Android Security To Beat Blackberry Security?

[quik4life]

Quote:

Originally Posted by katiepea

yes, android market is under pretty decent supervision lately, they remove content regularly. i'd also like to point out that there have been a lot of celebrities phones hacked lately, and from what i can tell, like the pictures stolen from scarlett johansson, nearly everyones leaked pictures have come from blackberry. the FBI says these peoples phones were hacked, and if you look at the data in the johansson pictures, it shows the pictures were taken with a bold 9000. that phone doesn't have the webkit browser, so how are these phones being hacked?

I highly doubt they came from a BB. Since the media loves to crap on RIM lately, why didn't any articles mention which phone she had? I'm sure if they knew it was a BB, they'd be sure to mention it.

They also left out a lot of details. Did the phone have a password in it? Were the pics stored on the phone or a media card? If it was a media card, were the files encrypted?

Regardless, I truly believe these celebs leak out this info themselves just to get attention and publicity.

[deRusett]

Quote:

Originally Posted by quik4life

I highly doubt they came from a BB. Since the media loves to crap on RIM lately, why didn't any articles mention which phone she had? I'm sure if they knew it was a BB, they'd be sure to mention it.

They also left out a lot of details. Did the phone have a password in it? Were the pics stored on the phone or a media card? If it was a media card, were the files encrypted?

Regardless, I truly believe these celebs leak out this info themselves just to get attention and publicity.

You are correct, if Scarlett Johansson was using a BlackBerry it would be all over, but she infact is an iPhone owner you check her twitter feed everything she uploads if from a apple/iphone application for twitter.

[BBFXPro777]

Originally posted from article:

"Motorola's Xoom is an impressive first shot at an iPad-style tablet based on the new Android 3.0 operating system. As InfoWorld's Galen Gruman notes in his first look, one Android 3.0 strong suit is its support for Exchange ActiveSync security policies -- an essential feature set for enterprise-class mobile devices.

But for Android devices, particularly those from Motorola, that may only be the beginning. On Feb. 14, Motorola Mobility announced that it had acquired 3LM (Three Laws Mobility), a secretive company started by ex-Google execs that is developing "mobile enterprise security software and solutions and mobile device management products for the Android operating system."

Motorola Mobility is a spin-off devoted to smartphones, tablets, and other mobile devices. The company intends to start selling 3LM software in the second quarter and no doubt will integrate and package 3LM enterprise solutions with its smart devices. Even more interesting, however, is that 3LM will work with other Android device developers to promote and distribute its solutions. On its website, 3LM lists Sony Ericsson, HTC, Sharp, and Pantech as partners.

Playing off Isaac Asimov's three laws of robotics, 3LM's three laws of mobility are the following:

Protect your user: A mobile device may not harm its user or, through inaction, allow its user to come to harm though malicious code or content.
Protect yourself: A mobile device must protect itself and the integrity of its data and secured communications.
Obey: A mobile device must let the user use the device freely, as long as such usage does not conflict with the First or Second Law.
3LM's website hints that the company is developing enterprise encryption solutions for data at rest and in transit, including internal memory and SD cards. There's also some mention of malware protection and remote management, including enforcing standard security policies; user administration for predefined Active Directory and/or LDAP groups; remote application installation, remote lock, remote wipe, and advanced password rules; and other features enterprises hunger for in an increasingly chaotic mobile world.

Similar features have been incorporated into Android with various upgrades, including whole device encryption in Android 3.0 and remote wiping in Android 2.2. But the combination of Motorola Mobility and 3LM could take mobile enterprise security to a new level. There's even an unconfirmed rumor that 3LM intends to provide the equivalent of a BlackBerry BES server.

A turnkey security system was one of the main reasons the BlackBerry took the enterprise by storm. If future Android devices can match that, they could eventually become the mobile enterprise devices of choice."

_____________________________________

The features mentioned in the article are already available on the new Android phones (e.g. Photon, Bionic). I suspect we will see more improved features and, as mentioned by the article, may even witness them opening secure sets of servers like Blackberry's BES network in some years.

However, we should not forget that RIM is also upgrading their systems as well. The powerful, world-proven QNX technology will be coming next year. I am pretty certain RIM will be upgrading their security protocols to work with the new, more advanced technology.

[sam_b77]

Androis Secure??? That's laughable. I just installed an app to an acquaintance's Android phone which forwards all his incoming SMS to my phone.
The app doesn't show up and can only be brought up by sending a three digit user set code by SMS to the phone.
The person has no idea that I'm getting all his/hers incoming msgs forwarded to my phone.
Google had banned the app from Android Market, but the apk is available for download at Mobihand and all you need is to get 5 min physical access to the Android. Secure indeed.
Thank god for BB. Nothing like this can happen on it.
Android and security used in the same sentence is hilarious.

Posted from my CrackBerry at wapforums.crackberry.com

[trelawrence]

Quote:

Originally Posted by sam_b77

Androis Secure??? That's laughable. I just installed an app to an acquaintance's Android phone which forwards all his incoming SMS to my phone.
The app doesn't show up and can only be brought up by sending a three digit user set code by SMS to the phone.
The person has no idea that I'm getting all his/hers incoming msgs forwarded to my phone.
Google had banned the app from Android Market, but the apk is available for download at Mobihand and all you need is to get 5 min physical access to the Android. Secure indeed.
Thank god for BB. Nothing like this can happen on it.
Android and security used in the same sentence is hilarious.

Posted from my CrackBerry at wapforums.crackberry.com

Come again?

I can steal your phone and illicitly download software to it -- just like you did to your friend's Android. Seems like the issue is that your "acquaintance" needs to watch who he leaves his device with.

Last I checked, BB didn't have a feature that allowed one to pick trustworthy friends. I am interested in knowing how you give them the edge. Please share.

[sam_b77]

Quote:

Originally Posted by trelawrence

Come again?

I can steal your phone and illicitly download software to it -- just like you did to your friend's Android. Seems like the issue is that your "acquaintance" needs to watch who he leaves his device with.

Last I checked, BB didn't have a feature that allowed one to pick trustworthy friends. I am interested in knowing how you give them the edge. Please share.

True. But where's the said software for BB?

Posted from my CrackBerry at wapforums.crackberry.com

[trelawrence]

Quote:

Originally Posted by sam_b77

True. But where's the said software for BB?

Posted from my CrackBerry at wapforums.crackberry.com

So you based that on a supposed lack of applications on BB?

In this case, you are wrong: Stealth Hidden SMS Text Forwarder | iPhone | Nokia | Symbian | Blackberry

There are others, so we can easily invade the privacy of our BB-owning friends as well!

[katiepea]

Quote:

Originally Posted by sam_b77

True. But where's the said software for BB?

Posted from my CrackBerry at wapforums.crackberry.com

it exists, i've used it

[katiepea]

Quote:

Originally Posted by deRusett

You are correct, if Scarlett Johansson was using a BlackBerry it would be all over, but she infact is an iPhone owner you check her twitter feed everything she uploads if from a apple/iphone application for twitter.

sorry, but you might want to read this:
» Scarlet Johansson Leaked Photos EXIF Data Mobile Privacy & Security it was a blackberry bold 9000

in fact, in recent years nearly all of these celebrity "hacks" have been on blackberry, paris hilton, britney spears, nicole richie, and some, if not all of the newer ones such as scarlett..

and if you want a picture, that's been edited so it doesn't have nudity, here http://i.imgur.com/e9mIa.png
http://gizmodo.com/031181/paris-hilt...ckberry-hacked
http://worldofstaci.blogspot.com/200...ry-hacked.html

[Qbnkelt]

I will accept that a secure Android platform can happen *when there exists the control similar to BES in place.*
The instant this secure solution is implemented and a root is made widely available it will prove useless in the secure community.
As far as the software mentioned above - since I have not installed on anyone's device I can't know whether it works or not. I can tell you where it will not work - on a highly secure BES environment because such environments are controlled by the BES Admin and downloading any unapproved software can be thwarted.
And this where BES has gained the respect and the trust of highly secure environments.


So....possible? In a few years, yes.

And the day that an Android device can be controlled via something similar to BES will be the day it will lose its appeal to a certain segment of users. Because when such an Android device exists it will have to be made root proof in orders to maintain its viability in the secure enterprise.

[katiepea]

Quote:

Originally Posted by Qbnkelt

I will accept that a secure Android platform can happen *when there exists the control similar to BES in place.*
The instant this secure solution is implemented and a root is made widely available it will prove useless in the secure community.
As far as the software mentioned above - since I have not installed on anyone's device I can't know whether it works or not. I can tell you where it will not work - on a highly secure BES environment because such environments are controlled by the BES Admin and downloading any unapproved software can be thwarted.
And this where BES has gained the respect and the trust of highly secure environments.


So....possible? In a few years, yes.

And the day that an Android device can be controlled via something similar to BES will be the day it will lose its appeal to a certain segment of users. Because when such an Android device exists it will have to be made root proof in orders to maintain its viability in the secure enterprise.

why is root such a big issue? most malware and hacks don't require root anyway, and you are aware that even if you're rooted, every single app has to ask permission to gain access as root (superuser) it can't just access a SU command on it's own, even if you're rooted and allowed an app to access email and that app had intentions of harming something, it can't just break encryption, root doesn't enter the phone into GOD mode where everything is possible, encryption still exists server side.

[Qbnkelt]

Quote:

Originally Posted by katiepea

sorry, but you might want to read this:
» Scarlet Johansson Leaked Photos EXIF Data Mobile Privacy & Security it was a blackberry bold 9000

in fact, in recent years nearly all of these celebrity "hacks" have been on blackberry, paris hilton, britney spears, nicole richie, and some, if not all of the newer ones such as scarlett..

and if you want a picture, that's been edited so it doesn't have nudity, here http://i.imgur.com/e9mIa.png
Paris Hilton's BlackBerry Hacked
~ Celebrity Buzz ~: Lindsay Lohan's BlackBerry hacked

Wait - those photos were not retrieved from the phone. They were retrieved via email (gmail was mentioned) or some cloud service.
Please read the article in its entirety. There is no mention that the photos were obtained from the phone or from a DM backup.
Media on devices can be encrypted. If you don't and your pictures end up on tmz.com, then you were foolish. Nothing to do with the device in question.
In the Lindsay Lohan case, someone got her password to get access to her device. That is not a hack, that is a troubled starlet leaving her password for someone to steal. The article dates from 2006. Who knows what state she was in at the time.
The Paris Hilton article refers to someone getting access to her Blackberry. Again, not a hack into a Blackberry.

[katiepea]

Quote:

Originally Posted by Qbnkelt

Wait - those photos were not retrieved from the phone. They were retrieved via email (gmail was mentioned) or some cloud service.
Please read the article in its entirety. There is no mention that the photos were obtained from the phone or from a DM backup.
Media on devices can be encrypted. If you don't and your pictures end up on tmz.com, then you were foolish. Nothing to do with the device in question.

i can assure you i did read the article in it's entirety. did you? there is also no mention of knowing exactly how they were obtained, it says IT'S POSSIBLE they were obtained via a cloud service.

[izzachar]

Quote:

Originally Posted by katiepea

i can assure you i did read the article in it's entirety. did you? there is also no mention of knowing exactly how they were obtained, it says IT'S POSSIBLE they were obtained via a cloud service.

If you read the article then you should pay particular attention to this statement. it does not say it is merely "possible" but likely.

More likely is that the images are being stolen from cloud and backup services, where data sits unencrypted, not directly from the devices themselves.

The data on the ONE pic only shows it was taken with a blackberry not that it was hacked from a Blackberry. He states the other pic was NOT taken with the same phone.

I would not rule out a blackberry or any other device being hacked if it's owner leaves WiFi or Bluetooth on. but the very article you posted does not support you claim that a blackberry was hacked to get those pics.

[Qbnkelt]

Quote:

Originally Posted by katiepea

why is root such a big issue? most malware and hacks don't require root anyway, and you are aware that even if you're rooted, every single app has to ask permission to gain access as root (superuser) it can't just access a SU command on it's own, even if you're rooted and allowed an app to access email and that app had intentions of harming something, it can't just break encryption, root doesn't enter the phone into GOD mode where everything is possible, encryption still exists server side.

IT departments are not keen on devices where roots are widely available. They endanger what is behind the firewall. This is basic.