03-20-17 12:47 PM
156 ... 4567
tools
  1. Enclavet's Avatar
    I'm also puzzled by this config since anybody who has access to the server (admin/co-host/hacker) can grab the decryption key. The whole point of using e2e encryption is to make sure it's never decrypted in transit and using encrypted only emails will surely drain the battery faster, no mentioning all the problems with mixed content due to incompatible standards and BlackBerry's implementation.

    BTW, someone mentioned key management earlier. You can use the Symantec solution and BB will work with that.
    Here are examples of use in secure email:

    Protonmail:
    "In addition, the beauty of asymmetric encryption allows ProtonMail to automatically encrypt incoming emails from the outside, such as from Gmail, using the users’ public keys so that the data is stored encrypted."

    Mailbox.org
    https://mailbox.org/en/the-encrypted-mailbox/

    Basically public key encryption has 2 keys (public and private). The public key you give to anybody and can only be used to encrypt data. Not to decrypt. Your private key can both encrypt and decrypt. So basically you put your public key on the server. Any email you get from Gmail/Outlook/Hotmail that is unencrypted will be encrypted with your public key. Now if an admin/hacker/co-host goes onto your server they only will get your public key. Can't read your emails with that.
    09-11-15 01:39 PM
  2. ofutur's Avatar
    So basically you put your public key on the server. Any email you get from Gmail/Outlook/Hotmail that is unencrypted will be encrypted with your public key. Now if an admin/hacker/co-host goes onto your server they only will get your public key. Can't read your emails with that.
    Ah, of course. As long as you don't need to read it from the server (webmail), it works. Thanks for your explanations.
    09-11-15 05:50 PM
  3. Jose Casiano's Avatar
    A few years ago Kevin M hinted that security and data compression would bring Blackberry out of the dumps. At the time, he couldn't have foreseen the revelations of what our government was doing. I think it is just shy of ridiculous that PGP implementation is not extended to all users but okay, whatever. At least there is one developer who is helping.

    Posted via CB 10 on my Passport SQW100-1 sporting 10.3.1.2582
    Actually you don't want PGP (pretty good privacy) you want something better than that. That's the lowest type of encryption possible if that...

    Posted via CB10
    09-11-15 05:55 PM
  4. tollfeeder's Avatar
    Actually you don't want PGP (pretty good privacy) you want something better than that. That's the lowest type of encryption possible if that...

    Posted via CB10
    Care to elaborate?
    09-14-15 06:32 AM
  5. monolith82's Avatar
    Hub - Settings - Email Accounts -Your Email - Secure Email Settings it's a bit hidden. Don't know if it works with IMAP though.
    Attachment 371166

    Via Pasta CB10
    Thanks. I cannot see any of these options mentioned above. So looks like BlackBerry still not allowing regular IMAP email accounts to be secured via PGP/GPG as you would think it would be possible in XXI century...

    Anybody else any ideas or comments?


    --- Monolith --- Q10SQN100-3/10.3.2.2639
    09-14-15 09:02 AM
  6. monolith82's Avatar
    OK so generated new keypair under my Linux. Both keys (sign+encrypt) RSA. Exported in one ASCII file and my BlackBerry Q10 imported it with no problem at all.

    Now, next question I got only one free public IMAP email account (Polish provider - WP) and don't know how to enable/activate PGP sign/encrypt/decrypt feature. Tried to send new email from my BlackBerry, tried sending encrypted or signed emails to myself and receiving on BlackBerry but with none of them I see option for actually using imported PGP keys. I only use my own public/private key for this tests.

    Thanks for any replies.

    --- Monolith --- Q10SQN100-3/10.3.2.2639
    09-14-15 09:04 AM
  7. monolith82's Avatar
    Sorry if my two above posts could be chaotic. Tried to copy and paste posts from different thread I have started in BlackBerry 10 OS folder of this forum.

    Maybe somebody got any ideas or comments to what I posted above?

    Many thanks in advance


    --- Monolith --- Q10SQN100-3/10.3.2.2639
    09-14-15 09:06 AM
  8. FijiBB's Avatar
    Monolith: the account must support Active Sync. I am not sure if it works with WP. I bet it doesn't.

    Posted via CB10
    09-14-15 01:34 PM
  9. monolith82's Avatar
    Monolith: the account must support Active Sync. I am not sure if it works with WP. I bet it doesn't.

    Posted via CB10
    OK, thanks. I will check with my email account provider if it support Active Sync technology, but looks like is not. I thought new OS update will bring PGP encryption to all masses.


    --- Monolith --- Q10SQN100-3/10.3.2.2639
    09-14-15 04:45 PM
  10. monolith82's Avatar
    Checked my email provider and ActiveSync is only provided to synchronise contacts not mail. Emails are available only via POP3/IMAP/SMTP protocols. So PGP encryption will not work for me then using my BlackBerry Q10

    Why new OS update regarding PGP encryption is limited only to BES accounts or non-BES accounts using ActiveSync protocols? Am I missing something or this is just silly. Simple feature like that is available for free on any laptop/PC with any OS and software.
    Please don't get me wrong, BlackBerry Q10 was well thought choice of mine purely for security and stability of the OS, however some ridiculous limitations set up by developers/RIM are beyond my logical thinking

    All the best to all BlackBerry fans and users and hopefully next OS update will bring simple features like encryption


    --- Monolith --- Q10SQN100-3/10.3.2.2639
    09-14-15 07:10 PM
  11. uvampelj's Avatar
    My email provider does support active sync, however I still cannot get it to work, as downloading emails stops at around 95% than I get the before mentioned problem..
    Did anyone actually made it work so far?

    Posted via CB10
    09-15-15 12:40 AM
  12. polytan02's Avatar
    Checked my email provider and ActiveSync is only provided to synchronise contacts not mail. Emails are available only via POP3/IMAP/SMTP protocols. So PGP encryption will not work for me then using my BlackBerry Q10

    Why new OS update regarding PGP encryption is limited only to BES accounts or non-BES accounts using ActiveSync protocols? Am I missing something or this is just silly. Simple feature like that is available for free on any laptop/PC with any OS and software.
    Please don't get me wrong, BlackBerry Q10 was well thought choice of mine purely for security and stability of the OS, however some ridiculous limitations set up by developers/RIM are beyond my logical thinking

    All the best to all BlackBerry fans and users and hopefully next OS update will bring simple features like encryption


    --- Monolith --- Q10SQN100-3/10.3.2.2639

    I personally think that BlackBerry "locked" the use of this function to a dedicated system to avoid non compatibility issues.

    There is nothing more frustrating while your are on the go that a message you cannot decrypt

    Hopefully, this is just a first step (the feature seems quite recent according to BlackBerry standard) and it may be extended in the future to GPG too. After, we notice that they want revenue from services and this may mean forcing to have a BES or some sort of BlackBerry paid account for it to work.

    I don't really know what to think about it. I really wish to be able to decrypt any email such as enigmail or download keys from public servers automatically as I do with thunderbird....all of that from my phone.

    There is no other solution working seamlessly for GPG PGP at this stage on the market, and it may be a good thing for BlackBerry to achieve it !

    Posted via CB10
    09-15-15 01:30 AM
  13. MeerMusik's Avatar
    Once again: PGP is supported if you:
    * Have an Activesync Account - with or without BES
    * Having an IMAP Account with BES

    It does NOT work if you:
    * Have an IMAP Account without BES

    Me and other People are "hunting down" the BlackBerry Developers and asking for it in i.e. every single Beta Zone Survey since Day 0 - no such Luck yet.

    And as it currently stands, it will also not be supported in 10.3.3 nor in any other future BB10 Version - BlackBerry uses this still as a selling point for their BES.

    Via CB10 App. STL100-2 @ 10.3.X Official Beta
    09-15-15 06:29 AM
  14. monolith82's Avatar
    Once again: PGP is supported if you:
    * Have an Activesync Account - with or without BES
    * Having an IMAP Account with BES

    It does NOT work if you:
    * Have an IMAP Account without BES

    Me and other People are "hunting down" the BlackBerry Developers and asking for it in i.e. every single Beta Zone Survey since Day 0 - no such Luck yet.

    And as it currently stands, it will also not be supported in 10.3.3 nor in any other future BB10 Version - BlackBerry uses this still as a selling point for their BES.

    Via CB10 App. STL100-2 @ 10.3.X Official Beta
    OK, received, however not entirely understood. Do you know any logical reason for such configuration (IMAP-BES, ActiveSync etc.) apart from that RIM wants to force us to buy BES or other solutions? ActiveSync is Microsoft technology, why not IMAP accounts without BES then?


    --- Monolith --- Q10SQN100-3/10.3.2.2639
    09-15-15 07:56 AM
  15. MeerMusik's Avatar
    OK, received, however not entirely understood. Do you know any logical reason for such configuration (IMAP-BES, ActiveSync etc.) apart from that RIM wants to force us to buy BES or other solutions? ActiveSync is Microsoft technology, why not IMAP accounts without BES then?


    --- Monolith --- Q10SQN100-3/10.3.2.2639
    The reason is Money. Like I said: BlackBerry keeps using IMAP PGP Support as a selling point for their BES Products. The Code for PGP/GPG Support is in the OS since Version 10.0.0.xxxx and has started fully working since Version 10.0.1.xxxx

    The Functionality is the Code since Version 10.0.1.xxxx - it is just disabled for People who don't use a BES Product. That's the whole point.

    Via CB10 App. STL100-2 @ 10.3.X Official Beta
    09-15-15 10:00 AM
  16. Jose Casiano's Avatar
    Care to elaborate?
    Because it's "preety good privacy" it's not great hahahah

    Posted via CB10
    Jake2826 likes this.
    09-18-15 05:23 PM
  17. monolith82's Avatar
    Because it's "preety good privacy" it's not great hahahah

    Posted via CB10
    Hahaha well done, good one

    --- Monolith ---  Q10SQN100-3/10.3.2.2639 
    09-21-15 10:18 AM
  18. Malaguti77's Avatar
    For the Use of PGP/GPG on Blackberry10 I wasn't able to bring this to success with the tools came with BB10

    For me I Use a workaround cause I have no Active-Sync mailaccount anywhere.

    I Use 2 IMAP Accounts and have installed two Android-Apps to use PGP/GPG at my BB-Passport.
    The K9-Mail with APG does the job fo me.

    The only problem is, if I receive a encrypted message I can't read them inside the hub. Here I must start K9 and decrypt it there with the integrated APG.
    Both Apps are OpenSource, so I don't have to pay for any BES or other Commercial services. If there in future a solution to do this with a BB10 only environment I will change back. The limitation to use PGP only with active-sync or BES is not acceptable for me.
    I have not seen any Problems with PGP Keys, GPG Keys, or malformed PGP-mime implementation.
    may be I will complete switch e-mail usage to the K9-Client. I like the hub, but security is more important as comfort.
    I hope there will be a BBonly environment for PGP with the same usability as the android app bundle with K9 and APG.

    Malaguti77
    melander likes this.
    09-26-15 07:47 AM
  19. tickerguy's Avatar
    K9 has worked for this since the very early BB10 days. I used to run K9email on my Android devices because at the time it was the only means of secure email on that platform.
    09-26-15 09:04 AM
  20. geodorn's Avatar
    Currently on 10.3.2.500 it seems to be limited to messages you send from the device. You can encrypt and sign a message from the device and it will be decrypted fine on an other BB10 10.3.2.500 device. But these messages do not appear correct in Outlook or Thunderbird, they come with strange attachments (.bin which contains the pgp encrypted text). As well you cannot decrypt pgp encrypted messages sent via Outlook Privacy Plugin or Thunderbird Enigmail on the device. I'm quite sure that this functionality will appear in upcoming versions, this beta seems to be the beginning.
    Update:
    It seems that BlackBerry only fully supports the Symantec PGP solution:
    https://www4.symantec.com/Vrt/offer?a_id=182814
    Setup:
    Office 365 Exchange Account
    BES Cloud (not required)
    Outlook 2013
    With Outlook and the free Open PGP Privacy Plugin, I cannot decrypt my PGP messages sent from Outlook received on the BlackBerry device. And PGP messages sent from the BlackBerry device cannot be decrypted in Outlook.
    When using the Symantec Desktop Email Encryption in Outlook everything is fine.
    Unfortunately this is a 175 Dollar investment after the free trial, too bad that Open PGP is not supported.
    09-30-15 03:55 PM
  21. FijiBB's Avatar
    So, finally, what are the alternatives? PGpgp, k9/apg... something else?
    10-01-15 07:38 AM
  22. tipplex's Avatar
    Why not bes12 cloud if you want pgp?

    Posted via CB10
    11-05-15 11:06 AM
  23. ofutur's Avatar
    Why not bes12 cloud if you want pgp?

    Posted via CB10
    It doesn't change anything, same enc/decoder which doesn't work very well. Same for the S/mime engine which fails to validate even certificates from banks.
    11-05-15 11:11 AM
  24. tipplex's Avatar
    Ok. Didnt notice that. Been useing smime for a time.

    Posted via CB10
    11-05-15 11:24 AM
  25. cveks's Avatar
    I actually think BB10 does support PGP/Mime. I am on the latest leaked BB10 version and basically as reported on crackberry, when sending out emails, we are able to decrypt it on third party clients (Enigmail). However when sending encrypted emails to the BB10, we are unable to decrypt. The difference I see with the emails sent from the BB device and the third party clients is the "attachment names". When the BB device sends out an email I see two attachments:

    application1.pgp-encrypted (0 bytes)
    application2.octet-stream (the PGP encrypted message)

    When I use a third party PGP/mime implementation (Enigmail) I see the following:

    application1.pgp-encrypted
    encrypted.asc

    I will try playing with an linux mail system to send out an octet-stream with the pgp message. Maybe it will decrypt it then. Might also have to bug my mail service (has the feature of encrypted all incoming email with a PGP public key) to maybe change it to a more BB device friendly implementation.
    I have same problem. I just checked emails in inbox via webmail and problem is that BlackBerry OS 10.3.2 device sends Pgp message not as plain text but as attachment. Because of that other device can't decrypt and I see blank screen. But if I open attachment and send Pgp message from webmail as plain text it works and decrypts fine. So IMHO problem is bug in 10.3.2 which sends Pgp message attached even if you select plain text mode instead html mode when you compose message.

    I use 10.3.2.2530 on BlackBerry Passport

    Posted via CB10
    12-14-15 05:12 AM
156 ... 4567

Similar Threads

  1. New Classic on Amazon for only $379.99
    By Steveo989 in forum BlackBerry Classic
    Replies: 10
    Last Post: 03-25-15, 12:10 PM
  2. Delete auto suggestions on keyboard
    By pankajupadhyay05 in forum BlackBerry 10 OS
    Replies: 4
    Last Post: 03-24-15, 09:56 PM
  3. Can I get help with my Q10 OS 10.3.1.2576?
    By Sameeh657 in forum BlackBerry 10 OS
    Replies: 3
    Last Post: 03-24-15, 04:35 PM
  4. How do I edit the Calendar on Z10?
    By Kicker-69 in forum Ask a Question
    Replies: 1
    Last Post: 03-24-15, 03:30 PM
  5. Font size on lock screen
    By redlightblinking in forum BlackBerry Classic
    Replies: 2
    Last Post: 03-24-15, 02:30 PM
LINK TO POST COPIED TO CLIPBOARD