06-20-18 10:45 PM
tools Reply
  1. CrackBerry Question's Avatar
    CrackBerry Question
    I noticed my BB KeyOne trusts the WoSign certificate authority. It would appear they've not followed best practices for being a public CA.

    Apple has decided to blacklist them, Mozilla seemingly decided against it. Google it? I can't seem to post links here.

    I'm curious - with all the security awareness Blackberry has, do they have any input towards the phone's trusted CAs? Do they have any opinion regarding changes in web security in general that would lead them to a move like Apple and just outright blocking WoSign in an update?

    For a phone that has a security check app to tell me how vulnerable I am, I was hoping BB would take a position of leadership and have an opinion about issues like this.
    06-20-18 02:22 PM
  2. Bla1ze's Avatar
    Bla1ze
    CB OG
    AFAIK those would still be loaded up by Google as part of the Core OS, and even still, you would get warnings in your browser if any of them were reached. You can disable WoSign and StartCom in the settings if you're that concerned.
    06-20-18 02:28 PM
  3. kyle11gmailcom's Avatar
    kyle11gmailcom
    Thanks! I'd already disabled them just to see if they'd be enabled again in a subsequent update (they weren't). I'm not terribly concerned about it, I was more curious about where the line is drawn in the Android ecosystem compared to Apple. If I understand you right, you believe that Google, as the maintainer of Android overall would take on the role of vetting which root CAs are trusted. I'm not sure I agree based on what I'm able to find. Google has distrusted WoSign in Chrome, but I can't find any similar mention of them removing it from the Android sources.

    Via stackoverflow i came across this little nugget on Chromium's root ca policy:

    "Note that, similar to Linux, the certificates included within the Android sources may be further altered by device manufacturers or carriers, pursuant to their local programs."

    I don't mean to be bothersome or belabor the point, I'm just really curious about who decides what root CAs get trusted in my Berry!
    06-20-18 04:00 PM
  4. Bla1ze's Avatar
    Bla1ze
    CB OG
    Originally Posted by kyle11gmailcom
    I don't mean to be bothersome or belabor the point, I'm just really curious about who decides what root CAs get trusted in my Berry!
    Yeah, if I had another non-BlackBerry device I would check for you just to see myself but unfortunately all I have are BlackBerry devices.
    06-20-18 10:45 PM
« Instagram version | Security Wipe issues »

Similar Threads

  1. BB Network - New corporate device?
    By chansen16 in forum General BlackBerry News, Discussion & Rumors
    Replies: 6
    Last Post: 10-16-18, 11:37 PM
  2. Does anyone know what the phone number is for the TCL Repair Centre in Mississauga, Ontario?
    By CD G in forum Ask a Question
    Replies: 2
    Last Post: 07-27-18, 04:02 PM
  3. Unboxing videos are popping up
    By cckgz4 in forum BlackBerry KEY2
    Replies: 17
    Last Post: 06-21-18, 10:54 AM
  4. What are the red and blue lights on my Blackberry Key one?
    By CrackBerry Question in forum Ask a Question
    Replies: 2
    Last Post: 06-20-18, 11:11 AM
  5. Is it possible to recover internal memory if the bb is not booting anymore?
    By coldeai in forum BlackBerry Classic
    Replies: 3
    Last Post: 06-18-18, 03:56 PM
LINK TO POST COPIED TO CLIPBOARD