[Richard Buckley]

And what's interesting is QNX was notified in August when almost all other vendors were,

https://www.kb.cert.org/vuls/id/CHEU-AQNN3H

Yet according to this BlackBerry was notified October 13 th. I wonder if they have out of date contact information for QNX. The page above looks like auto generated proforma.

https://www.kb.cert.org/vuls/byvendo...&SearchOrder=4

LeapSTR100-2/10.3.3.2205

[Invictus0]

Yet according to this BlackBerry was notified October 13 th. I wonder if they have out of date contact information for QNX. The page above looks like auto generated proforma.

https://www.kb.cert.org/vuls/byvendo...&SearchOrder=4

LeapSTR100-2/10.3.3.2205

I thought that as well but their BlueBorne disclosure seems to imply that they have recent contact info for BlackBerry,

https://www.kb.cert.org/vuls/id/240311

[Richard Buckley]

I thought that as well but their BlueBorne disclosure seems to imply that they have recent contact info for BlackBerry,

https://www.kb.cert.org/vuls/id/240311

But they didn't mention QNX at all for that release.

Difficult to say anything for sure.

[Leyra B10]

You can still check certificates for the websites your visiting when you wish to do something sensitive like banking, at least on the stock browser.


Posted via CB10

[G_Unit MVP]

I've participated in yesterday's webinar about Public Wifi security, and at the end they did a Q&A. So, I asked the speaker about how secure is to still use BB10 devices on public wifi networks, and if we can expect any update some time in the near future. The answer was that it is secure if you use Blackberry Secure, basically because the data between the device and the server is encrypted. So, the vulnerability is still there, your communications can be intercepted, but theoretically can't be decrypted.
It's not an official statement, but it's pretty clear that there will not be any update to fix the problem, cause the only BB10 users they care at this point are in working environments and they are protected if they use Blackberry software.
The consumers like most of us here, well, we are on our own...

[wingnut666]

mark my words. they will patch this vulnerability. leaving it open leaves them vulnerable to lawsuits. they are just moving slowly and reluctantly.

Posted via CBX

[Invictus0]

I've participated in yesterday's webinar about Public Wifi security, and at the end they did a Q&A. So, I asked the speaker about how secure is to still use BB10 devices on public wifi networks, and if we can expect any update some time in the near future. The answer was that it is secure if you use Blackberry Secure, basically because the data between the device and the server is encrypted. So, the vulnerability is still there, your communications can be intercepted, but theoretically can't be decrypted.
It's not an official statement, but it's pretty clear that there will not be any update to fix the problem, cause the only BB10 users they care at this point are in working environments and they are protected if they use Blackberry software.
The consumers like most of us here, well, we are on our own...

Isn't that general advice for KRACK though? That it's dangerous across unsecure connection (i.e. http) less dangerous on secure connections?

In other news, editorial aside, Pixel and Nexus devices won't be patched until December.

https://arstechnica.com/gadgets/2017...lly-a-big-deal

[DrBoomBotz]

mark my words. they will patch this vulnerability. leaving it open leaves them vulnerable to lawsuits. they are just moving slowly and reluctantly.

Posted via CBX

Your words are marked.
When can we declare a no show?

[Elephant_Canyon]

mark my words. they will patch this vulnerability. leaving it open leaves them vulnerable to lawsuits. they are just moving slowly and reluctantly.

Consider them marked. What’s the deadline on this?

EDIT- ninja’d

[wingnut666]

Consider them marked. What’s the deadline on this?

EDIT- ninja’d

before world peace breaks out

Posted via CBX

[DrBoomBotz]

before world peace breaks out

Posted via CBX

Obviously you don't take yourself seriously, so no else should take you seriously either.

[johnny_bravo72]

before world peace breaks out

Posted via CBX

Awww... Would have believed you if your answer was "coming soon." 😀

[DreadPirateRegan]

before world peace breaks out

Posted via CBX

I hope your right bud, would be awesome. As to the other guy, wingnut is full of knowledge so I'd take him "seriously" just maybe not on this.. a sense of humor, how dare you! Haha..

Honestly, I don't even care about Krack as much as like signs of Life over with BB10 even though I still know chances of it coming back to the surface are nill.

On that not, Jan the new big Youtuber for blackberry (think he is in german) says that blackberry only recently signed the no upgrade to dalvik (art) when they started with priv. It was in the contract and prior they could have, had they wanted to like amazon had did up until at least lollipop as far as I know. Anyway, this seems to be where the smart people are so was wandering if anybody knew if this was true or not as If so it means...

They could have and they didn't as well as..

They sold out to Droid fully in a big way and why would google care since "BB10" isn't really good anyway..

I can't wait for everyone to leave so it's just ME. Oh, and hopefully Cobalt still releases his suite of God-Like applications.

To go back on topic,

" BlackBerry10 don't do Krack! "
or maybe they do, we shall see.

Are the android blackberry's corrected as of now with the Bluebourne and/or Krack yet?...

 Passport SE  -Working wiDe in 2017+...

[Invictus0]

Are the android blackberry's corrected as of now with the Bluebourne and/or Krack yet?...

Only those that have at least the October 2017 update are safe from both (September for BlueBorne, October for KRACK).

[bobshine]

mark my words. they will patch this vulnerability. leaving it open leaves them vulnerable to lawsuits. they are just moving slowly and reluctantly.

Posted via CBX

Lawsuits? From whom?

[Chuck Finley69]

Lawsuits? From whom?

Harry Potter Incorporated....

[i_plod_an_dr_void]

I
Honestly, I don't even care about Krack as much as like signs of Life over with BB10 even though I still know chances of it coming back to the surface are nill.
 Passport SE  -Working wiDe in 2017+...

Just like ultra-secure submarines don't surface...but still live.

[DreadPirateRegan]

Just like ultra-secure submarines don't surface...but still live.

I never said I made sense.. just 100.

 Passport SE  -Working wiDe in 2017+...

[anon(10321802)]

In this case, I'm assuming no news is bad news...

 BlackBerry | CLASSIC

[Invictus0]

In this case, I'm assuming no news is bad news...

 BlackBerry | CLASSIC

I don't believe they've commented on QNX yet either so who knows. We've either overestimated how many resources BlackBerry has or how much they consider this an issue.

[eshropshire]

I don't believe they've commented on QNX yet either so who knows. We've either overestimated how many resources BlackBerry has or how much they consider this an issue.

Is QNX impacted?

[johnsliderbb]

How much actual programming would be involved to fix it?

Posted via CB10

[Invictus0]

Is QNX impacted?

We don't know but apparently they're looking into it,

https://forums.crackberry.com/showth...1#post13063195

[DreadPirateRegan]

We don't know but apparently they're looking into it,

https://forums.crackberry.com/showth...1#post13063195

Nice!

Why do WE always "look into it first" like @conite fixing the runtime, etc, etc. Even when they were alive or supposed to be. LOL. What gives.. yet, still love blackberry and will one day in the distant future go to blackdroid. The motion is looking purdyyyy..

 Passport SE  -Working wiDe in 2017+...

[Rob Longmire]

If we got dark hub it'd be enough for me to switch back to my passport from the keyone