- One thing they do is check that the OS hasn't been modified. That is what is happening when a BB10 device boots up and takes time. It is checking for malicious activity. You can't root a Blackberry, but you can an iOS and Android. If the OS can't be trusted on boot up, then the device is not secure.07-17-14 09:23 PMLike 3
- Many, many articles on reliable sources have posted comments by security experts that when they need to hack a phone, ios is easiest (100% success), Android is almost as easy and BlackBerry is impenetrable.
Even the venerable but sadly pro-Apple NY Times posted a recent article on the iPhone's lack of security where they stated that security experts were able to hack any iPhone, whether it has a password or not.
Posted via CB10Mo Cat and CerveloJohn like this.07-18-14 10:34 AMLike 2 - iOS also has a secure boot chain. All OS's are potentially vulnerable to a root attack.
Think about why people want to "root" an OS?
I work professionally with BlackBerry / BES implementations and attended at one point in time a meeting with a senior security advisor from BlackBerry and a governmental customer.
He explained that BlackBerry gas bugs in the os too, but most are found by their security team during review s and penetration testing. One reason for BlackBerry not being target for root exploits is that you are free to install any app if you want too, also from sources outside BlackBerry World. Apple does not allow that, so rooting is a matter of getting the freedom to do what you want with our device.
Posted via CB10anon5645485 likes this.07-18-14 10:54 AMLike 1 -
Root: At boot the device does a series of checks to validate if it has been tampered with (i.e. Rooting) which can result in a bricked device or unrooting itself. Any devices we have rooted to-date in PB or BB10 reverses itself on reboot.
Code: BB10's OS uses closed source - making it difficult for hackers to find a weakness 'in the code'
Access: Apps can only read their own data. This means one app cannot access and modify another app. This sand boxing prevents a worm virus from being able to exist on the device.
Accounts: your business and personal accounts can also be separated. Ensuring all your consumer accounts cannot access corporate data.
BES: Devices can be maintained by an IS team. This further helps build lines between consumer and professional sides.
Applications: All apps in BBWORLD are tested and validated by bbry staff. However more importantly they go through 2 layers of antivirus scanning - which is 2 layers more than Android (for example)
Encryption: Most everything from application signatures, to application signing, to device communication is encrypted by blackberry. Contrary to what you may have heard - this encryption is very tough. At best one or two security analysts have taken shots at theoretical holes that exist on the least secure areas of encryption. Bbrys response however is that those are mitigated elsewhere in the security architecture and in place for compatibility.
There are other additions as well. Some of the barriers met by developers (limited background processing, limited access to settings, limited access to collecting user details) are also the same thing that protects us (Web browser cannot be hijacked, your settings cannot be changed without your approval, and you choose what apps can see what information).
Stuff like that.
Now don't get me wrong - iOS is miles ahead of Android. But even iOS has weak points - apps for example have been able to make unauthorized in-app purchases on behalf of users. And they were used by the evil ones to build free apps that one year later would trigger thousands of dollars in micro-purchases. Rooted devices can also stay rooted depending on the OS.
Windows phone seems relatively stable - however they do not do as detailed of an app analysis as they say they do. Both the Windows Store and Phone Store contain plenty of noticeable pirated content (including from Nintendo such as Mario). However as I've only used it transitionally I can't speak to user impact of security. But where there is smoke...
Posted via CB from my LEDavid Tyler and mtint like this.07-18-14 11:09 AMLike 2 -
- On a more "macro" line of discussion:
Apple & Sansung's goal is to push content to you for purchase through their devices and also to data-mine your every mobile move.
Blackberry provides a leading mobility service where encryption and secure server (BES10) protocols protect your online communications.
This is their MO.
This is more perception than fact, but even without BES I trust BB devices more than I do those controlled by a data-miner or a consumer service whose main purpose is to up-sell content.Richard Buckley likes this.07-18-14 12:22 PMLike 1 - On a more "macro" line of discussion:
Apple & Sansung's goal is to push content to you for purchase through their devices and also to data-mine your every mobile move.
Blackberry provides a leading mobility service where encryption and secure server (BES10) protocols protect your online communications.
This is their MO.
This is more perception than fact, but even without BES I trust BB devices more than I do those controlled by a data-miner or a consumer service whose main purpose is to up-sell content.07-18-14 12:34 PMLike 0 - iOS also has a secure boot chain. All OS's are potentially vulnerable to a root attack.
Think about why people want to "root" an OS?
I work professionally with BlackBerry / BES implementations and attended at one point in time a meeting with a senior security advisor from BlackBerry and a governmental customer.
He explained that BlackBerry gas bugs in the os too, but most are found by their security team during review s and penetration testing. One reason for BlackBerry not being target for root exploits is that you are free to install any app if you want too, also from sources outside BlackBerry World. Apple does not allow that, so rooting is a matter of getting the freedom to do what you want with our device.
Posted via CB10
One reason for BlackBerry not being target for root exploits is that you are free to install any app if you want too, also from sources outside BlackBerry World.07-18-14 02:00 PMLike 0 -
Posted via CB1007-18-14 04:09 PMLike 0 - For a start you have always been able to install a .jad file on BlackBerry OS or a .bar on BlackBerry 10 (development mode).
Apple wants to be the single source of apps, do iOS required the app to be signed with a valid certificate and downloaded from Apples AppStore.
Thus is freedom vs restrictions.
Posted via CB1007-18-14 05:12 PMLike 0 -
It was probably invented based on customer feedback. The was a tendency to set the BES policy "Disallow installation of 3rd party applications" to True, so users was left with a locked down device. Easy for IT admits but users didn't like it.
Posted via CB1007-18-14 05:19 PMLike 0 - I just want to understand something.
Since BB10 no longer utilizes BIS, is it any less secure than BB7 (which ran on BIS/BES)?
Also, I noticed that BB7s had the Password Keeper app out-of-the-box. For 10, I needed to install it separately. Does this changes the apps credibility?07-18-14 08:00 PMLike 0 - I just want to understand something.
Since BB10 no longer utilizes BIS, is it any less secure than BB7 (which ran on BIS/BES)?
Also, I noticed that BB7s had the Password Keeper app out-of-the-box. For 10, I needed to install it separately. Does this changes the apps credibility?
No it does not change the application credibility.fpjones3 likes this.07-18-14 09:48 PMLike 1 - Less secure than before I suppose.
I have to admit, I wasn't able to read up on the difference between 7 and 10 and why 10 no longer needs BIS. I only knew of that when my carrier says I need to change my data plan (from a BB-specific plan to the regular data plans).07-18-14 10:52 PMLike 0 -
The other security issue with BIS is that it became a target for authoritarian governments who famously required RIM to site server systems inside their countries where they would be subject to warrants and production orders. The normal threat was that the government would order local carriers to suspend service to all BlackBerry devices using their networks unless RIM complied. These countries were probably hoping to access BES traffic this way, but RIM built that system so that only the handset and the client's server have the cryptography keys, so this is not possible. By eliminating BIS and moving all web and email traffic to the normal internet BlackBerry gets out from underneath this requirement. Also, provided your web and email servers provide SSL/TLS, it gives your traffic better protection than BIS in these circumstances.
BBOS and BB10 are completely different systems from the ground up. BBOS runs all application layer programs in a single Java virtual machine. If you think of a modern browser which is a single program with a number of plug-ins that provide additional functionallity, BBOS is very similar. All applications run on a single OS process, co-operatively sharing resources. RIM did a very good job keeping application data secure from other apps; but a badly written application could severly impact the system. For example I made a mistake in writting one application that prevented my development machine from booting. BB10 is a modern multitasking operating system. All applications run separately. The OS enforces resource sharing so a single application can't have as significant an impact on the system.
Those are the highlites I can think of right now. A full comparison of the security differences would make up a substancial white paper.07-19-14 08:25 AMLike 3 -
- With iOS you can jailbreak and with android you can root. Both of these removes all security and privacy functions.
And you can do both all by yourself using a tutorial found online. Just google it.
I dont think a similar "hack" can be done with a blackberry.
Differentiate or DiePatrickMJS and Bluenoser63 like this.07-20-14 04:30 PMLike 2 - Many, many articles on reliable sources have posted comments by security experts that when they need to hack a phone, ios is easiest (100% success), Android is almost as easy and BlackBerry is impenetrable.
Even the venerable but sadly pro-Apple NY Times posted a recent article on the iPhone's lack of security where they stated that security experts were able to hack any iPhone, whether it has a password or not.
Posted via CB1007-21-14 09:31 AMLike 0 - http://www.theguardian.com/technolog...-and-what-next
http://www.theguardian.com/technolog...-privacy-fears
http://www.theguardian.com/technolog...ed-not-so-fast
http://www.huffingtonpost.com/2014/0...n_5397242.html
http://bits.blogs.nytimes.com/2014/0...ype=blogs&_r=0
http://gawker.com/5559346/apples-wor...owners-exposed
http://www.tuaw.com/2007/07/23/nyt-r...vulnerability/
http://www.ibtimes.com/apple-faces-p...ng-file-280799
http://appleinsider.com/articles/13/...-locked-iphone
Posted via CB10The Big Picture and David Tyler like this.07-22-14 09:15 AMLike 2
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
What's so great about BlackBerry's security??
Similar Threads
-
BlackBerry! PUMP me UP!!
By Fistmaster in forum BlackBerry PassportReplies: 19Last Post: 07-18-14, 08:02 PM -
Will the new BlackBerry Assistant come to all devices?
By Stephen Cooper in forum General BlackBerry News, Discussion & RumorsReplies: 2Last Post: 07-17-14, 08:59 PM -
what is the best os for blackberry z10 ?
By CrackBerry Question in forum Ask a QuestionReplies: 1Last Post: 07-17-14, 07:57 PM -
Is this something I should be excited about?
By Lawmen23 in forum BlackBerry 10 OSReplies: 3Last Post: 07-17-14, 07:02 PM -
What is "IMS Status" in the Connections
By Komet86 in forum Ask a QuestionReplies: 3Last Post: 07-17-14, 06:39 PM
LINK TO POST COPIED TO CLIPBOARD