- @gariac
@jpvj
All good points, but I still don't see a need for OMA-DM here.
If my pc would start an attack, my local ISP would also not stun my pc...wouldn't even cut me off from the network, though this less invasive countermeasure could be a reasonable compromise.
Posted via CB1008-23-14 06:00 PMLike 0 -
Posted via CB1008-23-14 06:04 PMLike 0 - @gariac
@jpvj
All good points, but I still don't see a need for OMA-DM here.
If my pc would start an attack, my local ISP would also not stun my pc...wouldn't even cut me off from the network, though this less invasive countermeasure could be a reasonable compromise.
The problem with wireless connectivity is you have to listen to "anything" incoming. A cabled connection can be disconnected.
IMHO OMA-DM is not meant as a tool to resolve this issue.
Posted via CB1008-23-14 06:27 PMLike 0 -
Good, so ISPs may have a peripheral control over a modem or even a router, but never control over the OSs of the devices (pc, tablets, smartphones) which are connected to the local network.
Peripheral control is okay for me, because it doesn't increase the risks much.
Basically every "network provider" is logging traffic and has a perfect MITM position, so the security level doesn't change much, if ISPs control customized modems/routers of their clients.
But coming back to BlackBerry and smartphones.
I think you brought up a reasonable argument here
After our discussion, I still have the impression that providers can simply shut down the service for a simcard if their network is under attack.
And regarding your example of a psycho-app, there is indeed significant control:
Brazil Orders Apple To Use iPhone App 'Kill Switch' - Business Insider
Apple, Google and MS can do it.
BlackBerry can probably also do it.
Apps which could be maybe "out of control" could be from alternative appstores or if one directly installs an apk.
(also jailbreaks like CyanogenMod or Cydia are somewhat "out of control", but if that would be a way to get rid of OMA-DM...jailbreaks would be a considerable alternative for private use).
Again, I see no need to install OMA-DM on BlackBerries to prevent network attacks.
More important:
The Apple-model is excellent prove for years that also these code reviews by carriers are NOT needed to secure their networks.
And iOS is by far not on the same stable level BB 10 is.08-24-14 10:50 AMLike 0 -
Yup, your comments never gave me the impression of you being a big OMA-DM supporter.
FUMO
‐ Firmware Update Management Object (FOTA)
- Install and manage firmware over the air updates.
ConnMO
‐ Connectivity Management Object
– Manage cellular and baseband parameters ‐ APNs, CDMA sefngs, Band Channels, CSIM/
UICC, LTE, IMS, VoWIFI,etc
LAWMO
‐ Lock and Wipe Management Object
- Lock, factory reset, wipe, and power cycle devices
DCMO
‐ Device Capabilities Management Object
- Manage device functionality such as encryption settings, camera control, bluetooth, GPS, etc
DiagMon
‐ Device Diagnostics Management Object
– Manage and monitor RF settings, Battery Status, Memory Usage, Process list, etc
SCOMO
‐ Software Component Management Object
- The ability to remotely Install, Remove, Activate, Deactivate Software applications
Many More...08-24-14 11:05 AMLike 0 - http://www.welivesecurity.com/2014/0...id-security-2/
Some dubious article about fake towers. Given that the base of the article is from Popular Science, I'm skeptical.
I can tell you I never saw a fed or military in a black SUV in the desert. They drive white SUVs.
Posted via CB1009-02-14 06:48 AMLike 0 - Android security mystery - 'fake? cellphone towers found in U.S.
Some dubious article about fake towers. Given that the base of the article is from Popular Science, I'm skeptical.
Crytophones Encrypt Calls Against Surveillance | MIT Technology Review
I do hope BlackBerry is watching what ESD America is offering here.
When I look at the original article from PoSci, well, I have to say things like a "baseband firewall" are basically the sort of candy that I am missing for my Q5...haha.09-02-14 08:17 AMLike 0 - IMSI catcher and baseband attacks are subject to serious research, and it seems that the GSMK CryptoPhone is in direct competition with the BlackBerry/Secusmart solution.
Crytophones Encrypt Calls Against Surveillance | MIT Technology Review
I do hope BlackBerry is watching what ESD America is offering here.
When I look at the original article from PoSci, well, I have to say things like a "baseband firewall" are basically the sort of candy that I am missing for my Q5...haha.
I do run a tower sniffer when travelling. I didn't see anything funny in Las Vegas. I've stayed at South Point (casino mentioned in adticle) many times. Nothing funny sniffed there.
I have a few rural tower sniffing files that I haven't reviewed.
Posted via CB1009-02-14 12:19 PMLike 0
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
BlackBerry security thoughts (Warning: Long post)
« 10.3.xx.xxx @ STL100-1 battery level notification
|
So once again my "obsolete" phone saves the day... »
Similar Threads
-
Connecting Q10 via wifi with BlackBerry Link
By BermudaPool in forum BlackBerry Q10Replies: 5Last Post: 08-14-14, 04:06 PM -
T-Mobile and Blackberry Passport
By Calvin Harris in forum BlackBerry PassportReplies: 16Last Post: 08-14-14, 01:24 PM -
Blackberry wont turn on, HELP!!! please
By CrackBerry Question in forum Ask a QuestionReplies: 1Last Post: 08-13-14, 12:34 PM
LINK TO POST COPIED TO CLIPBOARD