[Danny24uk]

You always hear people piping on about how blackberry is the most secure os out there! I genuinely do not know what they mean! What are blackberry doing that other operating systems aren't??

Posted via CB10

[donmateo]

Encryption mostly. Doesn't hurt that they started with the QNX base which is more secure to begin with.

Posted via CB10

[Bluenoser63]

You always hear people piping on about how blackberry is the most secure os out there! I genuinely do not know what they mean! What are blackberry doing that other operating systems aren't??
Posted via CB10

One thing they do is check that the OS hasn't been modified. That is what is happening when a BB10 device boots up and takes time. It is checking for malicious activity. You can't root a Blackberry, but you can an iOS and Android. If the OS can't be trusted on boot up, then the device is not secure.

[PatrickMJS]

Many, many articles on reliable sources have posted comments by security experts that when they need to hack a phone, ios is easiest (100% success), Android is almost as easy and BlackBerry is impenetrable.

Even the venerable but sadly pro-Apple NY Times posted a recent article on the iPhone's lack of security where they stated that security experts were able to hack any iPhone, whether it has a password or not.

Posted via CB10

[walt63]

That it's secure...

Posted via CB10

[jpvj]

iOS also has a secure boot chain. All OS's are potentially vulnerable to a root attack.

Think about why people want to "root" an OS?

I work professionally with BlackBerry / BES implementations and attended at one point in time a meeting with a senior security advisor from BlackBerry and a governmental customer.

He explained that BlackBerry gas bugs in the os too, but most are found by their security team during review s and penetration testing. One reason for BlackBerry not being target for root exploits is that you are free to install any app if you want too, also from sources outside BlackBerry World. Apple does not allow that, so rooting is a matter of getting the freedom to do what you want with our device.

Posted via CB10

[KermEd]

You always hear people piping on about how blackberry is the most secure os out there! I genuinely do not know what they mean! What are blackberry doing that other operating systems aren't??

Posted via CB10

Off the top of my head...

Root: At boot the device does a series of checks to validate if it has been tampered with (i.e. Rooting) which can result in a bricked device or unrooting itself. Any devices we have rooted to-date in PB or BB10 reverses itself on reboot.

Code: BB10's OS uses closed source - making it difficult for hackers to find a weakness 'in the code'

Access: Apps can only read their own data. This means one app cannot access and modify another app. This sand boxing prevents a worm virus from being able to exist on the device.

Accounts: your business and personal accounts can also be separated. Ensuring all your consumer accounts cannot access corporate data.

BES: Devices can be maintained by an IS team. This further helps build lines between consumer and professional sides.

Applications: All apps in BBWORLD are tested and validated by bbry staff. However more importantly they go through 2 layers of antivirus scanning - which is 2 layers more than Android (for example)

Encryption: Most everything from application signatures, to application signing, to device communication is encrypted by blackberry. Contrary to what you may have heard - this encryption is very tough. At best one or two security analysts have taken shots at theoretical holes that exist on the least secure areas of encryption. Bbrys response however is that those are mitigated elsewhere in the security architecture and in place for compatibility.

There are other additions as well. Some of the barriers met by developers (limited background processing, limited access to settings, limited access to collecting user details) are also the same thing that protects us (Web browser cannot be hijacked, your settings cannot be changed without your approval, and you choose what apps can see what information).

Stuff like that.

Now don't get me wrong - iOS is miles ahead of Android. But even iOS has weak points - apps for example have been able to make unauthorized in-app purchases on behalf of users. And they were used by the evil ones to build free apps that one year later would trigger thousands of dollars in micro-purchases. Rooted devices can also stay rooted depending on the OS.

Windows phone seems relatively stable - however they do not do as detailed of an app analysis as they say they do. Both the Windows Store and Phone Store contain plenty of noticeable pirated content (including from Nintendo such as Mario). However as I've only used it transitionally I can't speak to user impact of security. But where there is smoke...

Posted via CB from my LE

[ablefunzo]

Do you post this information elsewhere for other people to know? It would be nice to make this available elsewhere. May be CrackBerry should do this. Thanks

[PatrickMJS]

Do you post this information elsewhere for other people to know? It would be nice to make this available elsewhere. May be CrackBerry should do this. Thanks

This info is widely known.

Posted via CB10

[A_Aviator_A]

On a more "macro" line of discussion:

Apple & Sansung's goal is to push content to you for purchase through their devices and also to data-mine your every mobile move.
Blackberry provides a leading mobility service where encryption and secure server (BES10) protocols protect your online communications.
This is their MO.

This is more perception than fact, but even without BES I trust BB devices more than I do those controlled by a data-miner or a consumer service whose main purpose is to up-sell content.

[Richard Buckley]

On a more "macro" line of discussion:

Apple & Sansung's goal is to push content to you for purchase through their devices and also to data-mine your every mobile move.
Blackberry provides a leading mobility service where encryption and secure server (BES10) protocols protect your online communications.
This is their MO.

This is more perception than fact, but even without BES I trust BB devices more than I do those controlled by a data-miner or a consumer service whose main purpose is to up-sell content.

This is one of the most valuable aspects of my relationship with BlackBerry. I've never been concerned that a BlackBerry application was made to profit from my data. Even when it would have been easy to do so, BlackBerry Travel for example. I see daily examples of how Google is using the data I pass through them to make money. That's the deal you make with Google to use their stuff, and I'm OK with that, mainly because I have my BlackBerry that lets me keep some of that data back.

[Bluenoser63]

iOS also has a secure boot chain. All OS's are potentially vulnerable to a root attack.

Think about why people want to "root" an OS?

I work professionally with BlackBerry / BES implementations and attended at one point in time a meeting with a senior security advisor from BlackBerry and a governmental customer.

He explained that BlackBerry gas bugs in the os too, but most are found by their security team during review s and penetration testing. One reason for BlackBerry not being target for root exploits is that you are free to install any app if you want too, also from sources outside BlackBerry World. Apple does not allow that, so rooting is a matter of getting the freedom to do what you want with our device.

Posted via CB10

Curious.. Please qualify the statement

One reason for BlackBerry not being target for root exploits is that you are free to install any app if you want too, also from sources outside BlackBerry World.

How can you install any BB10 app you want outside of Blackberry World. This does not apply to work space apps on a BES 10 installation.

[Richard Buckley]

Curious.. Please qualify the statement



How can you install any BB10 app you want outside of Blackberry World. This does not apply to work space apps on a BES 10 installation.

While this is true, the whole point of having Balance is that the user can install what they want on the personal side without risking the work partition.

Posted via CB10

[jpvj]

For a start you have always been able to install a .jad file on BlackBerry OS or a .bar on BlackBerry 10 (development mode).

Apple wants to be the single source of apps, do iOS required the app to be signed with a valid certificate and downloaded from Apples AppStore.

Thus is freedom vs restrictions.

Posted via CB10

[jpvj]

While this is true, the whole point of having Balance is that the user can install what they want on the personal side without risking the work partition.

Posted via CB10

Correct. Balance is spot on when looking at controlling corporate data and letting the user have fun on the same device.

It was probably invented based on customer feedback. The was a tendency to set the BES policy "Disallow installation of 3rd party applications" to True, so users was left with a locked down device. Easy for IT admits but users didn't like it.

Posted via CB10

[fpjones3]

I just want to understand something.

Since BB10 no longer utilizes BIS, is it any less secure than BB7 (which ran on BIS/BES)?

Also, I noticed that BB7s had the Password Keeper app out-of-the-box. For 10, I needed to install it separately. Does this changes the apps credibility?

[Richard Buckley]

I just want to understand something.

Since BB10 no longer utilizes BIS, is it any less secure than BB7 (which ran on BIS/BES)?

Also, I noticed that BB7s had the Password Keeper app out-of-the-box. For 10, I needed to install it separately. Does this changes the apps credibility?

Any less secure in what way? For accessing secure websites BB10 is arguably more secure because when browsing HTTPS sites on BIS the session was proxied to the ROC so you did not have device to server encryption. Now on BB10 you do.

No it does not change the application credibility.

[fpjones3]

Any less secure in what way?

Less secure than before I suppose.

I have to admit, I wasn't able to read up on the difference between 7 and 10 and why 10 no longer needs BIS. I only knew of that when my carrier says I need to change my data plan (from a BB-specific plan to the regular data plans).

[Richard Buckley]

Less secure than before I suppose.

I have to admit, I wasn't able to read up on the difference between 7 and 10 and why 10 no longer needs BIS. I only knew of that when my carrier says I need to change my data plan (from a BB-specific plan to the regular data plans).

Well as I said with web browsing, from a security standpoint eliminating BIS eliminates the trip through the BlackBerry servers. This allows end-to-end encryption to web sites, email servers and application specific servers. Developers could do that with BIS though there were issues. As soon as you implement end-to-end encription the bearer channel (in this case BIS) can't compress the data anymore. To do this also required the application vendor have an agreement with RIM to use BIS-B. That kind of fell apart towards the end. RIM seems to have decided not to enforce the agreement requirement.

The other security issue with BIS is that it became a target for authoritarian governments who famously required RIM to site server systems inside their countries where they would be subject to warrants and production orders. The normal threat was that the government would order local carriers to suspend service to all BlackBerry devices using their networks unless RIM complied. These countries were probably hoping to access BES traffic this way, but RIM built that system so that only the handset and the client's server have the cryptography keys, so this is not possible. By eliminating BIS and moving all web and email traffic to the normal internet BlackBerry gets out from underneath this requirement. Also, provided your web and email servers provide SSL/TLS, it gives your traffic better protection than BIS in these circumstances.

BBOS and BB10 are completely different systems from the ground up. BBOS runs all application layer programs in a single Java virtual machine. If you think of a modern browser which is a single program with a number of plug-ins that provide additional functionallity, BBOS is very similar. All applications run on a single OS process, co-operatively sharing resources. RIM did a very good job keeping application data secure from other apps; but a badly written application could severly impact the system. For example I made a mistake in writting one application that prevented my development machine from booting. BB10 is a modern multitasking operating system. All applications run separately. The OS enforces resource sharing so a single application can't have as significant an impact on the system.

Those are the highlites I can think of right now. A full comparison of the security differences would make up a substancial white paper.

[fpjones3]

Ah ok. I get the drift. So BIS is pretty much like accessing the WWW thru proxy servers sans the security risks. Did I understand that correctly?

Thanks for taking the time to explain it, Richard. :thumbsup:

[Richard Buckley]

Ah ok. I get the drift. So BIS is pretty much like accessing the WWW thru proxy servers sans the security risks. Did I understand that correctly?

Thanks for taking the time to explain it, Richard. :thumbsup:

Up close enough.

Posted via CB10

[The Big Picture]

With iOS you can jailbreak and with android you can root. Both of these removes all security and privacy functions.

And you can do both all by yourself using a tutorial found online. Just google it.

I dont think a similar "hack" can be done with a blackberry.

Differentiate or Die

[anon(6168981)]

Many, many articles on reliable sources have posted comments by security experts that when they need to hack a phone, ios is easiest (100% success), Android is almost as easy and BlackBerry is impenetrable.

Even the venerable but sadly pro-Apple NY Times posted a recent article on the iPhone's lack of security where they stated that security experts were able to hack any iPhone, whether it has a password or not.

Posted via CB10

Could you share the link to the article? It would be useful.

[PatrickMJS]

Could you share the link to the article? It would be useful.

http://www.theguardian.com/technolog...-and-what-next

http://www.theguardian.com/technolog...-privacy-fears

http://www.theguardian.com/technolog...ed-not-so-fast

http://www.huffingtonpost.com/2014/0...n_5397242.html

http://bits.blogs.nytimes.com/2014/0...ype=blogs&_r=0

http://gawker.com/5559346/apples-wor...owners-exposed

http://www.tuaw.com/2007/07/23/nyt-r...vulnerability/

http://www.ibtimes.com/apple-faces-p...ng-file-280799

http://appleinsider.com/articles/13/...-locked-iphone

Posted via CB10

[nosco47]

Application permissions. On my nexus 7 (Android), I cannot install any app without it wanting access to everything. At least with blackberry you have the option to turn off permissions to whatever you feel the app should not be accessing.



Posted via CB10