I firmly believe BlackBerry has backdoors
- BlackBerry has failed to provide any documentation about the security of devices including technical documentation on security features. All they provide is marketing words which are meaningless.
John Chen came out against encryption and stated he believes companies have a basic civil duty to assist law enforcement and governments.
The fact he came out against Apple when BlackBerry built their company around the claims of security is atrocious. It does not make me trust BlackBerry to not be collaborating with law enforcement and governments.
The Encryption Debate: A Way Forward | Inside BlackBerry
This whole blog entry by John Chen is repulsive and actually blows my mind.
Until BlackBerry can backup their security claims, there's no proof that BlackBerry devices are secure with no backdoors.Stewartj1 likes this.03-20-17 04:02 PMLike 1 - Well, I'm too sure if Chen needs to prove this to you. Some agree with Chen...apple in some people's opinion over stepped their boundaries with respect to the case against them and the lone wolf terrorist attack you are referring to.BigBadWulf likes this.03-20-17 04:14 PMLike 1
- That ain't nothing new.
Back when BBOS was relevant, BlackBerry was faced with bans unless they routed BIS traffic through servers located in particular countries so that the governments of said countries could peek into what theirplaythingscitizens were doing; while the UAE and Saudi Arabia dropped their cases BlackBerry still built a NOC in India: RIM installs BlackBerry server in Mumbai | CrackBerry.com
We know that consumer BBM is vulnerable, since the whole thing is encrypted with the same key which BlackBerry has divulged to law enforcement: https://www.engadget.com/2016/04/14/...ncryption-key/
And their enthusiasm in dealing with law enforcement appears to be playing fast and loose with due process: BlackBerry hands over user data to help police 'kick ***,' insider says - Technology & Science - CBC News
As much as their security features (code signing, kernel improvements, total obscurity) are designed to thwart Russian script kiddies, if BlackBerry is this eager to do whatever governments tell them to do then calling it secure/private/whatever is just marketing. At least Apple and Google (REEEEEEEEEEEEEEEEEEE) bothered to stand up to the FBI.03-20-17 04:18 PMLike 8 - Bla1zeCB OGIt's a debate that will be argued forever but really, I think it comes down to what you consider a backdoor. Lawful access doesn't always mean they can hand over everything without any encryption. They could hand over nothing but a garbled stack of info which will never make any sense and still be complying with lawful access.
Additionally, I think the lines have been a bit intentionally blurred as to what it means when it comes to BlackBerry security. Is your every day run off the shelf device 'secure' as it can be? Certainly not. But if you back it up with the software and services that BlackBerry offers then you certainly reach the level of security promised.
But as mentioned, that line is blurred in some folks eyes to the point where they think if the off the shelf device is as secure as if you were making use of ALL of BlackBerry's offerings, which is just downright wrong. To that extent, I don't think BlackBerry has done anything to stop that misunderstanding.. because, well, why would they? It sold handsets when they were in that business.
Also, as Thurask somewhat highlighted, mostly all of the cases in which BlackBerry devices have been accessed or BlackBerry complied with lawful access, the people on the other end arguably made the assumption that their devices were secure while using regular BIS enabled devices or PGP encrypted devices. Services which have been proven time and time again to be accessible. It's the common thread between the reports but what's harder to find is reports where people have been busted while using BES enabled devices. That's not to say they don't exist, but the scale is far smaller.
If I was out here doing some sketchy stuff, you better believe I would not being using a PGP encrypted device or some BIS enabled service or stock BBM. If using a BlackBerry was the route I would take, I would pony up the cash and have that sucker locked down with BES and everything else that comes along with it lol.03-20-17 04:24 PMLike 6 - Pretty much any OS can be backdoored... except maybe the most recent iPhones. But eventually someone would figure out a way to it.
The thing is to what extend the manufacturer is willing to change their code.
Apple has historically complied with LE a lot more than BB. They gave access to iCloud accounts, duplicated flash content so they can be brut force attacked.
So if you're worried enough that LE can access your smartphone... maybe you shouldn't be using one!BigBadWulf and Tien-Lin Chang like this.03-20-17 04:26 PMLike 2 - As several folks have stated, no software is 100% secure and every day I read about some corporate sever and/or someone's personal account being hacked.
As time goes on and the more we depend and store our personal information on our smart devices and home PC's, the percentage grows that your data might be compromised in one forum or another.
I honestly believe that every OS has a backdoor that is only available to a select few and as governments want to see more and more of their constituents data, the number of the chosen few will only grow.
Unfortunately it's the price we pay for the technology we have in 2017. Just my two cents worth.03-20-17 04:48 PMLike 0 - As several folks have stated, no software is 100% secure and every day I read about some corporate sever and/or someone's personal account being hacked.
As time goes on and the more we depend and store our personal information on our smart devices and home PC's, the percentage grows that your data might be compromised in one forum or another.
I honestly believe that every OS has a backdoor that is only available to a select few and as governments want to see more and more of their constituents data, the number of the chosen few will only grow.
Unfortunately it's the price we pay for the technology we have in 2017. Just my two cents worth.Carjackd likes this.03-20-17 05:03 PMLike 1 - Most security issues are because someone in the chain dropped the ***** ball (be it the user or the provider), but if the alphabet soup agencies are forcing their way into software from the design stage then even the best practices aren't going to stop it. The first ones can be mitigated by using a good password manager, or good old public shaming at least.03-20-17 05:10 PMLike 0
- Of course I think it would have served Chen better to just keep his mouth shut on the subject, but he was trying to win back government contracts and reacting to a situation in which a terrorist went on a rampage and people we're looking for answers.
But don't kid yourself if you don't think Apple and Samsung won't go to the same extents as BlackBerry to help law enforcement. Your only as secure from law enforcement as you make it for yourself.
Where BlackBerry wins in security is against unauthorized entities.BigBadWulf and FF22 like this.03-20-17 06:13 PMLike 2 - If the authorities were looking for a mass murderer on the loose, I sure hope they could track blackberry phones to assist.
In that sense, the government having the access to the phones is not such a bad thing.
However, the government accessing the phones without a proper warrant is unacceptable.
At the end of the day, it is really not up to bb to abuse the power of technology. But it is up to the government to make sure the back door is not used improperly.
Posted via CB10Last edited by skstrials; 03-20-17 at 10:54 PM.
BigBadWulf likes this.03-20-17 10:23 PMLike 1 - I wouldn't call it backdoor.
It's how it's made up these days.
Example: Since BBM has no more end-to-end encryption, it's not a big deal to follow messages between the message goes out and it enters the provider.
It's the small things, but no real backdoors...
Posted via CB1003-21-17 08:55 AMLike 0 - BlackBerry has failed to provide any documentation about the security of devices including technical documentation on security features. All they provide is marketing words which are meaningless.
John Chen came out against encryption and stated he believes companies have a basic civil duty to assist law enforcement and governments.
The fact he came out against Apple when BlackBerry built their company around the claims of security is atrocious. It does not make me trust BlackBerry to not be collaborating with law enforcement and governments.
The Encryption Debate: A Way Forward | Inside BlackBerry
This whole blog entry by John Chen is repulsive and actually blows my mind.
Until BlackBerry can backup their security claims, there's no proof that BlackBerry devices are secure with no backdoors.
So, if you don't trust your government, or believe that not even a properly obtained warrant entitles law enforcement to access your electronic records, then you should probably not use BlackBerry as a provider.
Personally, living in the US, I'm much more worried about persistent surveillance / data mining than I am legitimate law enforcement, so I prefer BB's position to Apple's.
Apple has basically told government that they need to open a back door on their own, even when they have a warrant. And that has led to multiple companies creating back doors to sell to governments worldwide.
Personally, I feel better about a system with no known back doors than one with known ones.
Posted with my trusty Z1003-21-17 10:55 AMLike 0 -
- Of course I think it would have served Chen better to just keep his mouth shut on the subject, but he was trying to win back government contracts and reacting to a situation in which a terrorist went on a rampage and people we're looking for answers.
But don't kid yourself if you don't think Apple and Samsung won't go to the same extents as BlackBerry to help law enforcement. Your only as secure from law enforcement as you make it for yourself.
Where BlackBerry wins in security is against unauthorized entities.03-21-17 02:10 PMLike 0 - No, Apple has told the US Department of Justice that it won't expend resources to create software that compromises the security of all of its products in order to unlock one specific phone.DrBoomBotz and StephanieMaks like this.03-21-17 03:15 PMLike 2
- I don't think you would want a Boeing phone as a consumer. First, it's crazy expensive. Second, if someone plays with it, like your kid, it'll destroy itself hardware-wise, which brings us back to the first reason.03-21-17 07:01 PMLike 0
- Complying with law enforcement, good or bad, in this case?
https://www.engadget.com/2017/03/21/...tter-attacker/03-21-17 07:38 PMLike 0 -
Posted via CB1003-21-17 07:38 PMLike 0 - Well, what BlackBerry actually said was, basically, that they don't build back doors (which would allow unlimited access to anyone with a key), but that they will open the front door to law enforcement agencies that follow due process.
So, if you don't trust your government, or believe that not even a properly obtained warrant entitles law enforcement to access your electronic records, then you should probably not use BlackBerry as a provider.
Personally, living in the US, I'm much more worried about persistent surveillance / data mining than I am legitimate law enforcement, so I prefer BB's position to Apple's.
Apple has basically told government that they need to open a back door on their own, even when they have a warrant. And that has led to multiple companies creating back doors to sell to governments worldwide.
Personally, I feel better about a system with no known back doors than one with known ones.
Posted with my trusty Z10
Posted via CB1003-21-17 08:20 PMLike 0 - Complying with law enforcement, good or bad, in this case?
https://www.engadget.com/2017/03/21/...tter-attacker/
At no point did they have to pick any locks, not like the San Bernardino case that prompted the initial blog post.03-21-17 09:00 PMLike 2 - 03-22-17 05:42 AMLike 0
- [...] mostly all of the cases in which BlackBerry devices have been accessed or BlackBerry complied with lawful access, the people on the other end arguably made the assumption that their devices were secure while using [...] PGP encrypted devices. Services which have been proven time and time again to be accessible.
[..]
If I was out here doing some sketchy stuff, you better believe I would not being using a PGP encrypted devices [..]
Posted via CB1003-22-17 06:10 AMLike 0 - Maybe they could work this angle to where it explodes if your wife or girlfriend messes with it. Lol.03-22-17 06:48 AMLike 0
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
I firmly believe BlackBerry has backdoors
Similar Threads
-
Who still love Blackberry devices here?
By SathBerry in forum General BlackBerry News, Discussion & RumorsReplies: 43Last Post: 03-28-17, 11:17 PM -
BlackBerry admits dying BB10 is in pain (article form The Register)
By streetlegal in forum BlackBerry 10 OSReplies: 75Last Post: 03-28-17, 04:10 PM -
Will the Blackberry Keyone have picture password enabled?
By CrackBerry Question in forum Ask a QuestionReplies: 5Last Post: 03-24-17, 11:37 AM -
Blackberry os 10.3.3.746 on blackberry z10
By ashwinz10guy in forum BlackBerry Z10Replies: 12Last Post: 03-21-17, 09:00 PM -
TCL/BlackBerry Mobile Quarterly Reports
By cbvinh in forum Ask a QuestionReplies: 2Last Post: 03-20-17, 03:39 PM
LINK TO POST COPIED TO CLIPBOARD