[dtsolov]

Don't want to sound rude, but I changed my mindset and it helps.i stopped caring. Forget about bis. We are now like apple users. If it is not there, means you don't need it, because papa said so. We are were bearish, but wanna be fruity cause those fruits you know they are just so much bigger. So may sound napoleonish, but hey isn't that one of nice things about being fruity...bis? Never mind, Sir.

Posted using CrackBerry App on BB10

[dtsolov]

Sorry. No way to edit the post, berrish not bearish.

Posted using CrackBerry App on BB10

[jimpilot]

[

OK we get it. You wish they continued the BIS encryption and want others to know it. Thanks for pointing it out and I understand that it is like other brands.

I don't have anything on my cell or in my emails etc. that would be of value to anyone so I don't care. I just fly airplanes, I'm not defending Western Europe. I'm sure you must have much more important stuff that requires higher level encryption than other phones and now BB10 offer. If you do thank goodness BIS is still available in IOS 7 BB at least for now.

The new features available in BB10 and the fact that it is a brand new OS with significant growth potential that will outpace the aged IOS in my I-phone are the reason I will switch as soon as it's available.

[Joelist]

Please note that this exact point was made and refuted in other threads.

BB10 is VERY secure - no other smartphone OS has its own crypto kernel certified to FIPS-140-2. And no other smartphone OS has the whole file system encrypted to XTS-AES-256. So the device itself is secure and it can generate AES256 encryption on all its transmissions if the target supports that encryption. No contrary to the FUD there is no sacrifice of security here - quite the contrary.

[overzeer]

reF: above....communicating directly with a payload encryption means the source destination info etc. isnt encrypted.

You seem to think that you know a lot about networking but are skipping quite a few layers. Entire communication with the servers is encryptable and encrypted if the server supports it. Not just email bodies but email headers too - everything. What is not encrypted is IP routing information (IP numbers and ports - no email details there at all). So, I'll give to you ONE thing. Someone sniffing around CAN figure out which email servers you are using, how often and how much. But nothing more than that. Not WHO you are sending or receiving emails from and certainly not WHAT you are sending or receiving.

Having said that, I revert to my previous point. Right outside that first hop between the device and the email server your email becomes available for everyone in its route to see. So, in transmission sense, email is NEVER guaranteed secure by definition. BlackBerry offers enhanced security in many places but email is just dumb email.

[dd3]

Yes thats my point. Its less secure Im not saying Z10 emails are by default unsecure, thats not true, however a user who previously used an unsecure email login should not assume the new Z10 setup is as secure as the bb7 implementation via BIS its not. previously their unsecure email login (from Noc to email server) would have been secure across the local network, now its not. so the user has to do something different to before (i.e. provide secure login email account info) to get equivalent or better.

I love my Z10, I am converting people daily, but we shouldnt tell lies. this implementation is not as secure as the bb7/BIS implementation. It would be great if BB would add BIS to BB10 as an option.

[ealvnv]

Yes thats my point. Its less secure Im not saying Z10 emails are by default unsecure, thats not true, however a user who previously used an unsecure email login should not assume the new Z10 setup is as secure as the bb7 implementation via BIS its not. previously their unsecure email login (from Noc to email server) would have been secure across the local network, now its not. so the user has to do something different to before (i.e. provide secure login email account info) to get equivalent or better.

I love my Z10, I am converting people daily, but we shouldnt tell lies. this implementation is not as secure as the bb7/BIS implementation. It would be great if BB would add BIS to BB10 as an option.

Mind to explain how did BIS made your unsecure log in more secure.?

That's was never the case, regardless of BIS if your login isn't secure there is nothing BIS could about it.

The connection from the NOC to the email server is as safe as it is from your devices.



Posted using CrackBerry App on BB10

[dd3]

Mind to explain how did BIS made your unsecure log in more secure.?

That's was never the case, regardless of BIS if your login isn't secure there is nothing BIS could about it.

The connection from the NOC to the email server is as safe as it is from your devices.



Posted using CrackBerry App on BB10

Ive already explained a couple of times.

user is on a wifi that they dont own, manage or knows is unsecure, then email is sent via wifi encrypted to NoC at which point its possibly unsecure but chances of someone tapping into the backbone of the internet from Noc to email server is far less than someone sitting on or outside a wifi hotspot or deliberately setting up a honey pot type free wifi hotspot. Previously a user didnt need to worry what connection they used, now it potentially matters.

[deltact]

Can S/MIME be used for non-BES? Not that it completely solves the problem because both sides need to have S/MIME set up. Unfortunately it was not an option in 7.1 and BIS.

[ealvnv]

This makes no difference as long as the connection from the email server to the the device is secured. Which once again it isn't dependent on BIS.

On top of that in your case scenario the connection between the device and NOC can also be tapped

That is not how it works

Posted using CrackBerry App on BB10

[dd3]

look Im merely stating a fact. the new implementation as a stand alone is not as secure. for small companies or individual contractors its a problem. for large enterprise they should use BES.

The new implementation is no better than iphone etc. so this implementation lowers the previous BB standard to be equivalent to the rest no worse, but no longer better from security. (except there is still some confusion on the basis that without the BB logo emails fail to send....so are they still going through NoC? or not :-S ) if you have BIS enables does it use it? if so then thats great news imo.

[ealvnv]

look Im merely stating a fact. the new implementation as a stand alone is not as secure. for small companies or individual contractors its a problem. for large enterprise they should use BES.

The new implementation is no better than iphone etc. so this implementation lowers the previous BB standard to be equivalent to the rest no worse, but no longer better from security. (except there is still some confusion on the basis that without the BB logo emails fail to send....so are they still going through NoC? or not :-S ) if you have BIS enables does it use it? if so then thats great news imo.

A fact that is incorrect mind you, stating that this implementation is insecure is the same as saying the previous one was too since is working on the same base, the connection between the device and the Internet is encrypted as long as both sides are being given the instructions to comunicate in an encrypted way, the only diferentes between now and before is that you are removing the middle man that was BIS

Posted using CrackBerry App on BB10

[overzeer]

look Im merely stating a fact. the new implementation as a stand alone is not as secure. for small companies or individual contractors its a problem. for large enterprise they should use BES.

You continue to be misinterpreting the fact. For small companies or individual contractors who don't have their own email servers is equally secure. Their email servers are hosted by someone else (hence insecure). Email communication between the device and the servers continues to be encrypted the same way. If they have their own servers - guess what - that becomes more secure within the company because they can ensure that all communication within the company and its devices (even without BES/BIS) is secure just like it was before. What's new? It does not have one more step on the way. So you are just plain wrong here.

The new implementation is no better than iphone etc. so this implementation lowers the previous BB standard to be equivalent to the rest no worse, but no longer better from security. (except there is still some confusion on the basis that without the BB logo emails fail to send....so are they still going through NoC? or not :-S ) if you have BIS enables does it use it? if so then thats great news imo.

You are limiting your view to one little part of one specific case and then comparing that to other devices. If you like it that way, then yes - in that little hidden spot BB is not better than iPhone. But in most respects, some in my subjective opinion and some fully objective, BB offers security beyond what other devices offer. For everyone and for many things - including email. For example, what happens to corporate email and data if someone steals an iPhone or Android ... or is laid off... or quits? Welcome BlackBerry Balance. Welcome BES. Welcome BlackBerry Protect. Check BBM out. And stop pointing out that a little screw is now made of the same material as that one in iPhone or Android.

[ealvnv]

Can S/MIME be used for non-BES? Not that it completely solves the problem because both sides need to have S/MIME set up. Unfortunately it was not an option in 7.1 and BIS.

This was only available if you were using BES on OS 7.1 not sure about BB10 though, we will need to look for answers on that

Posted using CrackBerry App on BB10

[RubberChicken76]

The problem with the new Z10 is: Why would people want to switch from Android, iOS or even WP8 to BB10? There is nothing special about the Z10

To you. What if some people just like how it looks? How it works? How it behaves? That it's made by BlackBerry? That it's Canadian?

Why did my girlfriend's best friend just drop her iPhone or a Samsung Galaxy? Especially since she doesn't do anything on it that a 5 year old smartphone couldn't do?

I am sorry and I hate to repeat myself but if the Z10 and BB10 were supposed to save Blackberry, they both have failed miserably. Mark my words in 12 months.

And another armchair CEO has surfaced.

and that annoying ambient light sensor

See - I like the ambient sensor. I miss it on my iPhone a lot. What makes you right and me wrong?

but this won't be enough to lure people away from Android or iOS.

Yes, because everyone is committed to a Smartphone in the same way. And everyone uses it in the same way. And everyone has invested a bajillion in content so no one can afford to switch. And no one likes to try something new. And no one is upgrading from a feature phone, coming back to BlackBerry after time away etc.

Time to move on and forget about BB

Then go. Go back to running the multi-billion dollar corporation you created from scratch, or stocking shelves at Walmart or whatever.

1. The Z10 is nothing special and I mean nothing special. There is not a single thing special about this phone, on the contrary.

Well - there are plenty of people who are loving it in these forums. So it's special to them. What makes them wrong and you right?

2. Lack of BIS (BIS was actually one of very few reasons for private users to go with BB)

Really??? How many people do you seriously know in the consumer segment who said, "MY GAWD, it has BIS!!!!" Whoohoo! Amongst people I know, it was always, "I like the keyboard" and "I love BBM". They wouldn't know what BIS is.

[Chriz]

A fact that is incorrect mind you, stating that this implementation is insecure is the same as saying the previous one was too since is working on the same base, the connection between the device and the Internet is encrypted as long as both sides are being given the instructions to comunicate in an encrypted way, the only diferentes between now and before is that you are removing the middle man that was BIS

But was BIS not an automated secure connection if it was available from the eMail Server? I mean the connection between a BB <---> BB-Servers was always encrypted and between the BB-Servers <---> eMail Provider always if it was possible.
Now its in the Hands of the consumer and they didnt knew such things about encryption...security...SSL...IMAP..POP..etc...As i said before. I know a lot of people who didnt know, how to setup their phone. *ggrrr* Dont find the right words... This is not consumer friendly and there are too many error sources.

[overzeer]

But was BIS not an automated secure connection if it was available from the eMail Server?
...
Now its in the Hands of the consumer and they didnt knew such things about encryption...security...SSL...IMAP..POP..etc...As i said before. I know a lot of people who didnt know, how to setup their phone. *ggrrr* Dont find the right words... This is not consumer friendly and there are too many error sources.

Please do the research before you make such statements. It continues to be automated. You enter email address and password and BlackBerry figures it out automatically what the servers are and what connectivity the support. The automation just moved.

[ealvnv]

But was BIS not an automated secure connection if it was available from the eMail Server? I mean the connection between a BB <---> BB-Servers was always encrypted and between the BB-Servers <---> eMail Provider always if it was possible

Yes the connection between the email provider server and BIS server was secured as long as the email server requested it to be, which works exactly the same between the device and the email server.

So if your email provider support and sends the email encrypted it will be delivered to the device encrypted to, this hasn't changed in any way



Posted using CrackBerry App on BB10

[b320]

But was BIS not an automated secure connection if it was available from the eMail Server? I mean the connection between a BB <---> BB-Servers was always encrypted and between the BB-Servers <---> eMail Provider always if it was possible.
Now its in the Hands of the consumer and they didnt knew such things about encryption...security...SSL...IMAP..POP..etc...As i said before. I know a lot of people who didnt know, how to setup their phone. *ggrrr* Dont find the right words... This is not consumer friendly and there are too many error sources.

This has become the accepted way (see IOS and Android). BIS email has ceased to be a solution that the vast majority of smartphone users are will to pay for. BlackBerry mostly got strife for all the good work it did. Until now, I haven't heard of people demanding to keep BIS (I personally like it a lot but progress must be made). I *have* seen people leave BlackBerry in droves because BIS was too "confusing" or too "difficult."

Posted using CrackBerry App on BB10

[dd3]

You continue to be misinterpreting the fact. For small companies or individual contractors who don't have their own email servers is equally secure. Their email servers are hosted by someone else (hence insecure). Email communication between the device and the servers continues to be encrypted the same way. If they have their own servers - guess what - that becomes more secure within the company because they can ensure that all communication within the company and its devices (even without BES/BIS) is secure just like it was before. What's new? It does not have one more step on the way. So you are just plain wrong here.



You are limiting your view to one little part of one specific case and then comparing that to other devices. If you like it that way, then yes - in that little hidden spot BB is not better than iPhone. But in most respects, some in my subjective opinion and some fully objective, BB offers security beyond what other devices offer. For everyone and for many things - including email. For example, what happens to corporate email and data if someone steals an iPhone or Android ... or is laid off... or quits? Welcome BlackBerry Balance. Welcome BES. Welcome BlackBerry Protect. Check BBM out. And stop pointing out that a little screw is now made of the same material as that one in iPhone or Android.

Im saying its LESS secure than the previous implementation. (fact)

Im saying (and this is a fact) the user now has to make some decisions to ensure as best they can their connection to their email server is secure.

the RISK and IMPACT depends on the user, location, information being sent etc.etc., however now people need to think about what network they connect to, what type of account they use etc. to ensure when theyre on that free wifi in the coffee shop that their use of the network may be captured and some scrote may use any unsecured communications they make. with BIS did you need to worry? no. with Z10 do you need to think about this...possibly depending on user and what youre doing.

its no worse than the rest but current implementation is no better in this regard.

I know what Im saying is correct. I dont expect everyone on a general forum to understand, but I do take exception to people who think just because it is possible to setup to an email server that allows SSL or TLS type connections that they all will be or that if you use these that everything is encrypted and that it means everything is 'secure'. Its not that simple. users dont know this stuff, they need it explaining and they need to know to do something different to before. (just as they should do when using iphones etc.)

[ealvnv]

Im saying its LESS secure than the previous implementation. (fact)

Im saying (and this is a fact) the user now has to make some decisions to ensure as best they can their connection to their email server is secure.

the RISK and IMPACT depends on the user, location, information being sent etc.etc., however now people need to think about what network they connect to, what type of account they use etc. to ensure when theyre on that free wifi in the coffee shop that their use of the network may be captured and some scrote may use any unsecured communications they make. with BIS did you need to worry? no. with Z10 do you need to think about this...possibly depending on user and what youre doing.

its no worse than the rest but current implementation is no better in this regard.

I know what Im saying is correct. I dont expect everyone on a general forum to understand, but I do take exception to people who think just because it is possible to setup to an email server that allows SSL or TLS type connections that they all will be or that if you use these that everything is encrypted and that it means everything is 'secure'. Its not that simple. users dont know this stuff, they need it explaining and they need to know to do something different to before. (just as they should do when using iphones etc.)

Well I know for a fact you're wrong with what you say...

BIS didn't make an usecure connection more secure for a user and I also know for a fact that a user with some common sense would not go to a Starbucks to make a bank transaction nor should a user with sensible data use a device where said data can be transmited /received use an unsecured wifi.



Posted using CrackBerry App on BB10

[overzeer]

Im saying its LESS secure than the previous implementation.

That is neither fact nor truth. In fact, there is one hop less between your device and the email server, thus in some ways it may be more secure. It is entirely encrypted whenever possible. If the server did not support encryption before BIS could not force it to do so either and there's your unencrypted hop with an additional hop via BIS. If it did, it remains encrypted with one less hop. So stop that nonsense. Furthermore, additional features in BB10, such as Balance" and existing "Protect" make email that is on your device more secure.

Im saying (and this is a fact) the user now has to make some decisions to ensure as best they can their connection to their email server is secure.

Again not true. I didn't have to. Many don't. It is automated. Not via BIS, but selection of secure connectivity is automated otherwise. You enter the email address and password and it figures it out automatically what is the best way, without you entering other details. Sure, you could use advanced mode, but then again, you can also point a shotgun the wrong way.

I know what Im saying is correct.

No, you just think that. And many people here tried to point it out to you.

...but I do take exception to people who think just because it is possible to setup to an email server that allows SSL or TLS type connections that they all will be or that if you use these that everything is encrypted and that it means everything is 'secure'. Its not that simple

Finally we agree on something. It isn't that simple. Email is inherently insecure. Period. All we were talking about here is just ONE transmission hop. You don't have control of the interim storage or other hops. Not with any device, ever, with BIS or without it. And read again about Balance, Protect and BES to see multiple additional ways how BlackBerry makes even your email more secure (and no, we're not talking about simple transmission)

[dd3]

BIS didn't make an usecure connection more secure for a user ...



Posted using CrackBerry App on BB10

So a bb7 device does not create a secure tunnel to the NoC for BIS? no compression or encryption? Ive been told many times it does, youre first to say BIS connections are unsecure.

[ealvnv]

So a bb7 device does not create a secure tunnel to the NoC for BIS? no compression or encryption? Ive been told many times it does, youre first to say BIS connections are unsecure.

I never mentioned compression so let's take that out of the equation.

You implied that BIS encrypted the connection even when this was made in a unencrypted wifi, and that my friend didn't happen, hence why you could use the browser and some apps via wifi only without a data plan

Posted using CrackBerry App on BB10

[dd3]

so i email someone from bb7 device on bis over unsecured wifi and it doesnt encrypt or compress anything?....