[Astro_Man]

This article got me thinking: Motorola is Listening.

Is BIS really a BES with my carrier and/or BlackBerry acting as admin? How much BES style admin control do carriers, BlackBerry, or unknown parties wield over my smartphone? Yea, I know they can shut it off if I don't pay, and turn it back on when I do pay, and they push crapware options to my phone and service books to my phone supposedly to make it work, but can/do they collect data like my passwords, alter my security settings like security timeout, read my lock screen info, etc.? I've noticed the following:

1. Whenever I unlock my BlackBerry, the transmit arrows go into motion. Why? Is the handheld transmitting information about my phone, or its password, and so forth? I notice a significant increased battery drain when I employ a one minute security timeout as opposed to a one hour security timeout. What's it really doing behind the scenes each time I unlock my phone?

2. When I look at the databases which I can selectively restore from a BlackBerry Desktop Software backup, one of them is "Configuration Channel," and the value next to this entry is "5," not 0 like MMS messages. (I have no MMS messages stored on my phone right now.) According to the BlackBerry smartphone database list, Configuration Channel "Stores configuration information that an administrator may assign using the Configuration Channel feature of BlackBerry Enterprise Server 5.0." WTF??? I'm not on BES, yet the entry for this database is five.

For you BB10 users who think you're not on BES, are you really sure you're not botnetted into the NOC somehow by virtue of using a BlackBerry? Everyone knows you still make use of the NOC when you BBM. What's to say other stuff isn't passing through there by order of some QNX commands coded into BB10?

And for you BBOS BES users, why do you even need the NOC at all? Is it just for BBM or is other stuff passing through the NOC? And how do you know the NOC isn't acting as some "super" BES admin over all BES systems (and BIS, too), functioning as a grand backdoor/skeletonkey thingy to override your ironclad BlackBerry security?

[johnnyuk]

And for you BBOS BES users, why do you even need the NOC at all? Is it just for BBM or is other stuff passing through the NOC?

Wow someone has been on the paranoia pills today haven't they!

BBOS on BES through the NOC gives compression and encryption between the phone and the BES using private keys. Even BlackBerry do not have the keys to decrypt the traffic while it's in transit between the BES and the phone.

As for whether BlackBerry have secretly built snooping tech in to the phones and BES, well if they have and ever get busted for it then they are a dead company in the Enterprise. They built their reputation on security, nobody would ever touch them again. So I'd say no, they haven't.

If they have done it and they have all our personal and corporate data, I'd say they are doing pretty badly at profiting from it given that they just posted a small financial loss this quarter. If they ever suddenly start catching Apple up in profits then start worrying, it means they started selling our data! Lol

Posted via CB10

[diegonei]

Really friend, chill.

This article got me thinking: Motorola is Listening.

Is BIS really a BES with my carrier and/or BlackBerry acting as admin?

Neither. It's a dumb connection to the NOC, with a generic set of configurations that are the same for all users. Your carrier has little to do with it, at best they can tell BlackBerry to disable YouTube if you're not on WiFi.

How much BES style admin control do carriers, BlackBerry, or unknown parties wield over my smartphone? Yea, I know they can shut it off if I don't pay, and turn it back on when I do pay, and they push crapware options to my phone and service books to my phone supposedly to make it work, but can/do they collect data like my passwords, alter my security settings like security timeout, read my lock screen info, etc.? I've noticed the following:

As far as we know carriers can access a lot of stuff you do by design. They know where you are (cell triangulation since you use their antenas), who you call and text (so they can bill you). Other than this, they need software like CarrierIQ, which BlackBerry doesn't support. BlackBerry on the other hand is able to collect date IF you opt in. Totally up to you.

1. Whenever I unlock my BlackBerry, the transmit arrows go into motion. Why? Is the handheld transmitting information about my phone, or its password, and so forth? I notice a significant increased battery drain when I employ a one minute security timeout as opposed to a one hour security timeout. What's it really doing behind the scenes each time I unlock my phone?

You forgot that legacy devices are always connected? You unlock it, it wil automatically wake up all connections that have gone idle and update whatever services that were on hold. Or it may as well be you just happen to see it happen. I know for a fact i would get those arrows at least once every 30 secons back on my 9780.

So, you noticed an increased battery drain when you asked your device to do the same task 60 times per hour when compared to once per hour? Ok.

2. When I look at the databases which I can selectively restore from a BlackBerry Desktop Software backup, one of them is "Configuration Channel," and the value next to this entry is "5," not 0 like MMS messages. (I have no MMS messages stored on my phone right now.) According to the BlackBerry smartphone database list, Configuration Channel "Stores configuration information that an administrator may assign using the Configuration Channel feature of BlackBerry Enterprise Server 5.0." WTF??? I'm not on BES, yet the entry for this database is five.

You got me. I can only guess that it contains five generic rules in there. Maybe telling the device and the NOC that you're on BIS, so it can ignore a few of the things the NOC does for BES. But I really don't know about this one. I never restored that setting from my backups. My phone never worked differently when I deleted it either.

For you BB10 users who think you're not on BES, are you really sure you're not botnetted into the NOC somehow by virtue of using a BlackBerry? Everyone knows you still make use of the NOC when you BBM. What's to say other stuff isn't passing through there by order of some QNX commands coded into BB10?

BB10 phones don't use BIS. BB10 devices only access the NOC for BBM and BlackBerry Protect. Nothing else. BBM was never slow (unless of course, there were issues with the backends). BB10 uses the same generic internet connection an iPhone does. And since people keep saying it's as fast as, it can't be piggybacking info and keeping up with the competition.

Unless of course, our kid's karate and bellet times are really that valuable.

And for you BBOS BES users, why do you even need the NOC at all? Is it just for BBM or is other stuff passing through the NOC? And how do you know the NOC isn't acting as some "super" BES admin over all BES systems (and BIS, too), functioning as a grand backdoor/skeletonkey thingy to override your ironclad BlackBerry security?

BES is a completely different beast from BIS. BES Admins can set up all sorts of rules and on top of that, use their very own encryption key, which BlackBerry doesn't get to see. If you hear BlackBerry has given X government access to BBM, I tell you it was just the BIS users. They can't, even if they want, access their own BES solution without the right keys. So, while BIS might be a security liability, BES isn't. Again, I must tell you, BlackBerry has better stuff to worry about than checking who is sexting and who is making vacation plans.

I tried to answer everything as honestly as I could, but conspiracy theories get old fast on me. 2-3 lines and I tire of them.

[Astro_Man]

2. When I look at the databases which I can selectively restore from a BlackBerry Desktop Software backup, one of them is "Configuration Channel," and the value next to this entry is "5," not 0 like MMS messages. (I have no MMS messages stored on my phone right now.) According to the BlackBerry smartphone database list, Configuration Channel "Stores configuration information that an administrator may assign using the Configuration Channel feature of BlackBerry Enterprise Server 5.0." WTF??? I'm not on BES, yet the entry for this database is five.

You got me. I can only guess that it contains five generic rules in there. Maybe telling the device and the NOC that you're on BIS, so it can ignore a few of the things the NOC does for BES. But I really don't know about this one. I never restored that setting from my backups. My phone never worked differently when I deleted it either.

I saw it in the backup I made prior to a security wipe. I didn't restore it. I made a new backup after the security wipe & restore, and that database was back, on its own, as if pushed or a service book or something.

[diegonei]

I saw it in the backup I made prior to a security wipe. I didn't restore it. I made a new backup after the security wipe & restore, and that database was back, on its own, as if pushed or a service book or something.

Yep. Search the database options for Desktop Software and you'll find you can actually delete those from the phone. Delete, backup and check.

I bet you a Curve it will still be there. It's just the defaults so the phone can work, I believe.

[belfastdispatcher]

Yep. Search the database options for Desktop Software and you'll find you can actually delete those from the phone. Delete, backup and check.

I bet you a Curve it will still be there. It's just the defaults so the phone can work, I believe.

To delete a phone from Desktop Manager you have to ask it to "forget" the phone after which you're prompted to delete the backup files for it as well.

[belfastdispatcher]

Also don't forget BBOS phones are set up for BIS and BES out of the box, there's no BES specific OS, any device can be activated for enterprise use.

[diegonei]

To delete a phone from Desktop Manager you have to ask it to "forget" the phone after which you're prompted to delete the backup files for it as well.

Right. But I never said delete a phone. I said delete a database from withing the phone.

Hope it's clearer now.

Posted via CB10

[h20work]

BES=you are safe, BIS =not so much

I apologize for putting it in "layman's terms"

[mark37724]

http://www.google.ca/url?sa=t&rct=j&...48705608,d.aWc , you likely would have already agreed to this but if you want to read it, maybe it will answer your questions.