A Concrete Example of why Protected User Data Privacy is Worth the Effort
- There is a new paper posted today in SciRate:
I Know Why You Went to the Clinic: Risks and Realization of HTTPS Traffic Analysis
Abstract:
Revelations of large scale electronic surveillance and data mining by governments and corporations have fueled increased adoption of HTTPS. We present a traffic analysis attack against over 6000 webpages spanning the HTTPS deployments of 10 widely used, industry-leading websites in areas such as healthcare, finance, legal services and streaming video. Our attack identifies individual pages in the same website with 89% accuracy, exposing personal details including medical conditions, financial and legal affairs and sexual orientation. We examine evaluation methodology and reveal accuracy variations as large as 18% caused by assumptions affecting caching and cookies. We present a novel defense reducing attack accuracy to 27% with a 9% traffic increase, and demonstrate significantly increased effectiveness of prior defenses in our evaluation context, inclusive of enabled caching, user-specific cookies and pages within the same website.
With the upturn of privacy-infringing third-party apps in recent years, BlackBerry is implementing additional mechanisms to protect mobile app customers and their personal information. One such mechanism includes new privacy guidelines for BlackBerry World developers. The guidelines will assist you with recognizing Personally Identifiable Information (PII) and applying best practices for protecting users' information such as developing a privacy policy.
and a blog post: Apps, Privacy and Your Data
Good news for users who are not privacy or security savvy but are looking for a safer alternative in their smartphone ecosystem.jxnb and Shanerredflag like this.03-04-14 08:57 AMLike 2 - This is a good read. Thank you.
Of particular interest is this:
Consider the Impact of Third-Party Code
If your app includes third-party code, understand how it works, the functionality it provides, and if or how it handles customers’ information. Ensure that appropriate contracts are in place with any third party service that you use. Consider how SDKs and third-party add-ins affect your app. For example, a third-party ad service might access and use PII that your app would not otherwise access.Shanerredflag likes this.03-04-14 09:22 AMLike 1 - Makes me not want to use apps on my BlackBerry. I carry an iphone as well. So generally apps go on that phone while email and messaging is handled by BlackBerry.
I'm concerned that once I can side load android apps easier I might get tempted to use more apps on the BlackBerry. And hence jeopardize it's security.
Posted via CB1003-07-14 05:53 PMLike 0 - Makes me not want to use apps on my BlackBerry. I carry an iphone as well. So generally apps go on that phone while email and messaging is handled by BlackBerry.
I'm concerned that once I can side load android apps easier I might get tempted to use more apps on the BlackBerry. And hence jeopardize it's security.
Posted via CB10
But you're right. Sideloading is ok for people who aren't concerned about the security of their phone.
Posted via CB1003-07-14 07:07 PMLike 0 - As I understand it all side loaded apps are partitioned and can't effect the BB10 security integrity. That said, one must not "carte blanche" permissions either.
There is a great explanation on a thread here on CB somewhere...will try and dig up and share here.
Is that a Z30...yes, yes it is.03-07-14 07:13 PMLike 0 - As I understand it all side loaded apps are partitioned and can't effect the BB10 security integrity. That said, one must not "carte blanche" permissions either.
There is a great explanation on a thread here on CB somewhere...will try and dig up and share here.
Is that a Z30...yes, yes it is.
Posted via CB1003-08-14 06:54 AMLike 0 - I would like to know where you get the partition idea from. Sideloading is just the use of tools created to all developers to loads their apps onto hardware. If the app is signed by a debug token the tools allow the developer to do some things that are not possible otherwise, like examine and edit the application local files. If the app is fully signed it is installed the same way as an application from BlackBerry World.
Posted via CB10
http://forums.crackberry.com/showthread.php?p=10073374
Is that a Z30...yes, yes it is.03-08-14 07:18 AMLike 0 - Partitioned was likely the wrong descriptor...have a look at Omnitechs reply here:
http://forums.crackberry.com/showthread.php?p=10073374
Is that a Z30...yes, yes it is.
In contrast on a BB10 device Android machine code executes directly on the ARM hardware. The QNX kernel has been modified to recognise and service Android system calls just as it would QNX system calls. Security isn't provided by trying to wall off the programs running. It is provided by robust coding where security is always the top priority. And the fact that the two companies (now one) have decades of experience in developing secure code.
Posted via CB10Shanerredflag likes this.03-08-14 11:35 AMLike 1 - Makes me not want to use apps on my BlackBerry. I carry an iphone as well. So generally apps go on that phone while email and messaging is handled by BlackBerry.
I'm concerned that once I can side load android apps easier I might get tempted to use more apps on the BlackBerry. And hence jeopardize it's security.
Posted via CB1003-08-14 11:44 AMLike 0
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
- BBRY
A Concrete Example of why Protected User Data Privacy is Worth the Effort
Similar Threads
-
Z10 turning off device at 18% of battery level
By shashank marathe in forum BlackBerry Z10Replies: 75Last Post: 12-05-14, 10:06 AM -
Rogers pre-BB 10 data down?
By can00k in forum General Carrier DiscussionReplies: 15Last Post: 03-11-14, 01:46 AM -
Video Playback That Fills The Q10 Display
By nerdydaddyo in forum BlackBerry Q10Replies: 14Last Post: 03-07-14, 03:38 PM -
Z10 turning off device when battery is 18-19%
By shashank marathe in forum BlackBerry 10 OSReplies: 1Last Post: 03-04-14, 09:14 AM
LINK TO POST COPIED TO CLIPBOARD