-
In January my company communicated with BlackBerry about a number of insecure coding issues with BlackBerry Launcher and BBM (some of the worst we've seen). We've yet to have a reply with regards what our static analysis platform found in seconds. Also there are a number of URLs that will require validation. The latest BBM still hasn't addressed the issues we found. We use BlackBerry devices and in particular Android. As a software company we actually expected more from BlackBerry. Note. The title should say "insecure" :)
-
Can you elaborate? Are you referring to BBM Enterprise or standard?
-
BBM Standard. We haven't tested BBM Enterprise as yet. The coding issues leave BBM and the Launcher open to various security and data leakage issues. We've asked BlackBerry to investigate and validate our findings, but so far we've only had one email from a senior BB contact confirming our email has been forwarded to the appropriate teams and they may be in contact. They don't know what the specific issues are, but they know we will share all our findings in the interest of "user security and developer best practice".