Welcome to the CrackBerry Forums Create Your Account or Ask a Question Answers in 5 minutes - no registration required!
Results 1 to 22 of 22
Like Tree21Likes
  • 3 Post By JasW
  • 4 Post By kbz1960
  • 4 Post By qbnkelt
  • 3 Post By qbnkelt
  • 1 Post By Troy Tiscareno
  • 3 Post By Tre Lawrence
  • 1 Post By darkehawke
  1. Chango_BB's Avatar
    CrackBerry User

    Posts
    33 Posts
    Thread AuthorThread Author   #1  

    Default Android security holes worry FBI, DHS

    I want to share this news. Everyone know about the security vulnerabilities of Android but here is something that BB can take advantage of and go after the government agencies and tell them: "Hey you know the risks, if you don't please read here and by the way I am not saying it is your own government".

    http://news.cnet.com/8301-1009_3-57600105-83/android-security-threats-concern-fbi-dhs/

    Android security holes worry FBI, DHS
    August 26, 2013 | Zack Whittaker
    Federal government security experts are increasingly uneasy about the threats to law enforcement from using older versions of the mobile OS.


    The FBI and the Department of Homeland Security are increasingly aware of the threats that law enforcement officers and officials face at a federal, state, and local level by using older versions of the Android mobile operating system, according to a document obtained by Public Intelligence, a group focused on releasing government information to the masses.

    According to the document (PDF) -- marked as unclassified but "for official use only," and designed for police, fire, emergency medical services, and security personnel -- upwards of 44 percent of Android users worldwide are still using Android versions 2.3.3 to 2.3.7, which still contain security vulnerabilities fixed in later versions.

    The document, which is a month old but was posted by Public Intelligence late last week, does not state how many US government agencies are using Android, let alone older versions of Android, on their networks.

    Android continues to be a "primary target for malware attacks due to its market share and open source architecture," the document states, and an uptick in mobile device use by government staffers "makes it more important than ever to keep mobile [operating systems] patched and up-to-date."

    Some highlights from the report:

    79 percent of mobile malware threats affect Android, while 19 percent target Symbian. Windows Mobile, BlackBerry, iOS, and others all peg in at less than 1 percent each. (The source of the figures is not known.)
    SMS text messages represent "nearly half" of the malicious applications circulating today on older Android operating systems. Users can mitigate by installing Android security suites on their devices.
    Rootkits also pose a massive threat. The DHS/FBI document notes that in late 2011, popular rootkit Carrier IQ was installed on millions of devices, including Apple iPhones (though Apple later removed the software) and dozens of different types of Android devices. These rootkits often go undetected and can log usernames, passwords, and traffic without the user's knowledge -- a serious security risk in a government setting.
    Fake Google Play domains are sites created by cybercriminals, the document notes, which replicate the Android application store to trick users into installing fake or malicious apps. DHS/FBI note that only IT-approved updates should be allowed, hinting that IT department should ensure secure IT policies from back-end mobile device management services.
    This story originally posted as "Millions of Android users vulnerable to security threats, say feds" on ZDNet.
  2. raino's Avatar
    CrackBerry Genius of Geniuses

    Posts
    6,443 Posts
    Global Posts
    6,651 Global Posts
    #2  
    Models and Supported Frequencies: Z10, Q10, Q5, Z30 , Passport (coming soon!)

    Want to find out which radio band your BB10 phone is currently on? UMTS, LTE (careful with escreens!)
  3. bennelong's Avatar
    CrackBerry Genius

    Posts
    1,998 Posts
    #3  

    Default

    More reading material.
    http://arstechnica.com/tech-policy/2...es-on-android/
    Without end-users and corporations playing safely the Internet ecosystem stands to become very muddied indeed. How many free Android App users realise that the presenters of in-app advertising (essentially links to websites) inherit by default - the same permissions as the app in which they are contained?
    It's been said before. "If it's free, then YOU are the Product"

    Z10 via CB 10
  4. badiyee's Avatar
    CrackBerry Master

    Posts
    1,227 Posts
    Global Posts
    1,234 Global Posts
    PIN
    24E867DB
    #4  

    Default

    just to be fair to them, i don't think devices that are 4.0 and above are THAT vulnerable. If memory serves me right, the ones pre-ICS are very vulnerable to malwares, but 4.0 and onwards are more resilient, no?
  5. JasW's Avatar
    CrackBerry Genius of Geniuses

    Posts
    5,267 Posts
    Global Posts
    5,943 Global Posts
    #5  

    Default

    Quote Originally Posted by badiyee View Post
    just to be fair to them, i don't think devices that are 4.0 and above are THAT vulnerable. If memory serves me right, the ones pre-ICS are very vulnerable to malwares, but 4.0 and onwards are more resilient, no?
    They're not vulnerable, and most people harping on it are just reading badly written headlines. If you buy an Android-based device in 2013, this doesn't apply. It's like people still running Windows XP after MS stops supporting it in April -- you're going to be vulnerable to things because there are no longer security patches being issued. So let's see the headline "Windows security holes worry FBI, DHS."
    BB 950, BB 6280, BB 7290, BB 8800, BB 9000, BB 9800, BB 9810, Galaxy Note II
    PlayBook 64GB Google Nexus 10
    Galaxy Gear

    BlackBerry user since 2001 . . . until 2013
    Thanked by:
    amazinglygraceless (08-29-2013) 
  6. kbz1960's Avatar
    Doesn't Matter

    Posts
    67,862 Posts
    Global Posts
    68,017 Global Posts
    #6  

    Default

    The fbi and dhs wouldn't be using the Android that everyone else uses. There is a special version for these purposes. Now if the police are using consumer android then yep but they should also be limited in what they can put on it.
    Sent from me using my fingers. Be pantless in 5K. Febreze - for more than smells.
    the 50K CrackBerry challenge
    Posted from my phone or pc or tablet that are no better than anyone else's
    Thanked by 2:
    Moonbase0ne (08-29-2013),  qbnkelt (08-29-2013) 
  7. qbnkelt's Avatar
    Retired CrackBerry Ambassador

    Posts
    17,239 Posts
    Global Posts
    18,693 Global Posts
    PIN
    nahhhhh.....
    #7  

    Default

    Quote Originally Posted by kbz1960 View Post
    The fbi and dhs wouldn't be using the Android that everyone else uses. There is a special version for these purposes. Now if the police are using consumer android then yep but they should also be limited in what they can put on it.
    These would be locked Locked LOCKED down.




    Sent from my iPhone using Tapatalk - now Free
    Do not meddle in the affairs of dragons, for thou art crunchy, and good with ketchup
    "When debate is lost, slander becomes the tool of the loser" - Socrates
    iMore Ambassador
    Thanked by 2:
    Moonbase0ne (08-29-2013),  Poirots Progeny (08-29-2013) 
  8. badiyee's Avatar
    CrackBerry Master

    Posts
    1,227 Posts
    Global Posts
    1,234 Global Posts
    PIN
    24E867DB
    #8  

    Default

    Quote Originally Posted by qbnkelt View Post
    These would be locked Locked LOCKED down.

    I would ask a fairly technical question (to which even I don't have answers, else why I'm asking?).

    Will a BlackBerry, WP, or Apple be better option to this locked Locked LOCKED down Android?
    Or rather
    will a BlackBerry, WP, or Apple needs to be locked down just to pass the usage for the federal officers?



    Sent from my iPhone using Tapatalk - now Free
  9. qbnkelt's Avatar
    Retired CrackBerry Ambassador

    Posts
    17,239 Posts
    Global Posts
    18,693 Global Posts
    PIN
    nahhhhh.....
    #9  

    Default

    Quote Originally Posted by badiyee View Post
    I would ask a fairly technical question (to which even I don't have answers, else why I'm asking?).

    Will a BlackBerry, WP, or Apple be better option to this locked Locked LOCKED down Android?
    Or rather
    will a BlackBerry, WP, or Apple needs to be locked down just to pass the usage for the federal officers?

    On your two questions -

    1) First question - The definition of "better" is dependent upon the needs of an agency. Example - for an agency that needs security above everything else and needs little in terms of third party applications, or custom applications, BlackBerry on BES is the best possible solution. That said
    a) There are instances where "good enough" security is secondary to the need for custom apps. Example - the ability to develop a tracking app for management the upkeep/maintenance of items at the Smithsonian museum.
    b) There may be instances where a secure agency may need the best security that can be achieved along with custom apps. Example - DoD, where field apps are developed and used on Samsung and iOS devices. And no, I am not speaking of Top Secret level security. BlackBerry *is not* approved at the Top Secret level.
    2) Second question - Related to my first response, all devices are locked down dependent upon the need of the agency. At the stringest level of BES, you cannot even use the browser, let alone load an app from BlackBerry World. There are configurations that fall below that extreme, such as my agency, where I cannot use BlackBerry World and where BBM had been blocked up until two years ago and where camera-less devices were needed. I have not seen WP devices deployed but any iPhone or Android would similarly be locked down depending on the need and requirement of the agency.

    My personal preference in the workplace is BlackBerry on BES and I've done all I can to keep BlackBerry here. But the climate *is* changing. Samsung/Knox is receiving *a lot* of attention. I just fought down a Google Nexus suggestion. Because for my agency, BlackBerry on BES is the best possible solution. For my personal devices, I use all four platforms - BBOS, BB10, iOS and Android.
    Do not meddle in the affairs of dragons, for thou art crunchy, and good with ketchup
    "When debate is lost, slander becomes the tool of the loser" - Socrates
    iMore Ambassador
  10. badiyee's Avatar
    CrackBerry Master

    Posts
    1,227 Posts
    Global Posts
    1,234 Global Posts
    PIN
    24E867DB
    #10  

    Default

    interesting. I've heard of stories that Mr. President Obama is the only president not to use the special handphone made for them, I presume that's the ONLY device that has the *TOP SECRET* clearance. Thanks for the info.

    Here's a follow up question though. Is Samsung Knox really that good compared to BES? (let's put aside the crappy Samsung lame tongue-in-cheek youtube video of "if i can't use BBM, there's always facebook messenger" fiasco of a mess)
  11. qbnkelt's Avatar
    Retired CrackBerry Ambassador

    Posts
    17,239 Posts
    Global Posts
    18,693 Global Posts
    PIN
    nahhhhh.....
    #11  

    Default

    Quote Originally Posted by badiyee View Post
    interesting. I've heard of stories that Mr. President Obama is the only president not to use the special handphone made for them, I presume that's the ONLY device that has the *TOP SECRET* clearance. Thanks for the info.

    Here's a follow up question though. Is Samsung Knox really that good compared to BES? (let's put aside the crappy Samsung lame tongue-in-cheek youtube video of "if i can't use BBM, there's always facebook messenger" fiasco of a mess)
    Ah I haven't seen Knox.

    I haven't even seen BES10....that's my current battle, to keep us on BlackBerry.


    Sent from my iPhone using Tapatalk - now Free
    Do not meddle in the affairs of dragons, for thou art crunchy, and good with ketchup
    "When debate is lost, slander becomes the tool of the loser" - Socrates
    iMore Ambassador
  12. marksthespot60's Avatar
    CrackBerry Abuser

    Posts
    183 Posts
    Global Posts
    187 Global Posts
    PIN
    22bd0cce
    #12  

    Default

    FBI can remotely activate mics in android phones and listen into your illegal life. Wahoo

    Posted via CB10
  13. darkehawke's Avatar
    CrackBerry Genius

    Posts
    3,517 Posts
    Global Posts
    3,530 Global Posts
    #13  

    Default

    You want Blackberry to use the fact that their product is more secure then outdated Android software?
    I notice it only related to GB and not ICS
    This, is not anything to use here.
    Primary Device: Moto X
    Backup Device: Blackberry Z10
  14. Troy Tiscareno's Avatar
    CrackBerry Master

    Posts
    1,380 Posts
    Global Posts
    1,400 Global Posts
    #14  

    Default

    Quote Originally Posted by marksthespot60 View Post
    FBI can remotely activate mics in android phones and listen into your illegal life. Wahoo
    ...just like it can with every other brand of cell phone, even feature phones.
    kbz1960 likes this.
  15. Tre Lawrence's Avatar
    Between Realities

    Posts
    11,756 Posts
    Global Posts
    12,589 Global Posts
    #15  

    Default

    Quote Originally Posted by darkehawke View Post
    You want Blackberry to use the fact that their product is more secure then outdated Android software?
    I notice it only related to GB and not ICS
    This, is not anything to use here.
    Exactly. People think the management folks in Waterloo are crazy. Folks suggest these hilarious ad/awareness ideas, and don't stop to think how out of touch they'd make BBRY look.
  16. castano22's Avatar
    CrackBerry Abuser

    Posts
    355 Posts
    Global Posts
    361 Global Posts
    #16  

    Default

    Quote Originally Posted by badiyee View Post
    just to be fair to them, i don't think devices that are 4.0 and above are THAT vulnerable. If memory serves me right, the ones pre-ICS are very vulnerable to malwares, but 4.0 and onwards are more resilient, no?
    Yes but there are a lot of vulnerabilities within the apps that are being made

    Posted via CB10
  17. badiyee's Avatar
    CrackBerry Master

    Posts
    1,227 Posts
    Global Posts
    1,234 Global Posts
    PIN
    24E867DB
    #17  

    Default

    Quote Originally Posted by castano22 View Post
    Yes but there are a lot of vulnerabilities within the apps that are being made

    Posted via CB10
    I agree. Even with a legacy BBOS device, its hackable when the program opens up the door from within, not externally.

    Still, if there's a market for BES, that means there's still room for BlackBerry to capitalize on to take advantage in their solutions. Its just that, I am led to believe, that a lot of people don't want to include BlackBerry devices into that equation of MDM end-to-end solution.
  18. darkehawke's Avatar
    CrackBerry Genius

    Posts
    3,517 Posts
    Global Posts
    3,530 Global Posts
    #18  

    Default

    Quote Originally Posted by Melisa Stewart View Post
    I feel most of the people are still unaware about the security vulnerabilities of Android, but the above information given is quite informative and will help the one to know more about the android and its various features.
    Again for the majority of Android users this article is irrelevant!
    It only focuses on old android versions.


    Posted via CB10
    Primary Device: Moto X
    Backup Device: Blackberry Z10
    TgeekB likes this.
  19. bennelong's Avatar
    CrackBerry Genius

    Posts
    1,998 Posts
    #19  

    Default

    This is something unpatched which is or should be of some concern to Apple users:
    http://nakedsecurity.sophos.com/2013...-from-a-crash/

    Z10 via CB 10
  20. TgeekB's Avatar
    CrackBerry Genius

    Posts
    4,138 Posts
    Global Posts
    4,453 Global Posts
    #20  

    Default

    Quote Originally Posted by darkehawke View Post
    Again for the majority of Android users this article is irrelevant!
    It only focuses on old android versions.


    Posted via CB10
    You can keep stating this but they don't get it, or don't want to get it. Everything is vulnerable to a certain degree. It is the user that determines how vulnerable.
  21. darkehawke's Avatar
    CrackBerry Genius

    Posts
    3,517 Posts
    Global Posts
    3,530 Global Posts
    #21  

    Default

    Quote Originally Posted by TgeekB View Post
    You can keep stating this but they don't get it, or don't want to get it. Everything is vulnerable to a certain degree. It is the user that determines how vulnerable.
    I know right.
    And they complain about BlackBerry being out of touch!

    Posted via CB10
    Primary Device: Moto X
    Backup Device: Blackberry Z10
  22. castano22's Avatar
    CrackBerry Abuser

    Posts
    355 Posts
    Global Posts
    361 Global Posts
    #22  

    Default

    Android 4.2 and soon to be 4.3 is safe only to a certainly degree. Because of it being open source os is can easily be hacked with the right knowledge. But even with rooting (hacking) the device you begin to notice a lot of security wholes within the device(s).

    If you ever go to xda-developers or any other Android site you will eventually see post on security wholes that are constantly being patched by the community and eventually Google or other OEMs- sometimes even using the patches created by the de community.

    Now I'm not saying Android is completely vulnerable, but sometimes to even secure your Android device even more you have to root it and install security apps to protect yourself from others accessing your device through root and stealing all your information.

    Posted via CB10

Similar Threads

  1. So how is Skype and the Android Apps on the Q10 now?
    By BullGuard8 in forum BlackBerry Q10
    Replies: 16
    Last Post: 09-05-2013, 10:59 PM
  2. Replies: 34
    Last Post: 09-02-2013, 07:03 PM
  3. Looking for someone to convert this android app for me PLEASE :D
    By aimee26 in forum BB10 Android App Sideloading
    Replies: 3
    Last Post: 08-26-2013, 01:49 PM
  4. Best place to download android apps for sideloading?
    By JamieWilson01 in forum BB10 Android App Sideloading
    Replies: 2
    Last Post: 08-26-2013, 11:11 AM

Posting Permissions