With KRACK We'll Find Ou if BB10 is OFFICIALLY End-of-life
- I agree, but for all we know, they could already be telling their enterprise clients exactly what the plan is. They don't really need to update the public if they are updating at risk companies directly. That said, this seems like the perfect moment to publicly affirm either that BB10 development has ceased altogether (though TBH I think they've already said that), with no patch for KRACK forthcoming, or that they are taking the extraordinary step of patching BB10 for this event, but that it will then be EOL.
In any case, a lack of an official statement by the time that Android and Apple have released their patches IS an official statement, as far as I'm concerned. That's was the point of this post! :-)
Which vulnerability?10-20-17 04:33 PMLike 0 -
- Yeah I think the last major vulnerability (that made headlines anyway) that impacted BB10 was the initial Stagefright exploit via the runtime in 2015. There are still serious Stagefright exploits being found in Oreo but I'm not sure how many impact BB10 (if at all)10-20-17 05:27 PMLike 0
-
- Heartbleed? That was in 2014.
BlackBerry Ltd preps Heartbleed security updates for some BBM and email programs due to mobile threat | Financial Post10-20-17 06:21 PMLike 0 -
-
- It wasn't a myth - there were lots and lots of very real issues that needed to be fixed... and WERE fixed. But the risks were also exaggerated in some cases.StephanieMaks likes this.10-20-17 09:43 PMLike 1
- Heartbleed? That was in 2014.
BlackBerry Ltd preps Heartbleed security updates for some BBM and email programs due to mobile threat | Financial Post10-20-17 10:48 PMLike 0 - I don't think so, searching their Knowledge Base for Broadcom only brings up results for BlackBerry Android.
BlackBerry Knowledge Base
I'm not sure if any BB10 devices actually use Broadcom chips though.10-20-17 11:55 PMLike 0 - That's my thinking. I mean, this seems to be one of those "direct target attack" kind of things.
For this to be widespread, you'd have to start seeing strange vans parked every 200 feet down every street in every neighborhood in the country as they try to infiltrate every home and business wi-fi network there is.
I don't think that would happen.
.
With so many WiFi users around the world, the chance of any one user being picked off might be low, but do you really want to count on that as security?10-21-17 12:18 AMLike 0 -
Posted via CB1010-21-17 01:26 AMLike 0 -
Exploits and bugs are the result of poorly designed code due to sloppiness or lack of due care such as KRACK, not a planned and deliberate design to achieve the result intended.10-21-17 07:17 AMLike 0 - Well, if I just parked myself in Starbucks for half a day, that could net me a lot of victims. Only the idiots would be driving down the block trying to pick off one home at a time. It wouldn't take a lot to make it worthwhile...just one unencrypted email (we all encrypt our emails, right? right?) with some particularly juicy information is all it takes. Maybe YOU are careful, but if your recipient is not and replies back....
With so many WiFi users around the world, the chance of any one user being picked off might be low, but do you really want to count on that as security?
Plus, remember most people send their emails using TLS. So you've still got to crack that as well.
So even a whole day at a coffeeshop is very unlikely to net you anything at all, let alone anything of value.10-21-17 09:03 AMLike 0 - I don't think so, searching their Knowledge Base for Broadcom only brings up results for BlackBerry Android.
BlackBerry Knowledge Base
I'm not sure if any BB10 devices actually use Broadcom chips though.
https://forums.crackberry.com/news-r...-names-828586/10-21-17 12:16 PMLike 2 - But the thing is it's a non-trivial amount of work to actually get a session key in most cases. This doesn't make it easy to get the PSK, it just makes it *possible*. That's a huge difference. And in the case of the zero key, you're going to just get a couple of packets. The probability of those packets being an email or anything else remotely sensitive are quite low.
Plus, remember most people send their emails using TLS. So you've still got to crack that as well.
So even a whole day at a coffeeshop is very unlikely to net you anything at all, let alone anything of value.10-21-17 12:46 PMLike 0 - 10-21-17 01:07 PMLike 0
-
- Will get you a little lighter in the wallet and some expense coffee. I think it funny when people post about security vulnerabilities on this site. Other than people stupid issues of setting password like 1234. Almost all other vulnerabilities take some serious knowledge of security protocols and programming knowledge to exploit. For Android or iOS many also require people to be stupid enough to root or jailbreak their phones.
https://www.androidheadlines.com/201...c-in-2017.html
You also don't need to root or jailbreak a device to be impacted, in some case that's what the exploits do (and that's one of the things BB Android tries to protect against). Most users probably won't be impacted by exploits but for some security is certainly a consideration when buying a new phone.10-21-17 01:24 PMLike 0 - 10-21-17 01:25 PMLike 0
- As I wrote, only BlackBerry knows, but I will try and guess.
27 months ago, BB10 users peeked at 10 million.
The average person keeps a smartphone for 22 months, so that instantly cuts the number to less than 5 million.
I would also argue that the bleed rate on BB10 would be much higher than the average because of the whole "deal platform" thing. I would cut that number in half again to under 2.5 million.
Now how many of these users actually USE the phone as a PRIMARY device? I would probably half the number again.
So, I would guess 1-1.5 million users left, down to 500,000 by next summer. I think I'm being quite generous.Laura Knotek and Dunt Dunt Dunt like this.10-21-17 02:52 PMLike 2 - This is from September this year:
BlackBerry response to impact of the vulnerabilities known as BlueBorne on BlackBerry products
I expect something similar regarding this new vulnerability.10-21-17 03:19 PMLike 0
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
With KRACK We'll Find Ou if BB10 is OFFICIALLY End-of-life
« replace battery on Passport?
|
Newbie with failing / non-working native BB10 apps - WhatsApp etc »
Similar Threads
-
How secure really is the Keyone finger sensor
By dorsetshaw in forum BlackBerry KEYoneReplies: 19Last Post: 10-27-17, 08:53 PM -
KRACK WPA2 Vulnerability on BB10
By EFats in forum BlackBerry 10 OSReplies: 8Last Post: 10-18-17, 01:38 PM -
how to stop auto download of mail attachment in hub
By madh263362 in forum BlackBerry Android OSReplies: 2Last Post: 10-17-17, 08:51 AM -
KEYone Keyboard scrolling issue with ads on articles
By Turborat in forum BlackBerry Android OSReplies: 0Last Post: 10-17-17, 07:56 AM -
Problem with finger sensor on may K1
By mikimike2 in forum BlackBerry Android OSReplies: 1Last Post: 10-17-17, 05:49 AM
LINK TO POST COPIED TO CLIPBOARD