[jdhooghe]

If they do that, i will laugh because only morons will pick IOS & Android over BB security. If the Pentagon goes that way, i am say for sure many will get their **** hacked & have issues. I could care less anyways as i do not live in the states.

There are many smart and talented men and woman working at the pentagon and working on security. May I ask what you do for a living?

china has already got everything from the dod. Mostly they want corp info now for financial gain.

everyone get on their tinfoil hats!!!

[sparkaction]

2014 is a long ways away. Maybe the Pentagon will do a "head fake" just like the US Immigration and Custom Enforcement (ICE).

[Omnitech]

It was probably unrealistic to expect any government agency to stick with exclusive Blackberry forever.

Heins recognizes that the new market realities don't put the same premium on features like enterprise security and battery life that once helped propel the old RIM, he stated this explicitly in a recent interview.

Since consumer trends are now the tail wagging the enterprise dog, you have to go with that flow, unfortunately. As an IT guy myself, that whole mentality is annoying, but it is what it is.

At this point, I think it is not unreasonable for Blackberry to change gears, start focusing on the consumer marketplace, and hope that they can do like the other companies are doing and get their feet in more doors that way. Given the percentage of people I'm hearing are switching to the Z10 from other platforms in some of the early rollout countries, that may be less of a pipe-dream than it once may have seemed.

Pity that Samsung is totally exploiting the US BB10 rollout delay to hit Blackberry hard with its "Safe at Work" and "Knox" rollouts and advertising though. They are working that one to the hilt.

[rotorwrench]

This was inevitable. Not spectacular news but it reflects the reality that BB isn't the only game in town for secure mobile anymore.

Hopefully there will be an opportunity for BB to compete for the MDM component of this new platform.

Posted via CB10

Last week's news in DOD and contractor circles and very misleading. My company works with two aircraft manufacturers that maintain a BB only policy and one of the reps told us about this new Pentagon policy last week saying that there is no way anything but BBs will be on the classified networks for a while to come. Apple still hasn't gotten 140-2 certification for the device (iPhone) nor the OS. Apple's encryption is well known to not be very robust. Currently the prognosis is that they will eventually be able to be used for access but not data. Same goes for Samsung and android, although specific devices have been given 140-2 verification, they are limited in use due to unprotected areas of the phones and sensitive data could be moved to those unprotected phone regions. The headaches associated with that and as well with limited available secure apps make them impractical in most networks and environs that BBs thrive in due to their total device protection. I was shown an email from Los Alamos National Labs a couple of weeks ago from their Chief IT Architect where he stated that the iPhone wasn't practical for their use due to the above issues. BB still has a leg up in security sensitive Enterprise environments and will for a while to come. Apple and Android have actually been losing some new Enterprise customers due to recent security breaches. BlackBerry has never had the problems with FIPS 140-2 certification that the other OSs seem to be constantly battling. No doubt the other OSs will eventually get there, but security is still one of the areas where THEY are the ones playing catch up, not BB.

[qbnkelt]

If they do that, i will laugh because only morons will pick IOS & Android over BB security. If the Pentagon goes that way, i am say for sure many will get their **** hacked & have issues. I could care less anyways as i do not live in the states.

Any security breach in any country has the potential to affect the rest of the world.
Isolationism doesn't work in this age.

Look around you and think before laughing at potential breaches in the U.S., regardless of where you live.

[njblackberry]

Well, this isn't news according to the people who say that whenever there is news that they don't like about BlackBerrys.

Isn't anyone concerned that sideloading Android apps onto your "secure" Zed10 will have an impact? Guess not.

The myth of security is fading. And pay attention to @qbnkelt. It isn't a US only problem. Somewhere someone is hacking at secrets North Of The Border. And in Europe. And Asia..

[qbnkelt]

"The networks will remain closed to personal wireless devices for now, according to the Defense Department. The recent bring-your-own-device trend in the civilian workplace �presents many compelling benefits,� though existing Pentagon policies and security vulnerabilities �prevent the adoption of devices that are unapproved and procured outside of official government acquisition,� Takai said in an attachment to a memo dated Feb. 15 and released today."

This is the important paragraph in the press release.... No BYOD happening at the Pentagon, now or in the future. And you can bet that any of the 100,000 non-Blackberry devices that they might allow won't be getting near touching any secured/hardened internal system!

I expect that they will be changing some policies to allow this and make it possible for certain non high level security positions.

[qbnkelt]

To the ones saying old news.....yup, old news inasmuch as several areas of the government are using devices other than BB. I'm hanging on by a thread and I'm not optimistic. One single vulnerability like Dingleberry to be found on BB10 and my last remaining arguing point at work will be lost. Dig that head deeper in the sand and continue to refuse that BB is losing ground in the areas they once dominated....the deeper in the sand it goes the higher the opposite end goes.

Federal government has within it several different levels of access based on security requirements. I can see agency procured iOS and Android devices as already exist within DoD and several other agencies being locked down as much as my 9930 is and being used for admin where no sensitive data is used. The higher the security and the higher the sensitivity of access the more that those devices will remain BB.

I have been in a fight to keep BB within my agency. I'm hanging by a thread.

[njblackberry]

And I've (almost) lost the battle in my company. With our existing MDM controlling what goes on iOS and Android devices (with policies) management feels there is no need for another BES, with another MDM. 60% of our internal customers have already switched from BB to iOS and their not coming back.

And yes, our CISO uses an iPhone and our CIO uses an Android. And I use a Windows Phone (eeeeek). And we ARE concerned about security, malware and DLP.

[Omnitech]

And I've (almost) lost the battle in my company. With our existing MDM controlling what goes on iOS and Android devices (with policies) management feels there is no need for another BES, with another MDM. 60% of our internal customers have already switched from BB to iOS and their not coming back.

If you've had a chance to play around with BES10, how do you feel it compares with the MDM thingy you're currently using?

[njblackberry]

Our MDM thingy is Airwatch. Well known and established. I haven't been a BES Admin for many, many years. And the architecture group is not interested in another BES/MDM.

[anon62607]

Last week's news in DOD and contractor circles and very misleading. My company works with two aircraft manufacturers that maintain a BB only policy and one of the reps told us about this new Pentagon policy last week saying that there is no way anything but BBs will be on the classified networks for a while to come. Apple still hasn't gotten 140-2 certification for the device (iPhone) nor the OS. Apple's encryption is well known to not be very robust. Currently the prognosis is that they will eventually be able to be used for access but not data. Same goes for Samsung and android, although specific devices have been given 140-2 verification, they are limited in use due to unprotected areas of the phones and sensitive data could be moved to those unprotected phone regions. The headaches associated with that and as well with limited available secure apps make them impractical in most networks and environs that BBs thrive in due to their total device protection. I was shown an email from Los Alamos National Labs a couple of weeks ago from their Chief IT Architect where he stated that the iPhone wasn't practical for their use due to the above issues. BB still has a leg up in security sensitive Enterprise environments and will for a while to come. Apple and Android have actually been losing some new Enterprise customers due to recent security breaches. BlackBerry has never had the problems with FIPS 140-2 certification that the other OSs seem to be constantly battling. No doubt the other OSs will eventually get there, but security is still one of the areas where THEY are the ones playing catch up, not BB.

I wouldn't imagine any of these would be on classified networks at all. I think this is all just talking about NIPR at best.

Sent from my Droid DNA

[lorax1284]

Aye, CARUMBA!

Get into an iPhone OS 6.1 when locked, bypassing PIN!

The fact that this can even happen in 2013 is scary. It's that "convenience vs. security" factor that is always the problem... you want to be able to do certain things quickly, even when the device is locked? Well, open cracks in the security model when you do.

If I were a Pentagon employee with an iPhone, there's some "what's the point" security that if someone took my device and it was locked, they'd be unlikely to guess the PIN in 10 tries before the device was wiped... but with this, I'd worry that a spy would just hit me over the head and take the device knowing they could hack into it at their leisure, reliably. I wouldn't touch an iPhone knowing it's got security leaks for fear for my safety.

[njblackberry]

It is far easier to bribe or blackmail a government official or employee.

And 6.1.2 fixes that issue (not that people care).

[lorax1284]

I have been in a fight to keep BB within my agency. I'm hanging by a thread.

Not to be argumentative, but why do you do it? I see merits in all the platforms, but personally I'm not a software security expert and go largely on reputation that BlackBerry devices are harder than iOS and Android devices, and I really don't know how the BB10 platform either improves upon or comes up short next to the BBOS7 platform... I like BlackBerry for my own reasons (the "communications first, PDA second, toys and social diseases third" user experience) but I get that others prefer all the apps and what they can do, or love to spend free time tricking out their Android devices... for example, I have a sister and two nieces (her kids) that should all be running different devices: my sister SHOULD stick with her Bold 9900. My youngest niece should get the new device she'll LOVE, the Q10, but my other niece should have the device she uses: an iPhone.

"Should" Pentagon staff use BB IF iOS and Android devices are as hard as BB devices? Why not? But it would be kind-of irresponsible to allow Pentagon employees to install any old Apps from the App store, or use phones with proprietary un-hardened User Interfaces... which... kind of.. undermines the whole POINT of BYOD or letting users choose an iPhone... I mean, if you can't post your top-secret document photos to Instagram, why have an iPhone? It's certainly not for the "superior communications capabilities"... and I'm sure any Pentagon-endorsed software isn't "fun" and won't help you plan your next flashmob... so... I get confused by BYOD in high-security environments, because it's effectively allowing people to leak information back and forth between their personal and professional lives, and the entire POINT of device-based security is to ensure those leaks don't happen, isn't it?

If your security people understand this, or they disagree with it, why do YOU have to "lobby" them to keep BB?

(This is a serious, not sarcastic question qbnkelt... I have utmost respect for you on this forum!)

[RubberChicken76]

Federal government has within it several different levels of access based on security requirements. I can see agency procured iOS and Android devices as already exist within DoD and several other agencies being locked down as much as my 9930 is and being used for admin where no sensitive data is used.

Hehehe - as a bit of an aside, I wonder how much the appeal of iPhone and Android diminish the second those devices get locked down as many corporate BlackBerrys are.

I'd have friends complaining about how 'functionally lacking' BlackBerrys were compared to iPhones. Then I'd see there government issued BlackBerrys almost completely locked down by policies ... email/phone/address book and nothing else. No apps. No browsing. No BBM. No bluetooth in some circumstances. They'd see mine and be shocked at what it could do.

iPhones and Androids are very appealing for a range of reasons, but if the devices become as locked down by policies as BlackBerrys often are in government, I bet there's a whole lot less interest.

[DuexNoir]

Didn't Apple's main system get hacked by the Chinese a few weeks back? Although nothing was apparently taken (or so they claimed), but it did show that Apple's system is quite vulnerable.

There is a reason why BB chose not to build their devices in China, even when others suggest they should to lower the cost of their devices. Unlike Apple, BB was concerned about security breaches if they did so. Despite whatever claims Apple makes, using the device that was built in the very nation that targets you...is never a good idea. It's like having your fighter jets built by your enemy and then use it to fight them.

And Google's OS is an open-source OS...open-source...

[qbnkelt]

Not to be argumentative, but why do you do it? I see merits in all the platforms, but personally I'm not a software security expert and go largely on reputation that BlackBerry devices are harder than iOS and Android devices, and I really don't know how the BB10 platform either improves upon or comes up short next to the BBOS7 platform... I like BlackBerry for my own reasons (the "communications first, PDA second, toys and social diseases third" user experience) but I get that others prefer all the apps and what they can do, or love to spend free time tricking out their Android devices... for example, I have a sister and two nieces (her kids) that should all be running different devices: my sister SHOULD stick with her Bold 9900. My youngest niece should get the new device she'll LOVE, the Q10, but my other niece should have the device she uses: an iPhone.

"Should" Pentagon staff use BB IF iOS and Android devices are as hard as BB devices? Why not? But it would be kind-of irresponsible to allow Pentagon employees to install any old Apps from the App store, or use phones with proprietary un-hardened User Interfaces... which... kind of.. undermines the whole POINT of BYOD or letting users choose an iPhone... I mean, if you can't post your top-secret document photos to Instagram, why have an iPhone? It's certainly not for the "superior communications capabilities"... and I'm sure any Pentagon-endorsed software isn't "fun" and won't help you plan your next flashmob... so... I get confused by BYOD in high-security environments, because it's effectively allowing people to leak information back and forth between their personal and professional lives, and the entire POINT of device-based security is to ensure those leaks don't happen, isn't it?

If your security people understand this, or they disagree with it, why do YOU have to "lobby" them to keep BB?

(This is a serious, not sarcastic question qbnkelt... I have utmost respect for you on this forum!)

Thank you so much for the kind words. I don't deserve them, but I appreciate them.

I have two different viewpoints on all these phones. As a consumer, I try anything that catches my eye. I've run different platforms simulateneously since the days of my Motorola V60 and the AudioVox Pocket PC days. While I initially hated Android and I wasn't enthused with the iPhone, I gave them a try....a real try. I realised that if I understood that a BB is not an iPhone and an Android is not an iPhone and a BB is not an Android, I could see that each has strengths and weaknesses. On my Android and my iPhone I have started to use apps, and I have recently become completely hooked on ordering pizza on my iPhone and paying for it from the phone....call me silly, it's given me a smile lately. One of the tiny joys of life.

As an IT professional in charge of systems, data and firewall integrity, and BES admins, I want the strongest possible security for my agency. So I have pushed hard against BYOD and I stopped a move to investigate bringing other platforms to my agency. For me BES is not about syncing with outlook or keeping your calendar tidy, it's about the security of the data and firewalls of my agency. It's about monitoring and accountabilty in a way that no other solution offers. So, while on a personal level I use other devices, I only want the most secure platform for my agency, and that's BB and BBM on BES.

For agencies - there are many levels in each agency. You can have lower levels use iPhones. These iPhones would be locked down, no apps, so no Instagram.

Don't forget that there are already instances of iOS and Android in certain agencies. They're already being used.

Now...why BYOD. People want their iPhones on the network. And some agencies (ICE) use iOS apps and are already invested with their iPads. So people think that they can either get an iPhone issued to them and then realise oh boy no apps, or some agencies genuinely need iOS because of apps they've commissioned.

As to why I have to lobby.....I'm keeping the things entrusted to me safe.

[qbnkelt]

Hehehe - as a bit of an aside, I wonder how much the appeal of iPhone and Android diminish the second those devices get locked down as many corporate BlackBerrys are.

I'd have friends complaining about how 'functionally lacking' BlackBerrys were compared to iPhones. Then I'd see there government issued BlackBerrys almost completely locked down by policies ... email/phone/address book and nothing else. No apps. No browsing. No BBM. No bluetooth in some circumstances. They'd see mine and be shocked at what it could do.

iPhones and Androids are very appealing for a range of reasons, but if the devices become as locked down by policies as BlackBerrys often are in government, I bet there's a whole lot less interest.

That's the thing. They don't realise that a locked down iPhone will not act like a regular iPhone....no apps.

On my BB I've got no WiFi, just recently got BBM, just recently got camera phones, no Weather Channel, no BB Traffic, no BB Maps, no apps AT ALL. And of course, no FB, no Twitter....total lock down.

[greyw0lf01]

Aye, CARUMBA!

Get into an iPhone OS 6.1 when locked, bypassing PIN!

The fact that this can even happen in 2013 is scary. It's that "convenience vs. security" factor that is always the problem... you want to be able to do certain things quickly, even when the device is locked? Well, open cracks in the security model when you do.

If I were a Pentagon employee with an iPhone, there's some "what's the point" security that if someone took my device and it was locked, they'd be unlikely to guess the PIN in 10 tries before the device was wiped... but with this, I'd worry that a spy would just hit me over the head and take the device knowing they could hack into it at their leisure, reliably. I wouldn't touch an iPhone knowing it's got security leaks for fear for my safety.

There are 2 ways to secure your phone. The lower security is a simple pin. There’s a built in passcode option which requires a longer string and the pin bypass does not apply.

And again, devices used by security services will have a level of increption well beyond the basics. With the DoD openning this to a competitive bidding process, you think all those competing against BBRY are going to show up with no security in place. The govt basically said, here are the new requirements... all you firms out there, find a way to meet them. We’ll test it, and then approve em. You’re sadly mistaken if you think Apple/Samsung whoever isn’t going to seriously beef up to get a lucrative gov’t contract.

[greyw0lf01]

Didn't Apple's main system get hacked by the Chinese a few weeks back? Although nothing was apparently taken (or so they claimed), but it did show that Apple's system is quite vulnerable.

There is a reason why BB chose not to build their devices in China, even when others suggest they should to lower the cost of their devices. Unlike Apple, BB was concerned about security breaches if they did so. Despite whatever claims Apple makes, using the device that was built in the very nation that targets you...is never a good idea. It's like having your fighter jets built by your enemy and then use it to fight them.

And Google's OS is an open-source OS...open-source...

Apple, FB, NYT, WSJ, Twitter... were all hacked by the constant flaws in java. Customer sensitive data was not affected. As for core system.. I think it was a couple of laptops where malware was placed from a developer website.

As for building devices in a particular place... you do realize that the guts of the z10 are the same guts as the GS3 and those aren’t made in Canada.

[lnichols]

As for building devices in a particular place... you do realize that the guts of the z10 are the same guts as the GS3 and those aren’t made in Canada.

Not necessarily. Many of the chip manufacturing plants are still in Taiwan, which even though China says it is, is not part of China. Some agencies don't purchase Lenovo PC and laptops because they are now Chinese owned and made.

[lorax1284]

Thank you so much for the kind words. I don't deserve them, but I appreciate them.

Ah, just go through your own post list, and the hugely positive contribution you make to CrackBerry.com will be evident. :-)

As an IT professional in charge of systems, data and firewall integrity, and BES admins...

Say no more: I did not know you held that role. I know you are no myopic BlackBerry fan and tells it like it is... so when you start seeing hard evidence that iOS and Android have reached a point where you 'let go' of your BlackBerry lobbying, I'll take that as a clear sign that BlackBerry Inc. has lost that particular competitive advantage... but so long as there are you and others like you who feel (my words, not yours, perhaps too strong?) it would be a dereliction of duty to allow other devices or platforms into high-security environments, I will continue to trust the security of my Z10 over others.

[Omnitech]

I wouldn't imagine any of these would be on classified networks at all. I think this is all just talking about NIPR at best.

I don't think a standard Blackberry is adequate to use, or even has the capability to use, SIPRnet. That's what those General Dynamics Sectera Edge (~$3500 each) or L3 Guardian things are used for.

[anon62607]

I don't think a standard Blackberry is adequate to use, or even has the capability to use, SIPRnet. That's what those General Dynamics Sectera Edge (~$3500 each) or L3 Guardian things are used for.

Yeah looking into it a bit further none of this looks like talk about classified or even sensitive data. This is just meeting minimal requirements to handle any federal information processing - completely unclassified, completely unsensitive. Just because blackberry meets this doesn't remotely mean it's viewed as able to handle classified data.

I get the feeling that a lot more is getting read into this FIPS certification (both for blackberry and for competition) than it actually means.

****, login to AKO with any random library computer and you will get the option to mark email as "sensitive but unclassified" - clearly anything is allowed to handle "sensitive" data and FIPS must not be needed just for that.

So without actually being sure what it looks like to me is:

* blackberry does meet FIPS requirements to at least handle government data. This doesn't mean it can handle classified, sensitive, or any particular security level at all - just that it's allowed to handle government data. The Department of the Interior is allowed to use them for talking about national parks cleanliness standards. I don't think there is any talk about where the UFOs from roswell are going to be kept after area 51 gets turned into a theme park happening over blackberries.

* it looks like pretty soon other devices will also meet these requirements. Not a big deal.



Sent from my Droid DNA