1. katiepea's Avatar
    Blackphone goes to Def Con and gets hacked?sort of | Ars Technica

    taken from the article:
    "Ask and you shall receive. Jon “Justin Case” Sawyer, the CTO of Applied Cybersecurity LLC, walked up to the Blackphone table at Def Con and told them he rooted the phone. And those who followed him on Twitter received an abbreviated play-by-play.

    Further Reading
    Exclusive: A review of the Blackphone, the Android for the paranoid

    Custom-built with privacy in mind, this handset isn’t for (Google) Play.
    What followed, however, was not what Sawyer or the Blackphone team counted on: a BlackBerry blogger at N4BB leapt on one of Sawyer’s tweets and wrote a story with the erroneous headline, “Blackphone Rooted Within 5 Minutes.” By the time Sawyer was presenting on Sunday at Def Con with Tim Strazzere, the story had been picked up by a number of blogs and websites—and nearly all of them didn’t bother getting further details from Sawyer or Blackphone.

    BlackBerry partisans gloated over the hack. But the irony is that three days earlier, researchers from Accuvant showed in a presentation at Black Hat that they could remotely attack BlackBerry phones (as well as some Android and iOS devices) with a femtocell man-in-the-middle attack, getting root without even touching the phone. So the question is whether BlackBerry fans have any room to brag, or whether they're simply safer because they're not as big a target as Android. "

    _______

    One attack, demonstrated at Black Hat by Mathew Solnik and Marc Blanchou, used the embedded over-the-air management interfaces used by wireless carriers to perform carrier-pushed configuration updates. They were able to gain root access to BlackBerry phones, as well as some Android phones and the Sprint configuration of some iOS devices. The devices most vulnerable to the attack were the BlackBerry Z10 and the HTC One M7.



    _______
    End of article quoting

    So I think it's fair to say all the talk that Android isn't secure because it can be rooted and BB can't is hogwash and refutable at this point. BB is secure through obscurity and BB10 has been rooted outside of the NSA. It's time we all come to terms with it, honestly I wish it were made public so that we may exploit it for ourselves.
    08-12-14 04:38 PM
  2. Bilaal's Avatar
    Remotely attack, how? What can they do to my BlackBerry device? Wipe the device? Steal my details, access my notepad, browser history.
    I'd like to know, as much as every other security conscious person would..
    08-12-14 04:43 PM
  3. katiepea's Avatar
    Remotely attack, how? What can they do to my BlackBerry device? Wipe the device? Steal my details, access my notepad, browser history.
    I'd like to know, as much as every other security conscious person would..
    well root access was gained to z10 devices so, pretty much whatever the attacker wants to do.
    08-12-14 04:45 PM
  4. notafanboy's Avatar
    Lol. That's two months old and its been patched right away. Close thread.

    Posted via CB10
    08-12-14 04:46 PM
  5. katiepea's Avatar
    Lol. That's two months old and its been patched right away. Close thread.

    Posted via CB10
    hmm... nope. this happened a few days ago, with root access having been gained. i haven't received a carrier update pushed out to patch it. so, again, nope.
    mornhavon likes this.
    08-12-14 04:47 PM
  6. menshawy's Avatar
    It just didn't happen..... yet

    Join my photography channel
    08-12-14 04:49 PM
  7. AnimalPak200's Avatar
    The 'Carrier software' exploit/vulnerability was a subject of a previous thread. Basically, yes... Carrier software can manage/alter your device.

    I heard software updates pushed by the manufacturer can ALSO modify my device.

    So I guess the idea is that we trust the manufacturer and carrier to be responsible and maintain security. What else can we do, aside from making our own everything?

    http://forums.crackberry.com/blackbe...phones-949685/
    bungaboy likes this.
    08-12-14 04:49 PM
  8. notafanboy's Avatar
    Two months old. Go look it up. yawn this rehashing old news and misleading is getting old.

    Posted via CB10
    CDM76 likes this.
    08-12-14 04:50 PM
  9. katiepea's Avatar
    Two months old. Go look it up. yawn this rehashing old news and misleading is getting old.

    Posted via CB10
    The conference was just last week. So, again, nope.
    mornhavon likes this.
    08-12-14 04:54 PM
  10. notafanboy's Avatar
    http://nakedsecurity.sophos.com/2014...nes-and-ipads/

    I would worry about this. It's the reason why China, Germany and other governments around the world are banning iphone and ipad.

    Posted via CB10
    08-12-14 04:55 PM
  11. Aljean Thein's Avatar
    We're talking about BlackBerry here and not Apple

    Well, this is embarrassing...wonder what BlackBerry would do about this

    Posted via CB10
    08-12-14 05:17 PM
  12. notafanboy's Avatar
    We're talking about BlackBerry here and not Apple

    Well, this is embarrassing...wonder what BlackBerry would do about this

    Posted via CB10
    You are right. Talking about apple is a waste of time. BlackBerry already patched this up two months ago. You can kick, scream and hate all you want. No point in responding to those who hate BlackBerry on a BlackBerry fan site.

    Posted via CB10
    08-12-14 05:21 PM
  13. katiepea's Avatar
    You are right. Talking about apple is a waste of time. BlackBerry already patched this up two months ago. You can kick, scream and hate all you want. No point in responding to those who hate BlackBerry on a BlackBerry fan site.

    Posted via CB10
    please post a link showing that it's been patched, and who was hating on blackberry?
    08-12-14 05:24 PM
  14. zocster's Avatar
    The 'Carrier software' exploit/vulnerability was a subject of a previous thread. Basically, yes... Carrier software can manage/alter your device.

    I heard software updates pushed by the manufacturer can ALSO modify my device.

    So I guess the idea is that we trust the manufacturer and carrier to be responsible and maintain security. What else can we do, aside from making our own everything?

    http://forums.crackberry.com/blackbe...phones-949685/
    No need to open a new thread, that discussion still is ongoing.
    MobileMadness002 likes this.
    08-12-14 05:29 PM

Similar Threads

  1. BlackBerry Protected Now Available for BlackBerry Balance enabled devices
    By webmeister in forum BlackBerry Secure UEM & Productivity Suites
    Replies: 13
    Last Post: 08-26-14, 05:37 PM
  2. New Update for BlackBerry Users!
    By tinochiko in forum General BBM Chat
    Replies: 61
    Last Post: 08-24-14, 02:26 PM
  3. Can we please have blackberry balance??
    By antoscimento in forum Armchair CEO
    Replies: 19
    Last Post: 08-19-14, 10:59 PM
  4. Sprint Leaving Blackberry?
    By David Theado in forum General Carrier Discussion
    Replies: 16
    Last Post: 08-19-14, 10:53 PM
  5. Microphone works but people cannot hear me over the phone
    By crankystar in forum Ask a Question
    Replies: 1
    Last Post: 08-12-14, 03:49 PM
LINK TO POST COPIED TO CLIPBOARD