December 6, 2016

ElcomSoft Releases New Software to Recover Passwords on NIST Certified BlackBerry PlayBook Backups

(LiveHacking.Com) – Only a few days ago the BlackBerry PlayBook became the first tablet to be certified for US government use by passing the FIPS 140-2 certification from the National Institute of Standards and Technology (NIST). No other tablet, including the iPad, has gained this certification and the PlayBook is the only tablet ready for deployment within the U.S. federal government.

Since this particular FIPS (Federal Information Processing Standard) certification is about cryptography, you would think that any government data on a PlayBook would be secure… Not so… ElcomSoft has updated its Phone Password Breaker with the ability to recover passwords protecting BlackBerry PlayBook backups. This means that it can recover the original plain-text password protecting the PlayBook backups. Once the password is known the backup can be restored to and analyzed on another PlayBook device.

The result is that forensic investigators (or hackers, spies and foreign governments) can access email messages, call history, contacts, web browsing history, voicemail and email accounts stored in those backup files.

To crack the passwords on the Backups, ElcomSoft use GPU-accelerated attacks, offloading parts of the computation-intensive jobs onto highly parallel units available in today’s ATI and NVIDIA video cards. The result is that the Elcomsoft Phone Password Breaker can try tens of thousands of passwords per second.

ElcomSoft plans to add a PlayBook backup decryption module, which allows the backups to be cracked open without restoring them to another PlayBook device, to the next version of Elcomsoft Phone Password Breaker.