[tonyle]

Lets break this down.

sms, not encrypted.

pin messages/BBM, "scrambled"

BBM protect, encrypted

BES (corporate device), encrypted with a key that BlackBerry is not suppose to be able to access.

Originally bb devices could send messages to other bb if you knew their pin. The data was compressed and encrypted, but a moot point since all bb devices had the same key. Pin messages,BBM and their bis infrastructure was never really considered secured, their main offering was BES with offered end to end security.

I used the term scrambled since that was the term everyone was using years ago since people get confused between encrypted, vs encrypted with shared key, vs not encrypted, etc. It quickly becomes a pointless conversation.

As far as I'm concerned, This isn't really surprising if you think about it. BlackBerry's only claim to security was BES for end to end communication.

[x5n1]

The take away from each one of these is that corporations can not be trusted with your data not to divulge it to the government, or even to secure it well enough that it is not compromised. However, most corporations do not have the resources in terms of technical know-how and labor to do much better in terms of not being compromised.

[pakled_engineer]

There was also that BES service Data Locking corp (a.k.a. BeStealth) hosted in Costa Rica that shilled it's "unbreakable encryption" to crime groups which the FBI remotely broke into and snatched all the keys.

Another way into BES is of course via stupidity, such as Nicola Nero the crime boss police caught a few years ago in Ontario who had written his password on a memo and left it beside his BlackBerry phone because he kept forgetting it. They busted a global mafia ring from that one mistake.