Page 2 of 4 FirstFirst 1234 LastLast
Results 26 to 50 of 83
Like Tree109Likes
  1. #26  

    Default

    There seems to be some misconception about FIPS certification. It does not make your phone impenetrable.
    The Playbook was FIPS certified at launch, yet a vulnerability was found and exploited resulting in Dingleberry.
    A Samsung SG2 running Gingerbread is FIPS certified and can be run securely and IS being run securely within certain DOD components.
    A Blackberry Torch which was FIPS certified had a vulnerability that was exploited during a pawn2own event.

    FIPS does not guarantee an iron clad OS. It meets requirements but it does not ensure the OS is impenetrable.

    A BB can be compromised by loading junk apps.

    http://forums.crackberry.com/blackbe...-world-727830/

    The key are the apps. They are, in the majority of cases, the means by which malware is introduced into devices, except for drive bys.

    FIPS does not guarantee the absence of malware nor does it guarantee an impenetrable device; it means it's gone to the nist labs or nist certified labs and has been tested and standards have been met. Had FIPS meant a guarantee of impenetrability, you would have no Dingleberry.

    All that said, Android has more opportunity for the introduction of malware due to the huge assortment of apps. Does it keep me from running my SGIII? Not at all. I run mine in a very judicious manner; I have no apps from sources I don't know. Example, I wanted a notification light app like BeBuzz....when I read the permissions, I did not feel comfortable. Consumers need to learn to read. Ultimately, the responsibility is on the user.

    ****for the record, and before anyone attempts the GOTCHA and claims I'm being hypocritical.....I have no banking apps on any device except my BB.....that means no banking apps on any of my Androids, iPhones, or iPad. Because the Android browser kills the browser on my 9900, I am more concerned about drive bys and clicking on something by accident that can get me into malware territory. THAT is the reason.

    By the way, the day the BB browser catches up to Android, as it seems BB10 has, the same possibility for drive bys will occur. That will be a concerning day for me and my banking apps.

    Do I wear a tin foil hat???? well.....it's part of my job.
    Last edited by qbnkelt; 01-28-2013 at 04:10 AM.
    Do not meddle in the affairs of dragons; dragonslayers are crunchy, and good with ketchup
    Thanked by 2:
    cezley (01-28-2013) 
  2. georg22's Avatar
    CrackBerry User

    Posts
    35 Posts
    #27  

    Default

    A group of hipster telling the business-dressed man with a BB in his hand something about security...
    rediculous ad.
  3. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,419 Posts
    PIN
    27F48177
    #28  

    Default

    Quote Originally Posted by qbnkelt View Post
    There seems to be some misconception about FIPS certification. It does not make your phone impenetrable.
    The Playbook was FIPS certified at launch, yet a vulnerability was found and exploited resulting in Dingleberry.
    A Samsung SG2 running Gingerbread is FIPS certified and can be run securely and IS being run securely within certain DOD components.
    A Blackberry Torch which was FIPS certified had a vulnerability that was exploited during a pawn2own event.

    FIPS does not guarantee an iron clad OS. It meets requirements but it does not ensure the OS is impenetrable.

    A BB can be compromised by loading junk apps.

    http://forums.crackberry.com/blackbe...-world-727830/

    The key are the apps. They are, in the majority of cases, the means by which malware is introduced into devices, except for drive bys.

    FIPS does not guarantee the absence of malware nor does it guarantee an impenetrable device; it means it's gone to the nist labs or nist certified labs and has been tested and standards have been met. Had FIPS meant a guarantee of impenetrability, you would have no Dingleberry.

    All that said, Android has more opportunity for the introduction of malware due to the huge assortment of apps. Does it keep me from running my SGIII? Not at all. I run mine in a very judicious manner; I have no apps from sources I don't know. Example, I wanted a notification light app like BeBuzz....when I read the permissions, I did not feel comfortable. Consumers need to learn to read. Ultimately, the responsibility is on the user.

    ****for the record, and before anyone attempts the GOTCHA and claims I'm being hypocritical.....I have no banking apps on any device except my BB.....that means no banking apps on any of my Androids, iPhones, or iPad. Because the Android browser kills the browser on my 9900, I am more concerned about drive bys and clicking on something by accident that can get me into malware territory. THAT is the reason.

    By the way, the day the BB browser catches up to Android, as it seems BB10 has, the same possibility for drive bys will occur. That will be a concerning day for me and my banking apps.

    Do I wear a tin foil hat???? well.....it's part of my job.
    You're right, FIPS doesn't but BES does!! I'm sure you know, and we're talking business enviroment here, not consumer.
    Thanked by:
    SDTRMG (01-28-2013) 
  4. Bold_until_Hybrid_Comes's Avatar
    Waterloo's Finest

    Posts
    5,295 Posts
    Global Posts
    5,324 Global Posts
    #29  

    Default

    ~ { gotcha } ~
    Phones: Nokia 5110>Nokia 3360>Siemens C56>Moto RAZR>LG Chocolate>Pearl 8100>Bold 9000 >Pearl 9100 + Bold 9900 > iPhone 4S + Z10 + Bold 9000
    Tablets: 16GB Playbook > Playbook 32GB
    __________________________________________________ _________________________

    CLICK HERE TO JOIN THE SEXY GIRLS IN YOGA PANTS CHANNEL

    C000288CC
    __________________________________________________ ___________________________
  5. neteng1000's Avatar
    CrackBerry Addict

    Posts
    770 Posts
    #30  

    Default Samsung releases another add claiming androids "secure". How safe could it really be?

    Quote Originally Posted by DarcMobile View Post
    Android is secure as long as you didn't download weird apps that require unexpected permission. Some pirated apps/game are sometimes modified to carry virus or steal your data.

    There are some rumors that SMS can carry virus for android phone, but it is impossible and most likely only contain link to the virus webpage
    That right here is a security problem is it not?

    Sent from my BlackBerry 9800 using Tapatalk
  6. #31  

    Default

    The final line of the advert - the company punchline - claims Note2 is "safe technology". There is no corresponding claim for GS3 and it actually makes no statement about the level of security provided. It is faintly implied and left to the viewer to reach conclusions not supported by the content.
    <a href="http://www.galatis.de/starboard.php?d=5518"><!-- Something special for the spammers --></a>
    CrackBerry... where only Stupid People fight about Smart Phones
    Thanked by 2:
    dentynefire (01-28-2013),  qbnkelt (01-28-2013) 
  7. #32  

    Default

    Quote Originally Posted by qbnkelt View Post
    FIPS does not guarantee the absence of malware nor does it guarantee an impenetrable device; it means it's gone to the nist labs or nist certified labs and has been tested and standards have been met. Had FIPS meant a guarantee of impenetrability, you would have no Dingleberry.
    Strictly the FIPS 140 certification indicates ONLY that the cryptographic module has been tested and meets the standard. It says nothing about other unrelated components.

    By the way, the day the BB browser catches up to Android, as it seems BB10 has, the same possibility for drive bys will occur. That will be a concerning day for me and my banking apps.
    This is not strictly true. Drive by downloads depend on specific vulnerabilities in the browser and/or OS which are very unlikely to be replicated between Android systems and RIM systems. The problem with the BB OS6 Webkit browser occurred because RIM imported a buggy third party browser core without adequate checking.
    <a href="http://www.galatis.de/starboard.php?d=5518"><!-- Something special for the spammers --></a>
    CrackBerry... where only Stupid People fight about Smart Phones
    Thanked by 2:
    qbnkelt (01-28-2013),  SDTRMG (01-28-2013) 
  8. #33  

    Default

    Quote Originally Posted by belfastdispatcher View Post
    You're right, FIPS doesn't but BES does!! I'm sure you know, and we're talking business enviroment here, not consumer.
    I think you're talking about secure systems here... the quote is too broad to be certain.

    BES doesn' t guarantee security, although it has a higher probability than its competitors. What RIM does offer is a system with a proven track record, combined with prompt resolution and patching when a vulnerability is identified.
    <a href="http://www.galatis.de/starboard.php?d=5518"><!-- Something special for the spammers --></a>
    CrackBerry... where only Stupid People fight about Smart Phones
    Thanked by:
    qbnkelt (01-28-2013) 
  9. #34  

    Default Re: Samsung releases another add claiming androids "secure". How safe could it really be?

    Quote Originally Posted by Branta View Post
    Strictly the FIPS 140 certification indicates ONLY that the cryptographic module has been tested and meets the standard. It says nothing about other unrelated components.



    This is not strictly true. Drive by downloads depend on specific vulnerabilities in the browser and/or OS which are very unlikely to be replicated between Android systems and RIM systems. The problem with the BB OS6 Webkit browser occurred because RIM imported a buggy third party browser core without adequate checking.
    My point.

    It is the apps that introduce the vulnerabilities into Android and the browser that resulted in the pan2own
    exploit in the webkit browser.

    While the same exact vulnerabilities are not necessarily replicated across platforms, the more robust the browser the more possibility for drivebys. Your last sentence phones my point.....no platform is impenetrable.


    Sent from my SEXY HOT RED SGIII using Tapatalk 2
    Do not meddle in the affairs of dragons; dragonslayers are crunchy, and good with ketchup
  10. #35  

    Default Re: Samsung releases another add claiming androids "secure". How safe could it really be?

    [QUOTE=qbnkelt;7892376]

    Sent from my SEXY HOT RED SGIII using Tapatalk 2
    Double
    Do not meddle in the affairs of dragons; dragonslayers are crunchy, and good with ketchup
  11. #36  

    Default Re: Samsung releases another add claiming androids "secure". How safe could it really be?

    Quote Originally Posted by Branta View Post
    I think you're talking about secure systems here... the quote is too broad to be certain.

    BES doesn' t guarantee security, although it has a higher probability than its competitors. What RIM does offer is a system with a proven track record, combined with prompt resolution and patching when a vulnerability is identified.
    EXACTLY.

    BES does NOT guarantee an impenetrable platform.

    We run BES security patches from RIM as they are released.

    People have GOT to stop this myth of an impenetrable BB OS. It simply is NOT.

    Sent from my SEXY HOT RED SGIII using Tapatalk 2
    Do not meddle in the affairs of dragons; dragonslayers are crunchy, and good with ketchup
    Thanked by 2:
    hornlovah (01-28-2013) 
    pantlesspenguin likes this.
  12. Bold_until_Hybrid_Comes's Avatar
    Waterloo's Finest

    Posts
    5,295 Posts
    Global Posts
    5,324 Global Posts
    #37  

    Default

    Quote Originally Posted by Branta View Post
    I think you're talking about secure systems here... the quote is too broad to be certain.

    BES doesn' t guarantee security, although it has a higher probability than its competitors. What RIM does offer is a system with a proven track record, combined with prompt resolution and patching when a vulnerability is identified.
    And another way of saying this is that Blackberry has a higher probability of security then android, samsung in this case (they are competitors). Another way of saying higher probability of security is "safer", as something is less likely to happen.

    Safer with less vulnerabilities. No system will ever be perfect. Being the safest with least vulnerabilities and patching anything that comes up promptly is the name of the game.

    To answer the OP's question. How safe could it be? Not as safe as blackberry
    Phones: Nokia 5110>Nokia 3360>Siemens C56>Moto RAZR>LG Chocolate>Pearl 8100>Bold 9000 >Pearl 9100 + Bold 9900 > iPhone 4S + Z10 + Bold 9000
    Tablets: 16GB Playbook > Playbook 32GB
    __________________________________________________ _________________________

    CLICK HERE TO JOIN THE SEXY GIRLS IN YOGA PANTS CHANNEL

    C000288CC
    __________________________________________________ ___________________________
    Thanked by:
    SDTRMG (01-28-2013) 
    SDTRMG likes this.
  13. #38  

    Default Re: Samsung releases another add claiming androids "secure". How safe could it really be?

    Quote Originally Posted by Bold_until_Hybrid_Comes View Post
    ~ { gotcha } ~
    Yah? Exactly how? That BB is impenetrable?

    Read Branta's comment.


    Read carefully now.......

    BB IS NOT impenetrable.

    Sent from my SEXY HOT RED SGIII using Tapatalk 2
    Do not meddle in the affairs of dragons; dragonslayers are crunchy, and good with ketchup
  14. #39  

    Default Re: Samsung releases another add claiming androids "secure". How safe could it really be?

    Quote Originally Posted by Bold_until_Hybrid_Comes View Post
    And another way of saying this is that Blackberry has a higher probability of security then android, samsung in this case (they are competitors). Another way of saying higher probability of security is "safer", as something is less likely to happen.

    Safer with less vulnerabilities. No system will ever be perfect. Being the safest with least vulnerabilities and patching anything that comes up promptly is the name of the game.

    To answer the OP's question. How safe could it be? Not as safe as blackberry
    Probability is not a guarantee. Not even on BES.


    There are instances of secure Android use within DOD.

    Agreed that laughing up is important.

    Are you sure of all the apps in App World are safe? Answer carefully.

    Do you realise that not all instances of BES remove the possibility of loading apps?

    Put this two together and see how even a.BB with loosely configured BES can be made vulnerable through junk apps.


    Sent from my SEXY HOT RED SGIII using Tapatalk 2
    Do not meddle in the affairs of dragons; dragonslayers are crunchy, and good with ketchup
  15. Bold_until_Hybrid_Comes's Avatar
    Waterloo's Finest

    Posts
    5,295 Posts
    Global Posts
    5,324 Global Posts
    #40  

    Default

    Quote Originally Posted by qbnkelt View Post
    Probability is not a guarantee. Not even on BES.


    There are instances of secure Android use within DOD.

    Agreed that laughing up is important.

    Are you sure of all the apps in App World are safe? Answer carefully.

    Do you realise that not all instances of BES remove the possibility of loading apps?

    Put this two together and see how even a.BB with loosely configured BES can be made vulnerable through junk apps.


    Sent from my SEXY HOT RED SGIII using Tapatalk 2
    I did not claim probability was a guarantee. I admitted no system is perfect. I am not trying to state BES is impenetrable.

    My purposes on this thread are solely to show Blackberry is safer then android. Not prove BES against itself.
    Phones: Nokia 5110>Nokia 3360>Siemens C56>Moto RAZR>LG Chocolate>Pearl 8100>Bold 9000 >Pearl 9100 + Bold 9900 > iPhone 4S + Z10 + Bold 9000
    Tablets: 16GB Playbook > Playbook 32GB
    __________________________________________________ _________________________

    CLICK HERE TO JOIN THE SEXY GIRLS IN YOGA PANTS CHANNEL

    C000288CC
    __________________________________________________ ___________________________
    SDTRMG likes this.
  16. #41  

    Default Re: Samsung releases another add claiming androids "secure". How safe could it really be?

    Quote Originally Posted by Branta View Post
    The final line of the advert - the company punchline - claims Note2 is "safe technology". There is no corresponding claim for GS3 and it actually makes no statement about the level of security provided. It is faintly implied and left to the viewer to reach conclusions not supported by the content.
    EXACTLY.

    The advert says NOTHING about FIPS, BES or BIS.

    I answered the incorrect statement that SGIII is FIPS certified.

    Don't know where BES got drawn into the conversation.

    Sent from my SEXY HOT RED SGIII using Tapatalk 2
    Do not meddle in the affairs of dragons; dragonslayers are crunchy, and good with ketchup
  17. #42  

    Default Re: Samsung releases another add claiming androids "secure". How safe could it really be?

    Quote Originally Posted by Bold_until_Hybrid_Comes View Post
    I did not claim probability was a guarantee. I admitted no system is perfect. I am not trying to state BES is impenetrable.

    My purposes on this thread are solely to show Blackberry is safer then android. Not prove BES against itself.
    Then I don't know what your gotcha was about.

    Quote Originally Posted by Bold_until_Hybrid_Comes View Post
    ~ { gotcha } ~

    http://btsc.webapps.blackberry.com/b...ListHelperImpl



    Sent from my SEXY HOT RED SGIII using Tapatalk 2
    Last edited by qbnkelt; 01-28-2013 at 06:26 AM.
    Do not meddle in the affairs of dragons; dragonslayers are crunchy, and good with ketchup
  18. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,419 Posts
    PIN
    27F48177
    #43  

    Default

    Is a BlackBerry safer then a Samsung phone? Yes, end of story. We're not looking at circumstances to make it less safe. Which can be the most secure and there's only one answer to that: BlackBerry!
    Thanked by:
    SDTRMG (01-28-2013) 
    SDTRMG likes this.
  19. belfastdispatcher's Avatar
    CrackBerry Genius of Geniuses

    Posts
    13,419 Posts
    PIN
    27F48177
    #44  

    Default

    It's like arguing a Ferrari can be driven at 10mph too instead of arguing about its full potential.
    SDTRMG likes this.
  20. #45  

    Default

    Quote Originally Posted by eve6er69 View Post
    My sis in law got a weird facebook email on her droid. Didn't think anything of it and when she woke up her phone was wiped.

    When I tried reloading her gmail contacts to the phone it seemed to work in the process but when you went to her contacts they weren't there. If I tried to put them in manually they weren't showing up.

    That was my deciding factor in security loopholes with android. She had to go out and get a new phone.

    Was just an unnecessary thing to have to go through because of something that everyone uses like facebook.

    Sent from my game boy color
    This is a known and documented attack. First google hits listed on search terms SMS+vulerability+samsung looks like a rational explanation:

    Multiple Samsung handsets vulnerable to remote wipe hack | Dialed In - CNET Blogs
    Samsung Galaxy S III remote data-wipe hack reportedly discovered [Updated] - SlashGear
    It's Not Just Samsung Phones: How to Check If Your Android Device Is Vulnerable to The Remote Wipe Hack

    Note that it is possible to permanently disable a vulnerable Samsung device, and although I used SMS in my search terms the vulnerability seems to be deliverable by several routes.

    Update: A simple technical explanation of the attack can be found here
    <a href="http://www.galatis.de/starboard.php?d=5518"><!-- Something special for the spammers --></a>
    CrackBerry... where only Stupid People fight about Smart Phones
    SDTRMG likes this.
  21. #46  

    Default

    One inappropriate comment (and a reply quoting it) has been removed, and the relevant warning sent to the offender.

    Keep the discussion civil and on topic please. The topic is a smartphone, not your life partner or your religion - so it does not justify getting into a fight and it certainly doesn't justify getting banned over it.
    <a href="http://www.galatis.de/starboard.php?d=5518"><!-- Something special for the spammers --></a>
    CrackBerry... where only Stupid People fight about Smart Phones
    Thanked by 3:
    pkcable (01-28-2013),  qbnkelt (01-28-2013),  SDTRMG (01-28-2013) 
    pkcable, qbnkelt and SDTRMG like this.
  22. BitPusher2600's Avatar
    CrackBerry Master

    Posts
    1,117 Posts
    Global Posts
    1,275 Global Posts
    PIN
    Zebra Ballpoint
    #47  

    Default Samsung releases another add claiming androids "secure". How safe could it really be?

    Hey, Android like any OS is practically unbreakable as long as you don't put it online. Permissions and apps are what make this crap dangerous. Further, as extreme as Google's data collecting practices are, I always did wonder just how much of what Google records on each Android installation.

    Branta, almost sorry I missed whatever post you deleted but I must disagree with one thing you said; each 'Berry i've owned has been 'my' life partner

    If it doesn't say BINFORD, someone else probably makes it.
    SDTRMG likes this.
  23. Geeoff's Avatar
    CrackBerry Abuser

    Posts
    196 Posts
    Global Posts
    203 Global Posts
    PIN
    t of lager
    #48  

    Default

    I'm been thinking about something regarding these new Samsung ads.

    In the previous Samsung ad they took a couple pokes at Blackberry. Nothing too heavy, but Samsung was just trying to build up their own business credentials.

    Now, in this ad here, they again refer to Blackberry (the black guy), but note that they do not slam him (or his phone) at all. If anything they imply that his phone is more secure than a Samsung.

    Why would Samsung go soft on Blackberry???!!! I see two options:

    1. Samsung is considering licensing BB10 so they don't want to slam it too hard. We already know that Lenovo had at least had preliminary discussions with RIM, so it is quite possible that Samsung at least considered this possibility too. As a matter of fact, I can almost garuntee that Samsung has considered licensing BB10. But of course, we don't know if they will actually do this.

    2. The second possibility is that they are concerned about BB10 so they want to start demonstrating their superiority to it. However, since Blackberry is viewed poorly in the States, they don't want to be seen as trying to bully the little guy. That would only create sympathy for the underdog. Initially this seems more likely, but it doesn't fit with acknowledging that Blackberry is a more secure platform that Samsung.

    The key point for me is that Samsung is treating Blackberry a little bit differently, and I don't know what to make of it.
    SDTRMG likes this.
  24. hornlovah's Avatar
    CrackBerry Abuser

    Posts
    220 Posts
    #49  

    Default

    No encryption scheme is impenetrable if an attacker can gain access the the encryption keys. Speaking strictly in terms of data at rest (device encryption), attackers want to obtain a physical dump of the device, and attack the password based key that secures the encryption keys. Unless there is an encryption implementation error or you have malware on your device, the security of your encrypted data is dependent on the strength of your password.

    Most people don't use a strong enough mobile password to resist a competent attack though. Tamper-proof hardware and an unbreakable bootloader make a device resistant to memory dumping. RIM does make it very difficult to obtain and interpret physical dumps at this time however. The latest iPhones have a unique hardware-based encryption key so offline password attacks are not possible. Password recovery attacks on these phones are limited to roughly 6 guesses a second, no matter how much computing strength an attacker has. Off-the-shelf consumer Android devices do not enjoy these protections.
    SDTRMG likes this.
  25. brmiller1976's Avatar
    CrackBerry Abuser

    Posts
    485 Posts
    Global Posts
    2,578 Global Posts
    #50  
    SDTRMG likes this.
Page 2 of 4 FirstFirst 1234 LastLast

Similar Threads

  1. Security wipe, how long does it take?
    By Sandman333 in forum BlackBerry Storm2
    Replies: 3
    Last Post: 04-21-2013, 06:30 AM
  2. How safe is it 2 download official OS6 releases from other carries?
    By BlackberryFan2009 in forum BlackBerry Bold 9780
    Replies: 9
    Last Post: 02-19-2011, 04:10 PM
  3. How safe is it 2 download official OS6 releases from other carries?
    By BlackberryFan2009 in forum BlackBerry 6
    Replies: 9
    Last Post: 02-19-2011, 04:10 PM
  4. 10 Reasons Why Google Android Is Secure
    By matrix2004 in forum Android
    Replies: 9
    Last Post: 11-03-2009, 12:02 PM
  5. Any word on when AT&T will release another new update?
    By ReaperZ1013 in forum BlackBerry Bold 9000
    Replies: 11
    Last Post: 09-14-2009, 02:48 PM

Posting Permissions