How Obama's Blackberry Got Secured

(Updated: Jan 26, 2018)

Around Jan 20, 2009, when Barack Obama took over the role of president of the United States, at that topographic point was quite a lot of media attending well-nigh the fact that he had to plow over upwards his BlackBerry, because it was considered to live a safety risk.

This caused almost the world broad media attention, but the follow-up was less accurately covered as well as a number of dissimilar stories were told. Here nosotros volition demo that Obama truly kept his love BlackBerry, but solely after it had been secured past times especial encryption software as well as some additional safety measures.

Barack Obama using his BlackBerry 8830 during the election elbow grease inward 2008
(Photo: Getty Images)

Obama's predecessor, George W. Bush, also used a BlackBerry during the 2000 presidential campaign, but had to plow over it up, equally good equally the usage of whatsoever e-mail software, upon taking office. Three days earlier, he sent out a final e-mail to 42 friends as well as identify unit of measurement members to inform them that he would no longer gibe electronically.

Eight years later, Barack Obama was also forced to plow over upwards his BlackBerry, non solely because of concerns that its communications as well as e-mail could live intercepted, but also because of the Presidential Records Act of 1978. This makes all written White House communications world belongings as well as dependent area to examine nether the Freedom of Information Act (FOIA).

However, this fourth dimension Obama definitely wanted maintain using this pop work organisation telephone to remain inward deport upon alongside people exterior the White House bubble. Therefore, the Secret Service, The White House Communications Agency (WHCA) as well as the National Security Agency (NSA) went looking for a solution.

US President Obama using a silvery ~~BlackBerry 8830~~
Nokia E61 or E62, equally recognized past times someone here

Sectéra Edge

Some media suggested Obama had to alter his BlackBerry for the Sectéra Edge, a highly secured PDA, which is produced past times General Dynamics for the US military. But the Sectéra Edge is quite big, heavy (340 grams) as well as bulky as well as hence hardly convenient for someone used to a BlackBerry. This solution would also involve everyone that Obama would similar to communicate alongside to bring the same phone, which is priced betwixt 2650,- as well as 3350,- USD. Secure communications are solely possible if both ends usage the same (or compatible) encryption devices.

According to other sources, the Sectéra Edge was solely used inward add-on to Obama's BlackBerry, until a permanent solution was worked out. Reports weren't clear well-nigh how precisely these 2 devices were combined. Probably the Sectéra Edge acted similar an encryptor, which was plugged into the BlackBerry, so Obama could maintain using this device to brand a telephone telephone or send out an e-mail, which so went through the Sectéra Edge, encrypting it, before going over the telecommunication network.

The Sectéra Edge, manufactured past times General Dynamics

Compromise

That latter, temporary solution must bring been fifty-fifty to a greater extent than cumbersome, so a compromise was made, inward which president Obama could maintain using a BlackBerry, but equipped alongside a software bundle to encrypt telephone calls as well as text as well as electronic mail messages.

For this purpose, the safety agencies select the SecuVOICE, which is used for securing the smart telephone of the High German chancellor Merkel.

After the NSA did all the necessary tests as well as checking to brand certain the software met federal standards similar FIPS 140-2, the highly secured BlackBerry was delivered to the president somewhere inward May or June 2009. He also gave upwards his old e-mail address as well as switched to a novel one, which is kept secret.

Maybe nosotros tin run across the new, secured BlackBerry inward this painting demo below, where at that topographic point are 2 BlackBerrys lying inward front end of Obama. The silvery i seems to live the BlackBerry 8830, which he already used during the election campaign. The dark one, in all likelihood a BlackBerry 8900, could so live the novel secure one, equally nosotros tin run across the president using this i inward subsequently pictures:

President Barack Obama works alongside Jon Favreau, managing director of speechwriting, on the Normandy speech
aboard Air Force One enroute to Paris. In front end of him are a dark as well as a silvery Blackberry.
(White House photograph past times Pete Souza, June 5, 2009 - click for a bigger picture!)

Detail from the painting demo above, showing the 2 BlackBerrys

The secure BlackBerry was non solely issued to the president, but also to a pocket-size grouping of people alongside whom he likes to remain inward unopen contact with. This because, equally said, it's solely possible to bring secure communications if both ends are using the same encryption method. This express Obama's destination of keeping inward deport upon alongside the exterior world: encryption (still) agency exclusion.

The number of people able to message as well as telephone telephone the president is in all likelihood solely betwixt x as well as twenty. Included are vice-president Biden, Obama's principal of staff as well as some of his peak advisers, his press secretary, initiatory of all lady Michelle Obama, a few other identify unit of measurement members, as well as a pocket-size grouping of personal friends from Chicago.

On Oct 30, 2013, Obama's press secretarial assistant Jay Carney said that the president volition proceed to usage his (secured) BlackBerry, despite concerns well-nigh eavesdropping which came upwards after it was revealed that NSA intercepted the communications of 35 the world leaders.

Update:
On March 16, 2016, AP reported that inward Feb 2009, then-secretary of state Hillary Clinton also wanted a secured BlackBerry similar the i used past times president Obama, but that NSA denied that request. Influenza A virus subtype H5N1 calendar month later, Clinton began using a individual server, located inward the basement of her home, to commutation e-mail messages alongside her peak aides through her regular, non-secure BlackBerry. Later it came out that this rather risky solution was also used for sensitive messages.

The Genesis Key

The SecurVoice software for the presidential BlackBerry was developed for a pocket-size fellowship called The Genesis Key, Inc., based inward Washington DC. This fellowship was founded inward Oct 2008 past times W. Steven Garrett, who took the call from an item used inward the 1986 estimator game The Legend of Zelda.

The software was developed inward the previous iv years, apparantly for i of the projects of Steve I. Cooper, a one-time especial assistant to the president, senior managing director for information integration, as well as CIO (Chief Information Officer) for the Office of Homeland Security. He is immediately a fellow member of the advisory board of SecurDigital, Inc., a work solid founded inward Oct 2009 past times Bruce Magown as well as Steven Garrett to distribute the SecurVoice software applications.

Steven Garrett is a human being alongside a quite surprising background. His Linked-In profiles demo that he has been involved inward a really broad hit of businesess, similar manufacturing plants for Fannies Fat Free Cheesecakes as well as Fat Free Burger (providing microwave-ready cheeseburgers to armed services commissaries) as well as marketing & sales for Lion Sportswear as well as Faded Glory Jeans. He also developed a highly secure appartment building, named Garrett Place. At his twitter work organisation human relationship he describes himself equally "Proven Rainmaker, Change Agent, Strategist, as well as Driving Force for Unprecedented, Exponential Growth inward Revenues, Earnings, as well as Market Valuation".

SecurVoice

The Genesis Key other hardware as well as software encryption solutions, the SecurVoice application should live able to protect global vocalisation connections betwixt as well as within all types of cell, satellite, PBX, SDR as well as VOIP phones as well as telephone systems.

SecurVoice is 100% Java based, which should larn inward device- as well as carrier-independent, but according to the website, the software is currently solely operational on the Blackberry operating arrangement version 4.5 as well as up. Software porting for other operating systems, similar Symbian, Brew, Windows Mobile, Google, as well as iPhone is said to live underway.

With SecurVoice, each telephone tin live loaded alongside upwards to 3 levels of security, each i accessible through a carve upwards icon as well as recognizable past times a dissimilar ringtone. When dialing a number as well as this number has a cryptographic key associated alongside it, so the telephone telephone is automatically placed equally a secured call. If a telephone number has no cryptographic key associated alongside it, so the jail cellphone telephone operates commonly as well as the telephone telephone is placed unencrypted.

The SecurVoice software comes inward 2 versions:
- Phone-to-Phone (P2P), where secure calls are made direct from i jail cellphone telephone to another. The cost for regime users is 1795,- USD per application.
- Phone-to-Server (P2S), where secure calls are routed from the telephone to an venture server as well as back. The cost of a server license is betwixt 2500,- as well as 25.000,- USD.

It's likely, that for Obama the server solution was chosen. This allows a centralized key management, monitoring of all secure calls as well as tape keeping of the messages. One source says the president may bring to hold off upwards to 50 minutes for an e-mail reply, equally the arrangement actively sniffs out incoming messages for viruses or Trojan horses.

Overview of the SecurVoice application options
(by The Genesis Key/SecurDigital)

Encryption

The SecurVoice software features a dual-layered, or hybrid encryption scheme, which agency it combines symmetrical as well as asymmetrical encryption algorithms. It performs the vocalisation encryption inward existent fourth dimension past times using a fast symmetric cipher, using a rigid key. This key is so encrypted alongside a public-key or asymmetrical cryptosystem, similar RSA or ECC, as well as transmitted together alongside the encrypted message. This is also how the vast bulk of present-day communications encryption works.

The SecurVoice symmetric encryption uses a 256-bit session (conversation) key, which replaces the encryption every 2d alongside non-reoccurring numbers. This session key is a combination (salted hash) of the sender Base Secure Key (stored inward the recipient key store) as well as a random session key. According to the manufacturer, SecurVoice uses classified Type 1 encryption algorithms, which are restricted to regime as well as armed services users. For corporate users, world crypto algorithms similar AES are used.

In instance of a SecurVoice venture server, the software converts vocalisation into encrypted data, which is so sent over the carrier network to the SecurVoice Enterprise Server where it is decrypted. It is so re-encrypted as well as sent dorsum over the carrier network to the receiving phone, where it is decrypted as well as converted dorsum to voice. It's also possible to select dissimilar encryption algorithms, so that, for example, encryption from a jail cellphone telephone to the venture server may live the AES algorithm alongside a 128-bit, piece from the server to the receiving telephone this may live done past times using Elliptic Curve Cryptography (ECC).

President Obama using his BlackBerry 8900 inward the limousine piece traveling
from the University of Republic of Indonesia to the airdrome inward Jakarta, Indonesia.
(White House Photo past times Pete Souza, Nov 10, 2010)

Security risks

As Obama wanted to maintain using a BlackBerry device, the safety solution is software only. This withal leaves risks similar compromised hardware as well as hacking past times agency of social engineering. Therefore, some safety specialists say that it's non impossible to hack Obama's BlackBerry as well as that unusual states as well as other hackers volition probable seek to practise so.

To minimize these risks, the secured BlackBerrys forestall forwarding e-mail messages from the president as well as sending him attachments. His surreptitious e-mail address is probable to live changed regularly equally good as well as Obama's friends as well as staff members were lectured well-nigh these safety issues.

Another jeopardy of the president using a BlackBerry, similar a jail cellphone telephone inward general, is that enemies tin seek to rails the president's location inward real-time, fifty-fifty when GPS is disabled. Every jail cellphone telephone regularly transmits it's IMEI-number to the jail cellphone tower, as well as this tin live intercepted past times devices similar a this article.

One source says the presidential BlackBerry tin solely connect to a secure base of operations station, which tin live used to enshroud the IMEI-number of the device as well as thus forestall tracking it. This would hateful the White House Communications Agency has to ship such a secure base of operations station wherever the president goes.

There must live also a secure base of operations station within the presidential limousine, equally nosotros tin run across inward the painting demo above. First because using a unusual jail cellphone telephone network would live a large safety risk, but also because the limousine is most probable constructed similar a Faraday cage, as well as hence a BlackBerry could solely live used if there's a base of operations station inward the auto itself (and in all likelihood also inward Air Force One). The secure base of operations station is in all likelihood connected to a secure satellite link alongside Washington.

President Obama uses his BlackBerry for calling Mitt Romney
(White House photograph past times Pete Souza, Nov 6, 2012)

Conclusion

As nosotros bring seen, president Obama has kept his BlackBerry, but solely after it had been secured. This took quite some effort: newly developed software had to live tested within a duo of months, all his contacts bring to usage the same software, limiting their number to a rather pocket-size group, as well as a secure base of operations station has to follow the president. Nonetheless, this advertising hoc solution for the president marks the outset of an era inward which peak grade mobile communications volition no longer live secured alongside dedicated hardware, but past times using software applications for regular commercial smartphones.

> See also: Some SIGINT as well as COMSEC during the Nuclear Security Summit

Update:

By the terminate of 2014, a Russian state-sponsored hacker group, known equally Cozy Bear, was able to infiltrate White House e-mail servers containing the sent as well as received emails of president Barack Obama, but they failed to penetrate the servers that controlled the traffic from his personal BlackBerry. The Dutch Joint Sigint Cyber Unit (JSCU) monitored these hacking operations as well as alerted the Americans.