- If you password protect your BlackBerry, the internal data is fairly secure. Not as good as encryption, but BlackBerry doesn't have a history of lock screen issues, unlike the iphone.
Nothing on the SDHC is private.
Incidentally you can back up your BlackBerry data on a linux box if you really want security.
Posted via CB1009-04-14 07:32 PMLike 0 -
-
If you are suggesting that BlackBerry also store the key on a system that your BlackBerry ID can access, then that is possible. However that opens up BlackBerry from a liability aspect for being the ones who are responsible for maintaining the key. Imagine if they lost your key and you needed it to decrypt data, or even worse it was stolen and used to access a lot of data you had encrypted. And then there is a potential cost to maintaining your keys.
Don't get me wrong, it is possible to store the keys somewhere in the cloud, but there are a number of aspects that make it something that would require some serious planning on their part.
Posted via CB10 on my Z30STA100-5/10.2.1.333709-05-14 06:24 PMLike 0 - I use the encryption but not on the SD card and I don't keep anything on my SD card that I'm not afraid others to see.
Posted Pantlessly via My Kick @ss Z30!!!09-05-14 06:37 PMLike 0 - I also use encryption on my z30, but not the SD card. I like the idea of my personal data having a layer of protection, something my iPhone 5s didn't have.
Sent from my Lovely z30 on T Mobile USA (10.3.0.1154)09-05-14 07:09 PMLike 0 - I should point out that it was possible to crack the encryption on the phone based on data on the encrypted SD card. So for a while, it was suggested not to encrypt the SD card, just the phone. I believe that issue no longer exists, but it would be worth an internet search if somebody is really paranoid.
Actually this coming back to me. Elcomsoft.
http://www.elcomsoft.com/
That should narrow your search.
Posted via CB1009-05-14 07:23 PMLike 0 - I should point out that it was possible to crack the encryption on the phone based on data on the encrypted SD card. So for a while, it was suggested not to encrypt the SD card, just the phone. I believe that issue no longer exists, but it would be worth an internet search if somebody is really paranoid.
Actually this coming back to me. Elcomsoft.
http://www.elcomsoft.com/
That should narrow your search.
Posted via CB10
Posted via CB1009-05-14 09:58 PMLike 0 -
I think a lot of people missunderstand what protection device encryption gives you. If an attacker can convince the device they are you by guessing your password, or by finding a vulnerability that gets them past the lock screen the device encryption will have no effect at all. If the device is running, then it has to be able to decrypt the internal storage.
What device encryption protects you from is someone getting your device and accessing the storage by technical means. Removing the memory and reading it out on another computer. Or booting a different OS where they have full access to the storage image.
That is a pretty high bar. So for most people a good device password is sufficient.
The SDCARD is different because it is easy to remove and read on a laptop, or other smartphone.
Posted via CB1009-06-14 11:29 AMLike 0 - As long as the lock screen works, ad password should be enough security for most people. But it depends on the lock being secure. OK of BlackBerry, not so good on others phones.
IOS 7 had three lock screen bugs. One exploit will not be fixed in 7. The lock screen can be bypassed with Siri enabled. Samsung has lock screen bugs often.
There is some option in bb10 to have messages appear on the screen. I disabled that. Probably BlackBerry being BlackBerry, it is secure, but I see this as another attack vector.
Posted via CB1009-06-14 12:12 PMLike 0 - As long as the lock screen works, ad password should be enough security for most people. But it depends on the lock being secure. OK of BlackBerry, not so good on others phones.
IOS 7 had three lock screen bugs. One exploit will not be fixed in 7. The lock screen can be bypassed with Siri enabled. Samsung has lock screen bugs often.
There is some option in bb10 to have messages appear on the screen. I disabled that. Probably BlackBerry being BlackBerry, it is secure, but I see this as another attack vector.
Posted via CB10
Posted via CB1009-06-14 04:03 PMLike 0 - History is full of programmers that have screwed up lock screens. Remember, desk top PCs use lock screens too. The lock screen is one thing you don't mess with once you have it right.
http://www.itnews.com.au/News/384036...old-enter.aspx
We are talking lynch pin here.
Yet the US government buys iphones. Not so much at the DOS, but the DOJ are real fanbois. The DOD seems to have abandoned iphones, but use ipads.
BTW, BlackBerry World has lock screen apps. Seriously, who would trust a lock screen app? And why would BlackBerry approve such apps?
Android has them too.
http://android.appstorm.net/roundups...r-lock-screen/
But worst of all is Apple adding yes another attack vector in IOS8:
http://m.fastcompany.com/3031503/mos...based-on-locat
Posted via CB1009-06-14 08:11 PMLike 0 - diegoneiRetired Mod & AmbassadorI think a lot of people missunderstand what protection device encryption gives you. If an attacker can convince the device they are you by guessing your password, or by finding a vulnerability that gets them past the lock screen the device encryption will have no effect at all. If the device is running, then it has to be able to decrypt the internal storage.
People don't need to break your password to be grabbign info from an open WiFi hotspot.
So far, no news of a way to bypass the BB10 lockscreen.09-07-14 10:51 PMLike 0 - Haflway right. If somebody is eavesdropping on your connection, having it enabled will mean he won't be able to see what's going on. No email, PIM, appointment, location data or attchment will be compromised.
People don't need to break your password to be grabbign info from an open WiFi hotspot.
.
Posted via Verizon Z10!diegonei likes this.09-07-14 11:16 PMLike 1 - Haflway right. If somebody is eavesdropping on your connection, having it enabled will mean he won't be able to see what's going on. No email, PIM, appointment, location data or attchment will be compromised.
People don't need to break your password to be grabbign info from an open WiFi hotspot.
Posted via CB10vrud likes this.09-08-14 04:09 AMLike 1 - Haflway right. If somebody is eavesdropping on your connection, having it enabled will mean he won't be able to see what's going on. No email, PIM, appointment, location data or attchment will be compromised.
People don't need to break your password to be grabbign info from an open WiFi hotspot.
Suit yourself, but it only opens after the right password is entered. 10 wrong attempts wipes the device as usual.
So far, no news of a way to bypass the BB10 lockscreen.
http://en.m.wikipedia.org/wiki/Attack_surface
By putting crap on the lock screen, Apple has managed to screw up multiple times. Same for Samsung.
Secure lock screen programming is way harder than you think. Less is more, because less decreases the attack surface.
Posted via CB1009-08-14 05:07 AMLike 0 -
Not to pick on Apple, but they suck at lock screen, so let me use them as an example of increasing the attack surface. You can use Siri on a locked iphone. But there us a lock screen bypass using Siri that isn't patched in IOS7. Apple increased the attack surface and made the lock screen less secure.
Look at this now patched Android lock screen bypass:
http://m.androidcentral.com/samsung-...ulous-trickery
You don't need the password. That is why you call it a hack. Every feature you put on the lock screen increases the attack surface, hence you want as few functions on the lock screen as possible.
Posted via CB1009-08-14 04:46 PMLike 0 - Device memory encryption prevents an attacker from extracting flash memory chip from the device and reading information from it using some electronic tools. Personally I find likelihood of this happening to my Z10 small.
Properly implemented device encryption must also erase RAM memory blocks that keep private key to decrypt the data.
If this is not done, then an attacker can read RAM blocks and find the key to read photos from flash.
This was easily done on android phones with unlocked bootloader (search for frost) but I haven't seen similar cases for BB, perhaps due to locked bootloader or maybe due to wiping of the keys.
I don't encrypt my Z10 but I do have a strong password.09-08-14 05:13 PMLike 0 - diegoneiRetired Mod & AmbassadorYou don't get it.
No, I did get your point. I didn't dismiss it. I offered a fact instead.
Hackers need to exploit the attack surface. If there is a bug in the how the messages are displayed on the lock screen, they would hack it without having to enter the password.
If being the keyword. So far, there doesn't seem to be one.
Posted via CB10
BB10 is indeed coded with security in mind since the device is to be used by government reps and top execs. Just because a feature is prone to issues and security breaches in other platforms, it does not means the same hold for BB10.
So what lock screen gimmicks make for another attack vector if the holes are plucked? That's my point. The device won't unlock if you have a password set if the password isn't entered and untill we SEE the bug/exploit proving this wrong, this is my final statement on this.
So far, there is no such issue.09-08-14 07:00 PMLike 0
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
BlackBerry security encryption
Similar Threads
-
BlackBerry With A Swivel Camera
By Jonathank in forum General BlackBerry News, Discussion & RumorsReplies: 13Last Post: 09-04-14, 05:56 AM -
BlackBerry os10
By mascot4u in forum Ask a QuestionReplies: 1Last Post: 09-01-14, 08:11 PM -
need more crackberry fans and their ideas to sign up here: https://blackberry.icanmakeitbetter.com/
By airmo in forum Ask a QuestionReplies: 1Last Post: 09-01-14, 06:13 PM -
It's important to remember that BlackBerry is more than just a smartphone manufacturer
By CrackBerry News in forum CrackBerry.com News Discussion & ContestsReplies: 0Last Post: 09-01-14, 05:12 PM -
Could the massive iCloud hack lead to a mass exodus of celebs to BlackBerry?
By saintforlife in forum General BlackBerry News, Discussion & RumorsReplies: 1Last Post: 09-01-14, 04:19 PM
LINK TO POST COPIED TO CLIPBOARD