[Brandon Orr]

just a quick question. And pardon my ignorance, I'm not well versed in all the security features that are out there. Is my Z10 secure even if I don't have encryption on? After coming from an iPhone, how exactly is the Z10 more secure, like what better security features am I experiencing as a normal consumer user, in comparison to, say, an iPhone consumer user? I keep hearing everybody talk about how secure Blackberrys are but I am having a hard time understanding exactly where this security lies.

thanks in advance,

[yogehi]

All data that leaves the blackberry is encrypted. Your data goes from your phone through your carrier to the BlackBerry servers in Canada, which then gets decrypted. This is for everything from email to regular internet usage. On top of that, the os itself is harder to cracked open compared to android and iphone

Posted via CB10

[Brandon Orr]

All data that leaves the blackberry is encrypted. Your data goes from your phone through your carrier to the BlackBerry servers in Canada, which then gets decrypted. This is for everything from email to regular internet usage. On top of that, the os itself is harder to cracked open compared to android and iphone

Posted via CB10

Is it being encrypted even if i have the encryption option in the settings turned off?

[retomex]

All data that leaves the blackberry is encrypted. Your data goes from your phone through your carrier to the BlackBerry servers in Canada, which then gets decrypted. This is for everything from email to regular internet usage. On top of that, the os itself is harder to cracked open compared to android and iphone

Posted via CB10

Not quite right. BIS is not used by Z10; so email, web browsing and general data don't go through blackberry's servers anymore. BBM messages do go through blackberry's servers.

As to why the Z10 is more secure, I honestly don't know now that BIS is gone.

[LordCrankypants]

The software itself is secure, as in it's very difficult to hack into the phone. Further to that, much like Apple from days long ago, there hasn't been malware written for the OS (yet), so at this point, a sideloaded malicious app that was designed to exploit Android likely won't be able to do anything.

Even at that, a large part of BlackBerry security came from BES on the business side, and from individual choices on the consumer side. To truly make your device secure (even the legacy devices) you need to have encryption on and a device password set. With many sites that handle personal information using the https protocol (eg. Facebook uses this by default, as well as anything on the Web requiring credit card info or PayPal), the need for BlackBerry encryption on Web traffic has gone down. The parts that matter, like BBM, are still routed through BlackBerry servers and are very much secure.

JB

Posted from my brain via CB10

[Matt J]

Besides the phone being less prone to "hacking", the only additional security that I'm aware of is BBM running through BlackBerry's servers. Other than that, I think email and browsing security are on par with any other device, including iPhone.

[LordCrankypants]

It was always the security of the actual OS that was the biggest seller, apart from BIS. But again, once https was introduced as standard for all sites that transferred personal information (Facebook, emails, etc), the security brought to that by BIS was made obsolete. That, at least in part, explains why BlackBerry got rid of it with BB10.

It's not that the iphone is as secure, it's that the way emails and social media are processed is secure in itself. There's no need for the extra cost of BIS because it's not making those things more secure anymore.

JB

Posted from my brain via CB10

[lurk_n_post_2000]

Your data goes from your phone through your carrier to the BlackBerry servers in Canada

Actually, BlackBerry has data centers all over the world.

Posted via CB10

[aiharkness]

BIS email is not necesssarily secure. In the larger scheme of things I don't worry about it. But the information between the RIM/BlackBerry servers and the handset isn't encrypted, that is nothing other than the regular wireless mobile security. The information between the the RIM/BlackBerry servers and the email servers is only SSL depending on the email server; if the email server doesn't require SSL, then the connection is TCP. This information is documented at blackberry.com.

BB10 email will be encrypted between the hanset and the email server provided SSL is used.

As far as BBM, RIM has made a point of stating that BBM information transmissions are "scrambled" (as opposed to encrypted). Also, the key is not unique to you. I forget the details, but there is one key for everyone, every device.

BES is a different story.

As far as the consumer, there is still a great deal to recommend. No one is going to hack your blackberry if you don't want them to. No one will get passed the device password. No one will get by the media card encryption if you set a sufficiently long and complex password (or use the device key). No malware is going to be installed on the device unless you do it, or someone gets hands on your unlocked device. The pre-10 BlackBerrys have the option to set the device to require the password before installing an app. Plus, the user has control over app permissions. And the malware threat for BlackBerrys is practically nil.

I'm not quite sure about BB10, but on the pre-10 devices the user can see and remove any "user-installed" app (as well as select native apps), and see all modules. I haven't spent time to see what is different on the Z10 in this respect, but still the user can wipe the device and restore an earlier backup if needed. (And all users should be doing regular backups to a computer. BlackBerry Protect is nice, but my advice is keep doing backups to computer for extra safety.)

[dad2bandm]

All data that leaves the blackberry is encrypted...

Posted via CB10

That is not even remotely true.



Posted via CB10

[bennelong]

Mind you, this was interesting.
Blackberry Z10 Analysis - Digital Forensics Forums | ForensicFocus.com

[Astro_Man]

Where BlackBerry excels is in the security of data stored on the device itself. For that, yes, at the very least a password would have to be set, and for best results encryption should be turned on. Forensic labs and companies like Cellebrite which makes UFED equipment have had much greater success extracting data from locked, password protected apple/ios and android devices than from BlackBerry devices. They're often able to simply plug iphone or android devices into the UFED equipment, circumvent their passwords, and access users' personal device data. This can happen even in a police car during a traffic stop. Now, there are some anti-BlackBerry, pro intrusive-government type posters here on this site who will say that police aren't looking at your data, that they're only checking to see if you've been texting while driving, but those posters certainly can't give you a personal guarantee worth anything that that's true. They'll usually reply to posts containing information like this one with non-answers like "nobody cares about security" or "police can look at my data because I have nothing to hide when I haven't done anything wrong," but the fact remains that BlackBerry is more secure because Cellebrite UFED equipment cannot circumvent a BlackBerry's password. Blackberry forensics is much more painstaking and involves the destructive procedure of having to remove the device's memory chip in a forensic lab and trying to gain access to the data that way with no guarantee of any success.

[greggebhardt]

All data that leaves the blackberry is encrypted. Your data goes from your phone through your carrier to the BlackBerry servers in Canada, which then gets decrypted. This is for everything from email to regular internet usage. On top of that, the os itself is harder to cracked open compared to android and iphone

Posted via CB10

SO much MIS information! Data no longer goes through the BB servers unless you are on BIS. BB10 devies are no more secure than your iPhone. Even BES10 is not secure to the NSA so who knows who can look at that info.

[BlackBerry Guy]

Here's a little light reading on BIS vs BES: http://t.crackberry.com/blackberry-1...ats-difference

Consumer level BlackBerry 10 phones no longer require or are sold with BIS so do not offer the limited encryption that it has. One would have to assume that transmitted and received data on a BB10 device is as secure (or insecure) as any other smartphone.

As far as physical security is concerned, the first step to that is to password protect your phone at the very least. Astro Man is correct in pointing out that it is more difficult for another party to physically hack or extract data from a secured BlackBerry device, at least one on the old BBOS. I haven't seen much on whether or not BB10 offers the same. It may be worth pointing out that PlayBook OS, which is very similar to BB10, was rooted at one point (DingleBerry).



Sent from my Nexus 7 using Tapatalk 4

[Chanlion]

There's quite a lot of wrong info here. But basically, if someone with a decent computer knowledge wanted data from your phone, they couldn't. As long as you have a password.

This is a very general summary. The weakest link would actually be your password. The security on most smartphones and definitely BlackBerry are top notch.

Media card on the other hand isn't protected by anything unless encrypted.

Security's a slightly more hidden world. It'll be hard to find really deep info on it.