Encrochat Blog

 

English Dutch French German Russian Spanish Turkish
Posted: January 20, 2016 
Subject: The BlackBerry Memory Cleaner
 
Preamble: In answer to the storm of criticism from subscribers about the recent revelations that seized Blackberry devices are exposing deleted encrypted PGP email messages, many PGP Blackberry resellers are telling their subscribers the Blackberry smartphone memory cleaner solves this issue.  Does that actually work?
 
Our Response:  In short, no. 
 
First, let’s examine the different types of memory that can be present on a Blackberry.
 
  • Application memory  contains running applications, the Java Virtual Machine (JVM), and currently accessed files in Random Access Memory (RAM).  Also referred to as flash memory or onboard memory.

  • Built in media storage is the embedded multimedia card (eMMC).  Not removable. It is also referred to as internal media memory and on-board device memory.  Essentially, stores data like PGP encrypted email messages, pictures, video, etcetera.

  • External media card storage is an optional and removable microSD card. This will not be discussed further as none of the Blackberry devices we are referencing should be using it.

As per a Blackberry knowledge base article, the memory cleaner just performs the function of secure garbage collection and clearing caches.  So items like temporary key store, cached data like address books, unencrypted email messages contained in flash memory or RAM are securely overwritten. 

In our research, it does not mention anything about securely deleting data on built in media storage (eMMC). In fact, the specification for eMMC does not address a method of securely deleting data until version 4.4 (deprecated in version 4.5).  The Blackberry memory cleaner does not employ a secure file delete or sanitize method of the eMMC storage. This explains why it has no effect on preventing data recovery of deleted encrypted PGP messages.