Research In Motion (RIM) engaged @stake, Inc. to perform a Product Penetration Assessment of the Java™ based BlackBerry Wireless Handhelds™ supporting components. Product Penetration Assessments model specific threat scenarios in a laboratory environment and provide insight into methods of attack against a product or application at a point-in-time. Using reverse-engineering and penetration techniques, @stake attempts to undermine the security features of the application from an informed position.

@stake's overall analysis indicates that the server to handheld communication security of the BlackBerry Wireless Handheld and BlackBerry Enterprise Server user input validation routines are robust. @stake was unable to forge messages from the handheld to the BlackBerry Enterprise Server environment.