With KRACK We'll Find Ou if BB10 is OFFICIALLY End-of-life
-
BlackBerry | CLASSIC10-19-17 07:27 AMLike 0 - As of last week, Boeing was still using BB10 devices, at least in limited fashion. I was at a large conference last week and struck up a nice conversation with a chap from Boeing when I noticed his AT&T Passport on a table next to his laptop. He said he hated it, though, and was glad they'd be moving to Androids on Knox soon.
BlackBerry | CLASSIC10-19-17 07:50 AMLike 0 -
The question is, will BlackBerry do anything about it with regards to BB10.DreadPirateRegan likes this.10-19-17 09:14 AMLike 1 - As of last week, Boeing was still using BB10 devices, at least in limited fashion. I was at a large conference last week and struck up a nice conversation with a chap from Boeing when I noticed his AT&T Passport on a table next to his laptop. He said he hated it, though, and was glad they'd be moving to Androids on Knox soon.
BlackBerry | CLASSIC10-19-17 09:17 AMLike 0 -
I think I understand where you're coming from. In a perfect world, software would be written in such a way that it doesn't require constant security patching and bug fixing.
But what reason do we have to believe that BB10 doesn't require it? Their software is closed-source, so all we have to go on is whatever they tell us...or don't tell us. I think BlackBerry's dearth of updates for BB10 has more to do with the fact that it's a deprecated OS that is no longer being actively developed or supported, not because it's any more "hardened" or impervious to emerging security threats than any other mobile OS.
When it comes to security, until we hear otherwise from BlackBerry/QNX, the safest assumption is that BB10 is vulnerable, is it not?
I certainly don't have the programming expertise or experience you do, but I'm not willing to stake my digital safety on a guess or a hunch that WiFi encryption protocols were implemented contrary to widely-used specifications. Your hunch may be right, but that's all it is - a hunch.
I really hope BlackBerry/QNX does confirm that they implemented the WiFi standard securely - contrary to the prevailing specifications. If they do, my faith in their pre-Android phones will have been restored, somewhat.
Edited to add: this is all moot, however, as I am currently using a Moto E4 with a patch level of May 2017, so I know for a fact this phone is vulnerable, whereas BB10 is still a big question mark. Maybe a big question mark would be preferable right now.
Passport SE -Working wiDe in 2017+...10-19-17 12:04 PMLike 0 -
- Just keep an eye on this page,
https://ca.blackberry.com/enterprise...-response-team
It's not even close to EOL according to BlackBerry's own definition,
https://ca.blackberry.com/support/bu...le/terminologyanon(10218918) likes this.10-19-17 01:09 PMLike 1 - Just keep an eye on this page,
https://ca.blackberry.com/enterprise...-response-team
It's not even close to EOL according to BlackBerry's own definition,
https://ca.blackberry.com/support/bu...le/terminology
I'd be happy to poke around a new BB10 build, but I'm not overly optimistic.10-19-17 01:23 PMLike 0 -
Posted with my trusty Z1010-19-17 01:27 PMLike 0 - All true, but given the fact that BlackBerry 10 still is certified as secure for use by defense, government and critical infrastructure enterprises, I think some official response/guidance would be appropriate, even if it's only to not connect via secure WiFi!
Posted with my trusty Z1010-19-17 01:38 PMLike 4 -
Posted with my trusty Z1010-19-17 01:45 PMLike 0 - It's still misleading, especially in response to someone asking if the vulnerability will be patched. By BlackBerry's own definition and what we know of BB10's client base it's reasonable to assume that BB10 will be patched if it's impacted by KRACK. If it's vulnerable and they don't patch it their reputation and trust would certainly be impacted.10-19-17 03:03 PMLike 0
- It's still misleading, especially in response to someone asking if the vulnerability will be patched. By BlackBerry's own definition and what we know of BB10's client base it's reasonable to assume that BB10 will be patched if it's impacted by KRACK. If it's vulnerable and they don't patch it their reputation and trust would certainly be impacted.
The vast minority of BB10 devices were factory unlocked - and they would be the ones to get it.
The carriers won't be interested.10-19-17 03:07 PMLike 0 -
In other news, it was patched in Sailfish OS a few days ago but I don't think its rolled out yet. Will be interesting to see who comes in second for mobile deployment,
https://together.jolla.com/question/...post-id-17019810-19-17 03:14 PMLike 0 - Also worth noting, it makes sense for BlackBerry to stay quiet until there is a fix. Advertising vulnerabilities invites people to exploit them. BB10's security through obscurity applies here.
Of course, BlackBerry's silence isn't an indication that a fix is coming. If we don't hear anything by the time Apple and Android patches have been made available, I'd take that as a sign nothing is coming.
Posted with my trusty Z1010-19-17 03:21 PMLike 0 -
-
So for example, the current version of iOS is vulnerable, and putting your iPhone on a patched router doesn't fix it or make it any better. You have to do the Apple update whenever it becomes available.10-19-17 04:05 PMLike 0 - In general, having a patched router does not make up for the vulnerability (if it exists) in the phone.
So for example, the current version of iOS is vulnerable, and putting your iPhone on a patched router doesn't fix it or make it any better. You have to do the Apple update whenever it becomes available.10-19-17 04:06 PMLike 0 -
The premise of these attacks is that someone is impersonating the router that you think you're talking to. So there is some rogue router that you don't control and your phone is actually connected to the bad guys router. In the KRACK study they did this by setting up a rogue router on a parallel channel and spoofing the mac address of the router you were expecting. So the router itself is not hacked, and this is part of the reason why the real keys (master or session) are not compromised.10-19-17 04:17 PMLike 0 - yeah, so the problem is if the router is then itself connected wirelessly via WPA2 to some upstream router. Then you have the potential for KRACK attacks against the router (because then the router is also a client). Even if every phone and computer on the network were patched, it wouldn't matter.
The premise of these attacks is that someone is impersonating the router that you think you're talking to. So there is some rogue router that you don't control and your phone is actually connected to the bad guys router. In the KRACK study they did this by setting up a rogue router on a parallel channel and spoofing the mac address of the router you were expecting. So the router itself is not hacked, and this is why the real keys (master or session) are not compromised.10-19-17 04:19 PMLike 0 - Also worth noting, it makes sense for BlackBerry to stay quiet until there is a fix. Advertising vulnerabilities invites people to exploit them. BB10's security through obscurity applies here.
Of course, BlackBerry's silence isn't an indication that a fix is coming. If we don't hear anything by the time Apple and Android patches have been made available, I'd take that as a sign nothing is coming.
Posted with my trusty Z10
Hey, Maybe they can break something else along with the patch so more will "go to black droid." faster. Haha. I am loyal to BB as a whole and will get a BlackBerry ANDROID when I am "ready" (on my watch) beings nothing like what I just mentioned above happens.
Passport SE -Working wiDe in 2017+...10-19-17 05:27 PMLike 0
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
With KRACK We'll Find Ou if BB10 is OFFICIALLY End-of-life
« replace battery on Passport?
|
Newbie with failing / non-working native BB10 apps - WhatsApp etc »
Similar Threads
-
How secure really is the Keyone finger sensor
By dorsetshaw in forum BlackBerry KEYoneReplies: 19Last Post: 10-27-17, 08:53 PM -
KRACK WPA2 Vulnerability on BB10
By EFats in forum BlackBerry 10 OSReplies: 8Last Post: 10-18-17, 01:38 PM -
how to stop auto download of mail attachment in hub
By madh263362 in forum BlackBerry Android OSReplies: 2Last Post: 10-17-17, 08:51 AM -
KEYone Keyboard scrolling issue with ads on articles
By Turborat in forum BlackBerry Android OSReplies: 0Last Post: 10-17-17, 07:56 AM -
Problem with finger sensor on may K1
By mikimike2 in forum BlackBerry Android OSReplies: 1Last Post: 10-17-17, 05:49 AM
LINK TO POST COPIED TO CLIPBOARD