with the same password “torch123”.

Worst of all because there is then no way to unlock your phone and no passwords will work, you will be forced to enter an incorrect password ten times, after which point your BlackBerry handset will go into emergency shutdown and completely wipe all your data. The only remedy available to you at this stage would be to follow the entire process through, sit tight as your BlackBerry wipes and resets itself, and then do a back-up restore. Sadly if you didn’t do a back-up then you’re screwed.

I’ve written this up because this is exactly what recently happened to me – twice – firstly because I thought I’d lost my phone, and then I tried the whole thing again to double check, because I knew that I had not made a typo when I had initially set my password. Thankfully I had completed a back-up a few days beforehand so I only lost a small amount of data. However I did also lose all my BlackBerry messenger contacts and all the messages that I’d received between the date of my last back-up and the date of the restore.

My BlackBerry handset does not run off a BlackBerry Enterprise Server, so I’m not sure if that has something to do with it. I have now sent all of this information over to RIM BlackBerry headquarters, so hopefully I’ll soon get an answer to this anomaly. In the meantime if you are a BlackBerry owner and you have installed the BlackBerry Protect application – you have been warned! Having said that, I would recommend downloading the software and regularly backing-up your handset, but just avoid using the remote locking feature until the problem is fixed.

3 thoughts on “Warning: BlackBerry Protect flaw uncovered

  1. I wonder why BB haven’t password protected the Protect App, because as far as I can tell there is nothing to prevent an intruder from acessing your handset and disabling the track and trace feature which would be key to retrieving it in the event of a loss.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s