[chain13]

https://help.blackberry.com/en/bbm-s...0397548-en.pdf

read all about it... security note on non enterprise bbm

I just know that it is stil using old method (3DES) for its end to end enc.
Whatsapp is using newer AES256 cbc mode with SHA and asymetric ways of key distribution. (here).
To be noted, that those are free for all users(no matter the devices) without subscription.

[zocster]

This! Why make it easy for hackers. Always, ALWAYS, use two factor authentication when and where is available. You'll be safe as houses.

None of any of those users' messages were decrypted or made readable. Yes, their iMessage ACCOUNTS may have been hacked, but their messages were secure. No one else was able to read them. That's what we're talking about here.

For all we know, the person whose account was "hacked" was using a password of "password" or "1234." Users will almost always be the weakest link with any "security."

[anon(9721108)]

Well I guess I won't bother putting my Sim card into the iPhone to do my phone banking anymore then what's the point.

I just heard there's some kind of a iMessage twitter hack right now and somehow they're connected and you get spammed by a Chinese company. Or something to that effect.

[werkregen]

Also don't forget that BBM protected and BES are available in only a few countries

[app_Developer]

5) Publishes technical details of encryption. Good or bad? I'm not sure, most people wouldn't understand the technical details and the ones that do ... well, that's a small community and I bet most can guess what everyone else is using. It doesn't directly make your messaging app safer.

I think independent verification is extremely important. Otherwise you're just trusting one party. Yes, you may be a fan of BlackBerry and trust them implicitly, but I prefer independent verification. I don't trust an entire corporation just because I'm a fan.

So who is going to intercept your messages in transit? Who has the capacity to do this? One is the carriers and another are government agencies. Neither of them have any business reading my messages nor do I trust any of them to behave ethically. BUT, I'm willing to bet the governments can already get whatever information they want about me anyways, even if I do use iMessage, Telegram or whatever.

Nothing is perfect, but with proper modern encryption it is, at worst, extremely difficult/expensive to decrypt a single message. For peer reviewed techniques like what Telegram uses, there are no known backdoors. If one is found, we'll hear about it. That's why peer review is so important in many fields.

[keyboardweeb]

I don't trust an entire corporation just because I'm a fan.

With good reason, considering John Chen is on-record as not entirely understanding the depth and scope of the issues surrounding encryption and privacy.

[eshropshire]

Yeah, that's a good point and one day Apple will have to face up to that reality.

My own family, colleagues and most of my close friends use iPhones. That has to be a minority case, though.

Others would have to use whatsapp for free e2e encryption.

You do know that Apple completely dominant the high end smartphone market. Apple's ASP is over $600 this is the number that matters. The high end market is what everyone else is chasing. Apple does not care about the low end market. The high end customers are the ones that buy apps and media.

[Julesan]

Apple market share world wide is not what you think.


Posted via CB10

[Loc22]

Hoping BlackBerry will respond to this as soon as possible. If they do have a PR company working for BlackBerry at the moment.

[JeepBB]

Hoping BlackBerry will respond to this as soon as possible. If they do have a PR company working for BlackBerry at the moment.

How would BB respond?

The AI report is a true statement - consumer BBM is not end-to-end encrypted, while iMessage and WhatsApp are end-to-end encrypted. Consequently BBM is not as secure as those others.

Even BB don't refer to BBM as encrypted. IIRC, they use the term "scrambled" and the key they use for scrambling is fairly widely known.

[KKrusher]

Let's hand over the BBM service to Hillary Clinton. No one would argue her great leadership qualities in that area. Lol
On a more serious note...
I read the CBC article and the user comments. I copied one of those comments that (true or false) the general population seem to believe.
''BBM, brought to you by Blackberry, the company that keeps hyping how secure it's product is.

Meanwhile, they have a whole division of staff doing nothing but handing over bbm messages to any police force in the world that asks (warrant not required), and a CEO who thinks users are guilty until proven innocent.''

[Loc22]

Let's hand over the BBM service to Hillary Clinton. No one would argue her great leadership qualities in that area. Lol
On a more serious note...
I read the CBC article and the user comments. I copied one of those comments that (true or false) the general population seem to believe.
''BBM, brought to you by Blackberry, the company that keeps hyping how secure it's product is.

Meanwhile, they have a whole division of staff doing nothing but handing over bbm messages to any police force in the world that asks (warrant not required), and a CEO who thinks users are guilty until proven innocent.''

I don't believe that

[thurask]

I don't believe that

BlackBerry hands over user data to help police 'kick ***,' insider says - Technology & Science - CBC News

[pkcable]

Lets steer away from the political debate please! The 2 US candidates are doing a pretty good job bashing each other no need for our help! This is CrackBerry.com not slate or the onion!

[anon(9864623)]

Which part is BS? Do you think that permuting every single message from every single user using the same key for years is privacy preserving?

Or are you agreeing with Chen that privacy preservation is not a good goal (except for people willing to pay extra for cryptographic privacy)?

People are free to use whatever messaging service they want. I'm saying the part that is BS is AI's rankings- high scores for some despite reported breaches and hacks.

[anon(9864623)]

You are free to do that.... actually hope most of the criminal element keeps using BBM. But in countries where you are a criminal if you show you face in public or where you think a woman should have rights... you better be using something other than BBB to discuss that.

If BBM was secure.... what is the point of BBM Protected?

People can use what messaging service they want, my point is that AI has scored some services highly, but security breaches of those services have been widely reported.
It's an individual choice, just like subscribing to BBM Protected.

[NAA1]

BlackBerry hands over user data to help police 'kick ***,' insider says - Technology & Science - CBC News

It is brilliant! In parallel in BBRY is happening the following)))
Please pay your attention - "...main problem we have with BBM Protected is actually getting hold of BBM Protected..."
https://decentralize.today/bbm-prote...bce#.n85hfon84

[emanuel0ss0]

If BBM was secure.... what is the point of BBM Protected?

Mind blown with this comment. Never even thought of that!!

 Classically Posted SQC100-4/10.3.2.2876 

[Slash82]

If BBM was secure.... what is the point of BBM Protected?

I see it the same way!
In the Bloomberg interview John Chen admitted that he thinks it's the right thing what NSA did/does to protect countries.

So there could be made a "access point" at the carrier when the message leaves the device.
Otherwise there would be no need for BBM protected if it was end-to-end encrypted.

As far as I know was the old BBM from OS7.x (and older) with BIS more secure.
Maybe anyone remembers the thing in GB and India were the governments claimed that criminals used BBM to plan terror attacks.
It was a huge deal that BBM might be "too secure".
(until BlackBerry gave their general key to the Canadian government)

To avoid that problem they might created the "new" BBM as it is now.
And with every access point for governments - there might also be access for criminals.



Posted via CB10

[keyboardweeb]

People are free to use whatever messaging service they want. I'm saying the part that is BS is AI's rankings- high scores for some despite reported breaches and hacks.

So in your mind, a service that has no reported breaches is more secure than one that has--even if that service is known to implement less security than others.

Let's put that into perspective.

Banks get robbed, but my house has never been. Therefore, I will keep all my money at home.

Seems legit.

[app_Developer]

People are free to use whatever messaging service they want. I'm saying the part that is BS is AI's rankings- high scores for some despite reported breaches and hacks.

So let's talk about the reported breaches and whether they impact the the privacy of WA or iM messages.

But are you saying AI should have ranked BBM, which has no e2e encryption at all, higher? BBM isn't even making any reasonable attempt to keep a user's messages private using one key for so many years.

[aiharkness]

So in your mind, a service that has no reported breaches is more secure than one that has--even if that service is known to implement less security than others.

Let's put that into perspective.

Banks get robbed, but my house has never been. Therefore, I will keep all my money at home.

Seems legit.

There is another dimension to that analogy. What level of security is needed to eliminate vulnerability relative to the threat and the likelihood of attack. The question shouldn't be which is more secure, but which is on balance secure enough and best matched to your needs.

It might make sense to store your savings in a bank account, but does it make sense to store your wallet in a safe deposit box in a bank?

Maybe there is something in your wallet that should be in a safe deposit box in a bank, not in your wallet in your pocket or wherever it is kept when you sleep. In that case carrying that something around in your wallet is too much risk.

That, I think is the point. If BBM is secure enough for you and you like it, then that is what matters for you.

[ankenn]

So is that the news, that BBM is not end-to-end encrypted?

[Loc22]

BlackBerry hands over user data to help police 'kick ***,' insider says - Technology & Science - CBC News

Did you read the whole article or only part of it?

[thurask]

Did you read the whole article or only part of it?

All of it.

Did you?