[Habib Saufi]

We all knew that upcoming 10.3.3 was certified by NIAP.

The thing is, i'm curious, to how extend does NIAP affect regular user like me? Can we be proud on NIAP when our device is running an OS certified by NIAP?
Why does BlackBerry need NIAP? A lot of other devices have been certified by NIAP before this, but yet , BlackBerry is still known as the best in security even compared to NIAP certified devices. Why now BlackBerry is in need of NIAP? Will NIAP boosts the market for BlackBerry 10?

Don't blame me, im just curious............ (----,----)

 BlackBerry Z10

[thurask]

NIAP is a US government information security standard, it means little if anything for the average consumer.

[Aju]

But how was BlackBerry called as secure enough if NIAP is considered to be one big security standard and BlackBerry dint have it?

Posted via CB10

[thurask]

But how was BlackBerry called as secure enough if NIAP is considered to be one big security standard and BlackBerry dint have it?

Posted via CB10

It's just one standard, "secure" isn't a checklist.

[Richard Buckley]

But how was BlackBerry called as secure enough if NIAP is considered to be one big security standard and BlackBerry dint have it?

Posted via CB10

BB10 didn't have NIAP certification because until now they have not submitted a application for evaluation. The process of certification will evaluate the product according to test criteria, the product must meet all the criteria in order to be granted, something like a checklist. So your question of was BB10 secure enough before 10.3.3 is a valid one, but is difficult to answer.

First the problem of evaluation in general comes in. Just look on Crackberry, some say BB10 is more secure, some say not any more secure than other mobile operating systems. These are opinions based on what criteria each person considers important. So who do you believe? NIAP solves this, to a degree, by standardising security evaluation and testing criteria. When a product is certified you know that it has undergone standardised testing and the results of that testing can be compared with other certified products. Uncertified products remain unknowns under this system though you can generally make educated deductions. We know that there are very few changes between 10.3.2 and 10.3.3, so when 10.3.3 is certified we can deduce that 10.3.2 would have met certification criteria except maybe in those areas where changes were made.

That said, NIAP can't help you if you have concerns that are not covered by the evaluation criteria.



LeapSTR100-2/10.3.2.2876

[Aju]

BB10 didn't have NIAP certification because until now they have not submitted a application for evaluation. The process of certification will evaluate the product according to test criteria, the product must meet all the criteria in order to be granted, something like a checklist. So your question of was BB10 secure enough before 10.3.3 is a valid one, but is difficult to answer.

First the problem of evaluation in general comes in. Just look on Crackberry, some say BB10 is more secure, some say not any more secure than other mobile operating systems. These are opinions based on what criteria each person considers important. So who do you believe? NIAP solves this, to a degree, by standardising security evaluation and testing criteria. When a product is certified you know that it has undergone standardised testing and the results of that testing can be compared with other certified products. Uncertified products remain unknowns under this system though you can generally make educated deductions. We know that there are very few changes between 10.3.2 and 10.3.3, so when 10.3.3 is certified we can deduce that 10.3.2 would have met certification criteria except maybe in those areas where changes were made.

That said, NIAP can't help you if you have concerns that are not covered by the evaluation criteria.



LeapSTR100-2/10.3.2.2876

So as per the current scenario iphones and galazy's seems to be more secured than a BlackBerry ?
(Somebody had said in some forums about these phones having already NIAP) !

Posted via CB10

[Habib Saufi]

So as per the current scenario iphones and galazy's seems to be more secured than a BlackBerry ?
(Somebody had said in some forums about these phones having already NIAP) !

Posted via CB10

Yes, iPhone 5 do have NIAP certificate. Go have a check at NIAP website. A lot of other devices have NIAP already.

 BlackBerry Z10

[conite]

So as per the current scenario iphones and galazy's seems to be more secured than a BlackBerry ?
(Somebody had said in some forums about these phones having already NIAP) !

Posted via CB10

No, you didn't read Richard's post.

It only means iPhone and some Samsung devices were tested and complied. BB10 was not tested.

[HuwSy]

Apple is secure when using an mdm agent (no mention of which) on mdm v2, vpn client v1.4 or managed device v2.

BlackBerry was tested with and without bes12 from what I can see but against which versions I don't know. As the version 2 of these profiles are near end of life it may be newer and harder tests or completely different test profiles.

[Bla1ze]

So secure no one can even use it.. LOL

[HuwSy]

10.3.3 is fine here for security as long as I don't need alarms, native whatsapp, picture gallery working and not running any additional apps for extra security or incompatibility.

[Vistaus]

10.3.3 is fine here for security as long as I don't need alarms, native whatsapp, picture gallery working and not running any additional apps for extra security or incompatibility.

That's because you're using a developer version.

Posted via CB10 using my amazing BlackBerry Passport (OG Red) <3

[HuwSy]

Which makes it all the more secure. Because some things don't load

[Vistaus]

Which makes it all the more secure. Because some things don't load

True, although I don't see how a lack of alarms makes it more secure lol but lack of the rest definitely makes it more secure.

Posted via CB10 using my amazing BlackBerry Passport (OG Red) <3

[Halifax Guy]

True, although I don't see how a lack of alarms makes it more secure lol but lack of the rest definitely makes it more secure.

That's an easy one, the lack of alarms makes your sleep time secure for as long as you want to sleep.

Posted using a Q10, 10.3.2.2474.

[Aju]

That's an easy one, the lack of alarms makes your sleep time secure for as long as you want to sleep.

Posted using a Q10, 10.3.2.2474.

Hahahaha....gotcha

Posted via CB10

[Aju]

No, you didn't read Richard's post.

It only means iPhone and some Samsung devices were tested and complied. BB10 was not tested.

No no...I read. But was just wondering if BlackBerry was all about security and if this NIAP was one big certification, y didn't BlackBerry get it from the beginning?
And next thing...if BlackBerry was already so secure, y does it so much time for getting certification?

Posted via CB10

[Aju]

BB10 didn't have NIAP certification because until now they have not submitted a application for evaluation. The process of certification will evaluate the product according to test criteria, the product must meet all the criteria in order to be granted, something like a checklist. So your question of was BB10 secure enough before 10.3.3 is a valid one, but is difficult to answer.

First the problem of evaluation in general comes in. Just look on Crackberry, some say BB10 is more secure, some say not any more secure than other mobile operating systems. These are opinions based on what criteria each person considers important. So who do you believe? NIAP solves this, to a degree, by standardising security evaluation and testing criteria. When a product is certified you know that it has undergone standardised testing and the results of that testing can be compared with other certified products. Uncertified products remain unknowns under this system though you can generally make educated deductions. We know that there are very few changes between 10.3.2 and 10.3.3, so when 10.3.3 is certified we can deduce that 10.3.2 would have met certification criteria except maybe in those areas where changes were made.

That said, NIAP can't help you if you have concerns that are not covered by the evaluation criteria.



LeapSTR100-2/10.3.2.2876

Mmm....ohkIe

Posted via CB10

[Vistaus]

No no...I read. But was just wondering if BlackBerry was all about security and if this NIAP was one big certification, y didn't BlackBerry get it from the beginning?
And next thing...if BlackBerry was already so secure, y does it so much time for getting certification?

Posted via CB10

Not sure why they didn't do it from the beginning but why they are spending time on getting it is easy: to make governments happy 'cause they follow a security standard (NIAP) that everyone agreed on.

Posted via CB10 using my amazing BlackBerry Passport (OG Red)

[diegodiazvaldez]

What could be more secure than a dead outdated OS used by nobody

[johnny_bravo72]

What could be more secure than a dead outdated OS used by nobody

There's still 0.2% of marketshare. ALMOST nobody.

*C5303

[Aju]

There's still 0.2% of marketshare. ALMOST nobody.

*C5303

How dare you?
Its 0.1%. Mind you :P

Posted via CB10

[HuwSy]

And how much of that 0.1% is government in any way?

[javiergomezserrano]

Its a dead OS ok, but I prefer BBOS over lagdroid, or ios.

Posted via CB10

[Vistaus]

And how much of that 0.1% is government in any way?

NIAP is a government standard for both themselves *AND* customers. Just like, say, ODF is a ISO standard for documents in office suites.

Posted via CB10 using my amazing BlackBerry Passport (OG Red) <3