1. EFats's Avatar
    Does anyone have any updates on this?
    Original source is here:
    https://www.krackattacks.com/

    Link to vulnerability notes from that document is here:
    https://www.kb.cert.org/vuls/byvendo...&SearchOrder=4

    For BlackBerry, it says the status is unknown, butnotification was October 13, just before the weekend and there is no update yet.
    QNX is also an unknown but notification date was end of August so it's been a while.

    Given that virtually every other big vendor is affected, I would be surprised if BlackBerry is not since it sounds like it is tied to one of the recommendation/implementation of the spec.

    Will be interesting to see how BlackBerry will respond given that there are still enterprise customers using BlackBerry
    anon(8679041) likes this.
    10-16-17 11:18 PM
  2. EFats's Avatar
    So it seems the Playbook uses 4-way handshake
    Troubleshooting Wi-Fi and networking on the BlackBerry PlayBook
    which seems to be at the heart of the problem. Unless BlackBerry does something interesting, more likely than not we will be affected. However, realistically, I think you need BOTH our phones and the WiFi router to be patched to be secured. We'll see...
    10-16-17 11:27 PM
  3. thurask's Avatar
    Short of BlackBerry putting out some statement about the effect, the lack of proof of concept means nobody here can test their BB10/BBOS/PBOS devices just yet.
    10-16-17 11:56 PM
  4. Invictus0's Avatar
    I wouldn't be surprised if some of the vulnerabilities impacted BB10 as that's the case for other platforms, I guess we'll just have to wait for them to post an advisory.

    https://ca.blackberry.com/enterprise...-response-team
    10-16-17 11:59 PM
  5. Troy Tiscareno's Avatar
    I can't do anything about people's phones or other devices, but I patched the Ubiquiti WiFI access points for 38 customers (well over 100 APs in over 40 locations) in 30 minutes today. Cloud administration and fast response from Ubiquiti sure worked out nicely!
    anon(8679041) likes this.
    10-17-17 01:58 AM
  6. TheAmazingHarold's Avatar
    Good to know as that's what we use. Thought about tweeting BlackBerry support but they're completely useless when it comes to BB10 in my experience. Wouldn't be surprised if they just said "buy one of our new android powered devices".
    10-17-17 05:47 PM
  7. ppeters914's Avatar
    I can't do anything about people's phones or other devices, but I patched the Ubiquiti WiFI access points for 38 customers (well over 100 APs in over 40 locations) in 30 minutes today. Cloud administration and fast response from Ubiquiti sure worked out nicely!
    KRACK WPA2 Vulnerability on BB10-bill-murray-you-da-man-mobile-.jpg
    10-17-17 08:15 PM
  8. Newfangled's Avatar
    Unless BlackBerry releases a statement to the contrary, the safest assumption is that BB10 and older devices are all vulnerable.
    10-18-17 01:34 PM
  9. app_Developer's Avatar
    Unless BlackBerry releases a statement to the contrary, the safest assumption is that BB10 and older devices are all vulnerable.
    Having read the paper and gotten a couple of briefings finally, there are a few different related vulnerabilities. So there are varying degrees here.

    But, yes, I would assume BB10 is at least vulnerable to the GSK re-install attack. Every device they tested was vulnerable to that one, because a correct implementation of the spec makes you vulnerable. Some devices were vulnerable to other attacks as well.
    10-18-17 01:38 PM

Similar Threads

  1. Fix Whatsapp or leave BB10
    By davide445 in forum BlackBerry 10 OS
    Replies: 32
    Last Post: 10-29-17, 01:41 AM
  2. Replies: 7
    Last Post: 10-28-17, 01:55 PM
  3. Official KEYone Black Edition now available on Amazon.ca
    By dejanh in forum BlackBerry KEYone
    Replies: 29
    Last Post: 10-20-17, 12:32 PM
  4. Everything you need to know about KRACK, the WPA2 Wi-Fi vulnerability
    By CrackBerry News in forum CrackBerry.com News Discussion
    Replies: 0
    Last Post: 10-16-17, 05:50 PM
  5. Replies: 1
    Last Post: 10-16-17, 05:27 PM
LINK TO POST COPIED TO CLIPBOARD