Suspicious email activity @ Outlook.com after setting up account on phone
- I got a security alert email from Microsoft and decided to log into my account and take a look.
There were a couple of successful account access attempts from IP 68.171.232.33, which apparently belongs to BlackBerry. Microsoft shows this to be in Dallas, Texas. (I'm in Canada).
It looks like the connection is using SSL so I'm not too worried.
Anyway, I suspect this was due to me setting up the account on the phone, but I'm puzzled. Why is it going through a US IP address belonging to BlackBerry? I thought the "beauty of sync'd email" was that the phone connects directly to the mail server and isn't reliant on something like BlackBerry's servers, BIS, etc...
Any ideas would be great.
Thanks.04-16-14 01:58 AMLike 0 - OmnitechDragon SlayerI got a security alert email from Microsoft and decided to log into my account and take a look.
There were a couple of successful account access attempts from IP 68.171.232.33, which apparently belongs to BlackBerry. Microsoft shows this to be in Dallas, Texas. (I'm in Canada).
It looks like the connection is using SSL so I'm not too worried.
Anyway, I suspect this was due to me setting up the account on the phone, but I'm puzzled. Why is it going through a US IP address belonging to BlackBerry? I thought the "beauty of sync'd email" was that the phone connects directly to the mail server and isn't reliant on something like BlackBerry's servers, BIS, etc...
Any ideas would be great.
Thanks.
One of the reasons it takes a while to configure an account on the phone is because it tests the credentials to make sure they are valid before it tells you the account can be setup.
That might likely result in an access attempt from BlackBerry IP address space. Just like if you were using their email connectivity testing tool.
Though if the account were already setup on the device I would not expect any more of those probes unless you deleted/recreated or added a new account.
Another possibility is you have an old BIS account that has been configured to retrieve email from this Outlook account.04-16-14 02:30 AMLike 0 - OmnitechDragon SlayerBTW, the IP resolves to bbcs.blackberry.net - which likely stands for BlackBerry Business Cloud Services.
BlackBerry Business Cloud Services for Microsoft Office 365 - US
BlackBerry Features in Office 365 | Office 365 Platform Service Description04-16-14 02:32 AMLike 0 - Correct. When you set up an email account on BlackBerry 10 the email and password is transmitted to BlackBerry infrastructure.
The primary reason is to provide the best and most secure connection setting based on the mail domain (@outlook.com). The credentials are also tested. I assume it is done to check if everything is working after the setup guide is done.
If you don't want this, just perform an advanced setup. You just need to know all details yourself.
This caused a huge debate sone time ago after the German "Heisse" magazine revealed "BlackBerry are sending your login to their servers".
BlackBerry does not save the credentials and the process is also described in the EULA (nobody reads them!).
Posted via CB1004-16-14 11:23 AMLike 2 -
Posted via CB1004-17-14 01:05 AMLike 0 -
Z10STL100-4/10.2.1.214104-17-14 01:52 AMLike 0 - OmnitechDragon SlayerIt is a strange IP for him personally, no matter if it resolves easily. This is exactly the reason why stuff like this should be asked permission for (and not in a legal document somewhere, but as a dialog, asking the user if he wants this password check to happen). One of the reasons why Heise reported it, was that it wasn't stated clearly before.
That said, I disagree that it's a "strange IP". He already knew it was Blackberry. Blackberry is not a "strange" organization, and in fact it is the company that built his smartphone and all the email functionality contained within it.
To me - as someone who has worked in IT security for many years - a "strange" IP is an IP address in a relatively obscure country with very little I.T. infrastructure, which has no forward or reverse name resolution, whose IP address space belongs to some mysterious organization hiding behind anonymized WHOIS or national IP address space registry records, which is engaging in completely unexpected, suspicious behaviour. (ie, probing for Heartbleed vulnerabilities, the currently-trending "suspicious behaviour".)04-17-14 02:01 AMLike 0 - From a security point of view I agree.
I assume it is made this way because it's because BlackBerry kan make modifications (=optimize the process) very easily in their own infrastructure where as it requires some data or opdated account app to be downloaded to the device. Further more the device could be behind a firewall while the account is being configured making the setup fail.
With the current implementation the process is 100% controlled by BlackBerry.
Personally I would prefer a "Best effort attempt" from the device (would probably work for 95%+) and it failed a choice between "Let BlackBerry infrastructure try" or "Manual / advanced setup".
This would leave the control in the handd of the user.
Posted via CB1004-17-14 02:42 AMLike 0 - From a security point of view I agree.
I assume it is made this way because it's because BlackBerry kan make modifications (=optimize the process) very easily in their own infrastructure where as it requires some data or opdated account app to be downloaded to the device. Further more the device could be behind a firewall while the account is being configured making the setup fail.
With the current implementation the process is 100% controlled by BlackBerry.
Personally I would prefer a "Best effort attempt" from the device (would probably work for 95%+) and it failed a choice between "Let BlackBerry infrastructure try" or "Manual / advanced setup".
This would leave the control in the handd of the user.
Posted via CB10
Trusted Member Genius04-17-14 03:31 AMLike 0 - OmnitechDragon SlayerI assume it is made this way because it's because BlackBerry kan make modifications (=optimize the process) very easily in their own infrastructure where as it requires some data or opdated account app to be downloaded to the device. Further more the device could be behind a firewall while the account is being configured making the setup fail.
With the current implementation the process is 100% controlled by BlackBerry.
Personally I would prefer a "Best effort attempt" from the device (would probably work for 95%+) and it failed a choice between "Let BlackBerry infrastructure try" or "Manual / advanced setup".
This would leave the control in the handd of the user.
I don't know if you are familiar with this tool:
https://www.blackberry.com/eavt/web20/
It's a very handy test utility from Blackberry for people who are having trouble getting email to work right. It verifies that all the settings and credentials are functional for a given account, and obviously does not depend on local internet connectivity other than the ability to reach the page with a web browser. Microsoft has a tool of their own that does that kind of thing, and some other things. Both of them require you to enter your credentials so they can test them. But that's clear right up front, and there is a "Terms and Conditions" link right in your face to make sure you understand what liability (ie none ) they are willing to take for people who use that tool.
But when it comes to the device itself - BB10 has been handicapped by the usual Blackberry sloppiness and execution issues (see previous comment) as well as an original design philosophy that attempted to ape Apple's "keep it simple" approach - but without (IMHO) in many cases, the deep understanding and engineering necessary to make "simple" actually work most of the time. Making something simple can oftentimes be actually very difficult to pull off, because you have to take into account all sorts of variables that the user would normally be expected to contribute, and the onus is on the designers to do it reliably, fail gracefully, and keep the user happy all throughout.
In this case - they mostly succeeded with making it simple - except when it doesn't work, and then everything breaks down because users don't get the slightest indication of why things aren't working. No popup help, no useful error messages, etc.
BlackBerry could have vastly reduced frustration and surprise from the userbase (and thus, articles such as the one from Frank Rieger that heise.de reprinted and got echoed all over the place after that) if they had just bothered to explain what they were doing with the credential-sharing rather than do something slightly questionable and then wait until people discovered it themselves and raised the alarm about it.
This to me is just another example of how the "new Blackberry" tried to re-invent the wheel on so many things, pushing the legacy OS people who had already done all this stuff into a dark corner somewhere and instead having the QNX crew re-invent the wheel on a bunch of things that they were clearly either too inexperienced or just downright incompetent to do properly, resulting in all sorts of "oops" like this.
For example on the subject of email particularly - there were fundamental flaws in things like the way early builds of BB10 structured email headers - things that had no excuse for being screwed-up. Unfortunately some of those things are still with us and will haunt us for quite a while. (ie, contacts database architectural stupidities)
I'm hoping Chen can create a regime to clean a lot of that up - hard to say how much success has been achieved so far. There are both promising signs and disturbing signs.
(Oh, and just to reiterate: I still don't think that BlackBerry host comes from a "strange IP" - but obviously I do think they have their work cutout for them to make a variety of other needed improvements to how they provision the device, including with email accounts.)04-17-14 03:39 AMLike 0 -
I agree with you on most of your post. I assume their "sloppiness" was caused by a tremendous pressure to get BlackBerry 10 out of the door.
From an external point of view BlackBerry is doing much better now than a few years back. BlackBerry 10 is definitely a mature OS but it does contain bugs. The important part for me is how BlackBerry handles the future development as well as being open to input and provide bugfixes. So far their release cycles have been impressive - almost as if they had a lot of catching up to do.
Posted via CB1004-17-14 04:26 AMLike 0 -
- I don't disagree that like many other things in BlackBerry 10, there is not enough notification, logging, and documentation for various device/OS functions.
That said, I disagree that it's a "strange IP". He already knew it was Blackberry. Blackberry is not a "strange" organization, and in fact it is the company that built his smartphone and all the email functionality contained within it.
Posted via CB1004-17-14 02:30 PMLike 0 - OmnitechDragon Slayer
I would be willing to bet that the reason they did it that way is because it removes all the variables of the individual user's potentially messed-up internet link from the picture when setting up an account on the device. Thus making the setup process simpler, quicker and more reliable. So from a technical standpoint, it's a sound and understandable design choice.
But here's where BlackBerry's corporate bumbling comes in: A) no one probably bothered much to think of the "big picture" implications of this - ie the "Big Brotherish" aspect, and B) this is, as suggested by my earlier posts, one of many examples where poor documentation and corporate communications leads to frustrated or indignant users who are not given any background or help from the vendor about how certain aspects of their device work.
Even if none of the technical functionality were changed - keeping customers informed helps prevent avoidable surprises and shocks and indignance that often ends-up undermining the company's reputation and credibility.jpvj likes this.04-17-14 07:19 PMLike 1 - I would be willing to bet that the reason they did it that way is because it removes all the variables of the individual user's potentially messed-up internet link from the picture when setting up an account on the device. Thus making the setup process simpler, quicker and more reliable. So from a technical standpoint, it's a sound and understandable design choice.
But here's where BlackBerry's corporate bumbling comes in: A) no one probably bothered much to think of the "big picture" implications of this - ie the "Big Brotherish" aspect, and B) this is, as suggested by my earlier posts, one of many examples where poor documentation and corporate communications leads to frustrated or indignant users who are not given any background or help from the vendor about how certain aspects of their device work.
Even if none of the technical functionality were changed - keeping customers informed helps prevent avoidable surprises and shocks and indignance that often ends-up undermining the company's reputation and credibility.
Posted via CB1004-18-14 03:44 AMLike 0
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
Suspicious email activity @ Outlook.com after setting up account on phone
Similar Threads
-
Why do people not like auto loaders for updating there phone.
By Slff in forum BlackBerry 10 OSReplies: 25Last Post: 04-16-14, 01:30 PM -
Bad or Active EDN Ebay phonr
By Mr4aces in forum BlackBerry Bold SeriesReplies: 6Last Post: 04-16-14, 01:49 AM -
BBM on iPhone down right now?
By coolbold in forum General BBM ChatReplies: 39Last Post: 04-16-14, 01:12 AM -
BlackBerry needs to release more high end phones.
By OneofLittleHarmony in forum General BlackBerry News, Discussion & RumorsReplies: 4Last Post: 04-15-14, 10:37 PM -
Email issue
By Tracey Wing in forum BlackBerry Q10Replies: 1Last Post: 04-15-14, 09:37 PM
LINK TO POST COPIED TO CLIPBOARD