[Leyra B10]

If you look at what I (recently) wrote I never suggested that BlackBerry do this. I also said the expense is huge for potential adopters, because of entrenched knowledge and systems. Which, to be clear, would each need replacing. But the real reason is that few people in the field of Computer Science and industry are ready to admit that what we have no longer fulfills our needs when it comes to privacy or even security.

I have to question your thought process here, I understand and aggree that privacy and security are important. And while it's great if a company can provide that for their consumers at what point do you stop worrying about yourself. I'm not saying sleep with a loaded gun, just take a minute to step back and look at the obvious and stop exposing 'real' information over any of the mediums that raise a red flag.

Posted via CB10

[DonHB]

just take a minute to step back and look at the obvious and stop exposing 'real' information over any of the mediums that raise a red flag.

Posted via CB10

The point is to create a system where sharing of information can be controlled even after It is present on the target system. Where information could also be executables. Something both consumers and businesses would find useful. Existing systems do not provide this capability and it should be considered standard plumbing.

This is different from the cloud which is a third party middleman which is essentially a client server solution instead of peer-to-peer.

[Leyra B10]

The point is to create a system where sharing of information can be controlled even after It is present on the target system. Something both consumers and businesses would find useful. Existing systems do not provide this capability and it should be considered standard plumbing.

This is different from the cloud which is a third party middleman which is essentially a client server solution instead of peer-to-peer.

I think I see what you are saying. Ive heard of something like this with quantum computing and block chain.

I'm thinking from a very abstract perspective but has to do with the geometry of the electrical components in relation to the software interface and the network.

Star quad cable has some interesting properties that might be relevant to the scheme of things suggested in this thread.

Posted via CB10

[HabsFan9860]

I think I see what you are saying. Ive heard of something like this with quantum computing and block chain. Star quad cable has some intersting properties that might be relevant.

Posted via CB10

...after reading a few of his posts (a few times over to verify my thought), I think what he's getting at...again I could be right out in left field...but I'll give it a go (if I'm correct than I somewhat agree with his thoughts...albeit too wordy)...

I think the point is to either bring in a new (or refresh an old one ie. BB10 updated) system to give an option to the current status quo. Systems that we have just become complacent to...sharing whatever extra information said systems deem it necessary to do the simple tasks we want to do on our phones. We have accepted that we have had to 'give up' a certain amount of privacy and security these days because they 'say so'.

But everything was all flash and mirrors (I still never understand the point of an Apple commercial) to get our attention to use the two main devices...developers just going along and not wanting to work on a third option (never really understood that when multiple other industries have to make/develop more than two options, but I'm not a programmer so...).

If that's the case, I get it...I've never really felt comfortable with the two current options (and that goes further than just the security aspects)...this is why I've dealt with the work arounds to keep both my work and personal BB10 phones running (Z30 and Passport respectively)...but again who knows, I may have misinterpreted him completely.

Posted on my Powerful Passport

[Chuck Finley69]

...after reading a few of his posts (a few times over to verify my thought), I think what he's getting at...again I could be right out in left field...but I'll give it a go (if I'm correct than I somewhat agree with his thoughts...albeit too wordy)...

I think the point is to either bring in a new (or refresh an old one ie. BB10 updated) system to give an option to the current status quo. Systems that we have just become complacent to...sharing whatever extra information said systems deem it necessary to do the simple tasks we want to do on our phones. We have accepted that we have had to 'give up' a certain amount of privacy and security these days because they 'say so'.

But everything was all flash and mirrors (I still never understand the point of an Apple commercial) to get our attention to use the two main devices...developers just going along and not wanting to work on a third option (never really understood that when multiple other industries have to make/develop more than two options, but I'm not a programmer so...).

If that's the case, I get it...I've never really felt comfortable with the two current options (and that goes further than just the security aspects)...this is why I've dealt with the work arounds to keep both my work and personal BB10 phones running (Z30 and Passport respectively)...but again who knows, I may have misinterpreted him completely.

Posted on my Powerful Passport

The problem is simply not enough people have really cared to make enough difference to cover all those costs.

[Dunt Dunt Dunt]

The problem is simply not enough people have really cared to make enough difference to cover all those costs.

Working for the good of all mankind.... sounds noble. But it doesn't pay the bills, and human nature is to make money.


But where he loses most everyone, is going back and trying to make QNX a part of all this..... BlackBerry is one of the biggest out for themselves and not worried about the good of their customers, much less mankind.

[DonHB]

Working for the good of all mankind.... sounds noble. But it doesn't pay the bills, and human nature is to make money.


But where he loses most everyone, is going back and trying to make QNX a part of all this..... BlackBerry is one of the biggest out for themselves and not worried about the good of their customers, much less mankind.

What is interesting is that Huawei, even before the company was confronted with the loss of Android, had essentially cloned QNX. Conite suggested that the reason the company had decided to bring HarmonyOS to cell phones was due to this loss. I suggest instead that the company didn't bother porting it to its cell phones because they were able, until recently, to use Android. How quickly the company will have phones using HarmonyOS suggests that it was designed to support many solutions and that in the past year or so since the announcement it was likely doing QA on existing code.

Can't argue with your comment, but it could also be once burned...

[DonHB]

I think I see what you are saying. Ive heard of something like this with quantum computing and block chain.

I'm thinking from a very abstract perspective but has to do with the geometry of the electrical components in relation to the software interface and the network.

Star quad cable has some interesting properties that might be relevant to the scheme of things suggested in this thread.

Posted via CB10

The real problem is that no-one wants to admit that we need new abstractions for sharing information. If you look at documentation for OSes supporting POSIX or competing with those OSes that do, when referring to security features the focus is about limiting access rather than controlling the sharing of information. Not too surprising when the origins of POSIX predate the Internet.

It is interesting to note that the OS Microsoft acquired that became Windows NT had many features for controlling access to information. Microsoft decided to hide, for most purposes, this functionality, exposing what would make it comparable to POSIX. These hidden features were also complex and the original OS that Windows NT was built upon could be considered an extension of VMS that was created by Digital Equipment Corporation.

If you look further back in time you can see what security features the precursor to *nix had and how Multics provided support for sharing information in a time sharing system. Later in the early days of PC-DOS networking, Netware had features for sharing information (yes, it was just client/server) that was more extensive than what Windows NT officially supported, but it required applications to use extensions to DOS and Windows. So, few apps used these features and on a LAN this lack was less impactful.

Ultimately, all these systems based upon POSIX, were originally designed for private networks (i.e internets) and features were added to adapt them for the "Wild West" known commonly as the Internet.

There have been attempts at commercializing new OSes, but mostly the focus was on other things than the controlled sharing of information. Also, note that 80486 had instructions and modes to allow the implementation of Multics on it. But *nix never implemented the security features of Multix.

[conite]

The real problem is that no-one wants to admit that we need new abstractions for sharing information.

No one wants to bother because what we have works pretty well, on balance, for ALL the things we want platforms to do and how we want them to behave.

And if we were to start all over again from scratch, it certainly wouldn't be with an outdated closed-source platform.

[DonHB]

No one wants to bother because what we have works pretty well, on balance, for ALL the things we want platforms to do and how we want them to behave.

And if we were to start all over again from scratch, it certainly wouldn't be with an outdated closed-source platform.

So, you believe the security breaches are due to miss management and that a new model would not make things easier?

If it would be done what platform would you pick or would you start from scratch?

At one point QNX was open source. BlackBerry could consider opening the underlying OS that its different platforms are based upon (i.e. Car, Medical, etc.) with the differentiating code remaining proprietary. Adopt a model similar to the one Red Hat used that got it acquired by IBM. Could motivate building new tools which could remain proprietary.

[conite]

So, you believe the security breaches are due to miss management and that a new model would not make things easier?

What security breaches are you specifically referring to?

[DonHB]

What security breaches are you specifically referring to?

There have been many over the years. I am suggesting a new compute model that takes controlled secure information sharing as the primary goal. What "current" platform do believe is most suitable to begin work on such a solution?

[conite]

There have been many over the years.

What "many"? Where? How?

What specific attack vector(s) are you referring to?

[Chuck Finley69]

There have been many over the years. I am suggesting a new compute model that takes controlled secure information sharing as the primary goal. What "current" platform do believe is most suitable to begin work on such a solution?

What does USA military and DOD use for instance?

[bb10adopter111]

The real problem is that no-one wants to admit that we need new abstractions for sharing information.

This I agree with, but that kind of data isn't modeled at the OS level. It's application data, and there are many, many ways to solve this problem that can be implemented on virtually any OS equally well.

Z10 = BB10 + VKB > iOS + Android

[DonHB]

This I agree with, but that kind of data isn't modeled at the OS level. It's application data, and there are many, many ways to solve this problem that can be implemented on virtually any OS equally well.

Z10 = BB10 + VKB > iOS + Android

The reason to do it in the OS is that it is more transparent and is easier for things to just work. It could also reduce developers' work. When I wrote information I meant both code AND data. It would also monetize the sharing of this information. It also can be made compatible with "other" OSes with apps and this may entice people to adopt the "platform" because of the improved ease of use.

Imagine that I show you a new app and you want to try it out. I send it too you and because I sent it to you instead of you downloading it from the company, you get an extended trial period before it prompts you that to continue use you will be charged. It would also determine what payments method to offer you based on the developer's and your preferences. It would also allow developers of content (or code) to have their own portals. App stores could go away and purchases of content would also no longer require the usual sites. Properly done, everyone in the supply chain could decide how to be compensated for their work, including the platform developer.

Because QNX, presumably, is easy to strip down, I would hope to the resource management pieces, it looks like a a good foundation. I don't know how much of the old could coexist with the new as the platform is prototyped. That it supports real-time and embedded requirements opens more possibilities.

[conite]

The reason to do it in the OS is that it is more transparent and is easier for things to just work. It could also reduce developers' work. When I wrote information I meant both code AND data. It would also monetize the sharing of this information. It also can be made compatible with "other" OSes with apps and this may entice people to adopt the "platform" because of the improved ease of use.

Imagine that I show you a new app and you want to try it out. I send it too you and because I sent it to you instead of you downloading it from the company, you get an extended trial period before it prompts you that to continue use you will be charged. It would also determine what payments method to offer you based on the developer's and your preferences. It would also allow developers of content (or code) to have their own portals. App stores could go away and purchases of content would also no longer require the usual sites. Properly done, everyone in the supply chain could decide how to be compensated for their work, including the platform developer.

Because QNX, presumably, is easy to strip down, I would hope to the resource management pieces, it looks like a a good foundation. I don't know how much of the old could coexist with the new as the platform is prototyped. That it supports real-time and embedded requirements opens more possibilities.

This could all be easily coded on existing popular platforms, but no one would ever want it like this.

[DonHB]

This could all be easily coded on existing popular platforms, but no one would ever want it like this.

You make one off comments without any reasons. Say why?

[conite]

You make one off comments without any reasons. Say why?

The fact that you can code this in Android, for instance, is obvious.

And no one wants an Amway model for app distribution.

[DonHB]

The fact that you can code this in Android, for instance, is obvious.

And no one wants an Amway model for app distribution.

With a huge amount of additional infrastructure. Amway? Seriously? Not even close.

[Chuck Finley69]

With a huge amount of additional infrastructure. Amway? Seriously? Not even close.

What base system does the military or DOD use? If security and privacy is the goal, wouldn’t that be the route to go?

[bb10adopter111]

The reason to do it in the OS is that it is more transparent and is easier for things to just work. It could also reduce developers' work. When I wrote information I meant both code AND data. It would also monetize the sharing of this information. It also can be made compatible with "other" OSes with apps and this may entice people to adopt the "platform" because of the improved ease of use.

Imagine that I show you a new app and you want to try it out. I send it too you and because I sent it to you instead of you downloading it from the company, you get an extended trial period before it prompts you that to continue use you will be charged. It would also determine what payments method to offer you based on the developer's and your preferences. It would also allow developers of content (or code) to have their own portals. App stores could go away and purchases of content would also no longer require the usual sites. Properly done, everyone in the supply chain could decide how to be compensated for their work, including the platform developer.

Because QNX, presumably, is easy to strip down, I would hope to the resource management pieces, it looks like a a good foundation. I don't know how much of the old could coexist with the new as the platform is prototyped. That it supports real-time and embedded requirements opens more possibilities.

Absolutely no one in 2020 manages application data structures in the OS. That's only done in monolithic programming endeavors like those from the 1960s and 70s. In modern object-oriented programming, the OS is for essential software drivers, I/O, and file management.

What does make sense would be a new data model for privacy and security that encapsulates the user's personal information and creates trusted, but revocable credentials for use with services like app stores, corporate logins, etc. But that could be done with equal ease for Android, iOS, Linux, Windows, MAC OS, etc, and would work best if it was interoperable across all platforms.

After all, if Android doesn't ever know your identify, it can't share it. This is a viable approach with Android already, but it requires knowledge and effort by the user and is limited by policies in Google Android (but not by the actual architecture or technology).

Z10 = BB10 + VKB > iOS + Android

[m3mb3rsh1p]

What does make sense would be a new data model for privacy and security that encapsulates the user's personal information and creates trusted, but revocable credentials for use with services like app stores, corporate logins, etc. But that could be done with equal ease for Android, iOS, Linux, Windows, MAC OS, etc, and would work best if it was interoperable across all platforms.

BlackBerry has been providing software that does all this for a while now. Below is a link to Spark, but they have other solutions as well.

https://www.blackberry.com/us/en/sol...t-security-ues

If we're still discussing current tech that could be added to BB10, I suppose the HTML5 endpoint could be used to enable BB10 users to remain connected to their colleagues on newer devices using BlackBerry Spark.

Perhaps ideas on better security models for the future could be moved to a new thread?

Security-wise, BB10's posix system API should make porting current versions of security/system libraries like ssl and samba fairly straightforward for the interested developer to port.

One disappointing thing I learned recently is that my BlackBerry Motion isn't certified for Widevine L1 which means I can't play protected HD video. We'd need this to be able to play content from such sources as Netflix, even if the browser was updated.

[Leyra B10]

What does make sense would be a new data model for privacy and security that encapsulates the user's personal information and creates trusted, but revocable credentials for use with services like app stores, corporate logins, etc. But that could be done with equal ease for Android, iOS, Linux, Windows, MAC OS, etc, and would work best if it was interoperable across all platforms.

After all, if Android doesn't ever know your identify, it can't share it. This is a viable approach with Android already, but it requires knowledge and effort by the user and is limited by policies in Google Android (but not by the actual architecture or technology).

Z10 = BB10 + VKB > iOS + Android

BB10 had a native Enpass application, I always liked it. Anyways they offered SSH keygen for any form. So you are given a url like this. enpass://share?data= with a large string after the = which I can only assume is the form data encrypted / encoded.

Maybe thats more common than I'm aware of. I thought the use of application protocols for message passing was a pretty good idea with hyperlinks or images and sprites via qr code.

Posted via CB10

[bb10adopter111]

BlackBerry has been providing software that does all this for a while now. Below is a link to Spark, but they have other solutions as well.

https://www.blackberry.com/us/en/sol...t-security-ues

If we're still discussing current tech that could be added to BB10, I suppose the HTML5 endpoint could be used to enable BB10 users to remain connected to their colleagues on newer devices using BlackBerry Spark.

Perhaps ideas on better security models for the future could be moved to a new thread?

Security-wise, BB10's posix system API should make porting current versions of security/system libraries like ssl and samba fairly straightforward for the interested developer to port.

One disappointing thing I learned recently is that my BlackBerry Motion isn't certified for Widevine L1 which means I can't play protected HD video. We'd need this to be able to play content from such sources as Netflix, even if the browser was updated.

I'm talking about something more fundamental, such as the user's RL identity being masked effectively 100% of the time (think gamer handles.) Currently, you can have your data encrypted to protect individual messages from snooping eyes, but it's more difficult to use services that don't really need your identity (such as your carrier if you have a prepaid account, for example) from tracking and transferring it.

The scheme I'm suggesting would allow for unlimited creation and reassignment of revocable credentials while still ensuring trust ability with, say, your employer, your email provider, your bank, etc.

Z10 = BB10 + VKB > iOS + Android