-
-
-
-
But, since they won't do that, I'm calling the current app store business model fundamentally insecure.
Posted with my trusty Z10johnsliderbb likes this.07-18-18 10:39 PMLike 1 - I'm concerned about the average consumer, their friends, families and their employers. They are much more vulnerable than they are led to believe. If Apple and Google were being honest that would recommend that users limit their app use only to trusted companies that they absolutely need.
But, since they won't do that, I'm calling the current app store business model fundamentally insecure.
Posted with my trusty Z10Mecca EL likes this.07-19-18 05:50 AMLike 1 - In theory, absolutely. If people download from app stores indiscriminately, the risks are similar (though I don't think criminal hackers or foreign intelligence agencies are wasting a lot of time on apps in BlackBerry World).!
I'm not saying that BB10 is more secure than Android in theory and for the same activities. I'm saying that, in the real world, with real users, Android encourages many, many more app downloads, presenting a much larger attack surface for social engineering than BB10.
My point wasn't that BB10 is "better", whatever the heck that would mean, but that all the talk about Android being newer and more secure (which is theoretically true) is negated by the difference in actual user behavior on Android vs. BB10.
The average Android user presents a much larger attack surface to threat actors than the average BB10 user and the only reason is the ease and frequency of downloading third party apps.
Posted with my trusty Z1007-19-18 07:14 AMLike 0 - PEBKAC, which hasn't changed since personal computers and smartphones were invented.
Posted via CB10 / AT&T /Z10 STL100-3 /10.3.3.321607-19-18 11:06 AMLike 0 - In theory, absolutely. If people download from app stores indiscriminately, the risks are similar (though I don't think criminal hackers or foreign intelligence agencies are wasting a lot of time on apps in BlackBerry World).!
I'm not saying that BB10 is more secure than Android in theory and for the same activities. I'm saying that, in the real world, with real users, Android encourages many, many more app downloads, presenting a much larger attack surface for social engineering than BB10.
My point wasn't that BB10 is "better", whatever the heck that would mean, but that all the talk about Android being newer and more secure (which is theoretically true) is negated by the difference in actual user behavior on Android vs. BB10.
The average Android user presents a much larger attack surface to threat actors than the average BB10 user and the only reason is the ease and frequency of downloading third party apps.
Posted with my trusty Z1007-19-18 09:16 PMLike 0 -
I'm not concerned in the least bit about my Windows box at home becoming compromised because I know what to do. Apart from the fact that I will probably have to go and fix it, I couldn't really care less about my neighbour's Windows laptop. Same with our phones.Mecca EL and eshropshire like this.07-19-18 10:08 PMLike 2 - You do realize that Krack took about 6 months to be patched on BB10, but only 2 weeks on BlackBerry Android? Same for Meltdown - although the browser fixes aren't coming to BB10.
If you're concerned about security today, BB10 is probably your worst option.
As far as privacy, you can lock down Google, use Outlook or G Suite (or any number of secure email providers), and avoid any and all apps if you so choose.
Android for sure improved about security and privacy, but the Google store is full of trash apps... and again, the fact that monthly security patches are published means that the OS is not so entirely secure. For sure we have to congratulate with Google for keep on working on its OS...but many questions remain....
It would be interesting to read something from the user RichardBukley...since he seemed to be well prepared and with big knowledge about security and OS(s).... It is a pity he is not longer writing here....
Cheers!
Posted via CB1007-20-18 08:23 AMLike 0 - Well, Android needs monthly security updates...this means that something is wrong... Immagine your car to receive monthly a recall from the constructor.... Sorry man, you are trying here to see the ice to the north Pole.
Android for sure improved about security and privacy, but the Google store is full of trash apps... and again, the fact that monthly security patches are published means that the OS is not so entirely secure. For sure we have to congratulate with Google for keep on working on its OS...but many questions remain....
It would be interesting to read something from the user RichardBukley...since he seemed to be well prepared and with big knowledge about security and OS(s).... It is a pity he is not longer writing here....
Cheers!
Posted via CB10
BB10, by nature, is more "locked-down" , per se, but any advantages that it may have enjoyed in that respect, are essentially gone today. The 6 month delay for Krack was a major security issue and made the devices almost unusable in a corporate environment.elfabio80 and eshropshire like this.07-20-18 08:31 AMLike 2 - Honestly I'm not.
I'm not concerned in the least bit about my Windows box at home becoming compromised because I know what to do. Apart from the fact that I will probably have to go and fix it, I couldn't really care less about my neighbour's Windows laptop. Same with our phones.
In the real world, the threats we face from cyber-insecurity threaten our economy, health, safety and advanced civilization. It's not just a bunch of minor criminals in hoodies grabbing your neighbor's wallet.
The estimated annual global losses from cyber crime by 2021 are projected to be $6 Trillion. Beyond economic damage nation state threat actors attack critical infrastructure daily, from nuclear power plants to governments, hospitals and election systems.
80% of successful attacks involve the compromise of credentials through social engineering. In this context there is absolutely no difference between privacy and security. If a hacker can see someone's public transactions in Venmo, and their social network relations in Facebook and LinkedIn, they can generate carefully targeted phishing and other social engineering attacks that are likely to succeed.
I get where you're coming from, but to me it sounds like someone in 2007 saying that the housing frenzy doesn't affect them because they already have a fixed rate mortgage and don't plan to sell their home. That person isn't considering the systemic risk that will cost them their job, their home, and their place in the middle class.
Posted with my trusty Z1007-20-18 08:41 AMLike 0 - That would be fine, if the cyber threats we faced were similarly siloed so that nothing that happens to your neighbor ever affected you.
In the real world, the threats we face from cyber-insecurity threaten our economy, health, safety and advanced civilization. It's not just a bunch of minor criminals in hoodies grabbing your neighbor's wallet.
The estimated annual global losses from cyber crime by 2021 are projected to be $6 Trillion. Beyond economic damage nation state threat actors attack critical infrastructure daily, from nuclear power plants to governments, hospitals and election systems.
80% of successful attacks involve the compromise of credentials through social engineering. In this context there is absolutely no difference between privacy and security. If a hacker can see someone's public transactions in Venmo, and their social network relations in Facebook and LinkedIn, they can generate carefully targeted phishing and other social engineering attacks that are likely to succeed.
I get where you're coming from, but to me it sounds like someone in 2007 saying that the housing frenzy doesn't affect them because they already have a fixed rate mortgage and don't plan to sell their home. That person isn't considering the systemic risk that will cost them their job, their home, and their place in the middle class.
Posted with my trusty Z10
Most breaches are through bad passwords and/or brute force attacks on online servers.Mecca EL and eshropshire like this.07-20-18 08:55 AMLike 2 -
In that context, social engineering using the information people share on their social networks and mobile apps is a critical vector for access to sets of credentials that enable the breach.
So, my thesis, which has been confirmed by a number of security chiefs at large companies, is that mobile and web-based applications that expose user information, whether or not it's within the terms of use, and whether or not it's in the personal profile on a phone with EMM, are inherently dangerous and meaningfully increase the attack surface for users and. If they use BYOD, their employers.
In summary, people should use as few apps as possible and share as little personal information as possible in the apps they use.
Posted with my trusty Z10Last edited by bb10adopter111; 07-20-18 at 07:29 PM.
07-20-18 02:07 PMLike 0 - Most threats that are patched are purely theoretical and have never been exploited in the real world. But yes, a healthy system is constantly audited and updated.
BB10, by nature, is more "locked-down" , per se, but any advantages that it may have enjoyed in that respect, are essentially gone today. The 6 month delay for Krack was a major security issue and made the devices almost unusable in a corporate environment.
Why do you think that BlackBerry didn't patch it quicker considering the issue and the corporate environment?
I understand the need to not throw more money at BlackBerry 10 considering they are out of the device business for the most part, but still? How much could it of cost for a patch? They are still in the corporate security business and are trying to sell them security software and services along with secured smart phones from their partners?
Any thoughts on this or was it just a lack of resources on the BlackBerry 10 side?
Posted via CB1007-20-18 03:22 PMLike 0 - Why do you think that BlackBerry didn't patch it quicker considering the issue and the corporate environment?
I understand the need to not throw more money at BlackBerry 10 considering they are out of the device business for the most part, but still? How much could it of cost for a patch? They are still in the corporate security business and are trying to sell them security software and services along with secured smart phones from their partners?
Any thoughts on this or was it just a lack of resources on the BlackBerry 10 side?
Posted via CB1007-20-18 03:47 PMLike 0 -
Granted, (IMO) Android and iOS make it easier to forget common sense. You can inform/warn, but it's unrealistic to expect the masses to not make less than optimal choices, or for the vendors to care.
Posted via CB10 / AT&T /Z10 STL100-3 /10.3.3.321607-20-18 03:51 PMLike 0 - That's just plain common sense. Doesn't matter if Android, BBOS, BB10, iOS, etc.
Granted, (IMO) Android and iOS make it easier to forget common sense. You can inform/warn, but it's unrealistic to expect the masses to not make less than optimal choices, or for the vendors to care.
Posted via CB10 / AT&T /Z10 STL100-3 /10.3.3.3216
Posted with my trusty Z10Last edited by bb10adopter111; 07-21-18 at 09:31 AM.
07-20-18 07:31 PMLike 0 - Why do you think that BlackBerry didn't patch it quicker considering the issue and the corporate environment?
I understand the need to not throw more money at BlackBerry 10 considering they are out of the device business for the most part, but still? How much could it of cost for a patch? They are still in the corporate security business and are trying to sell them security software and services along with secured smart phones from their partners?
Any thoughts on this or was it just a lack of resources on the BlackBerry 10 side?
Posted via CB10
Posted via CB1007-21-18 08:59 AMLike 0 - Even though it hasn't been developed in some time, I still prefer the simplicity and maintenance free aspect of bb10. It is ready to go out of the box (including a wide format range music player that my keyone sorely lacks.. Bb should add their music player to their android suite) and no googleness required if one prefers not to be tracked.
If you need all the popular apps, however, then Android is your only reasonable option. I don't mind Android, but it seems like I am always being followed and have to constantly reset settings.
Posted via CB1007-22-18 07:54 AMLike 0 - If you are a PKB fan and a BlackBerry lover.... sticking with BB10 does nothing for BlackBerry and nothing for YOUR future chances of owning a PKB phone. Without support right now, BlackBerry might not exist in the future. If you don't care about that, then what kind of a fan are you really?
Posted via CB1007-26-18 02:08 AMLike 0 -
Any new app core app development would require 10s to 100s of millions if dollars, and there's almost no reasonable amount of money that would entice BlackBerry to wotk on the OS or Android run time.
Posted with my trusty Z10eshropshire likes this.07-26-18 07:07 AMLike 1 - In you could write a check for several million dollars, BlackBerry might keep the essential servers running, but BlackBerry World would still disappear, and the Browser would continue to fall behind.
Any new app core app development would require 10s to 100s of millions if dollars, and there's almost no reasonable amount of money that would entice BlackBerry to wotk on the OS or Android run time.
Posted with my trusty Z10harvland and eshropshire like this.07-26-18 10:55 PMLike 2
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
Love BlackBerry 10 OS
Similar Threads
-
How can I use my Blackberry Curve without BIS
By Xactix in forum BlackBerry Curve SeriesReplies: 4Last Post: 11-20-22, 02:56 AM -
Blackberry 10 OS and Signal Messaging App
By Ambles2011 in forum BlackBerry 10 OSReplies: 3Last Post: 05-10-18, 08:55 PM -
BlackBerry 10 VS Android
By Jonathank in forum General BlackBerry News, Discussion & RumorsReplies: 25Last Post: 05-08-18, 04:36 PM -
BlackBerry on Blue Bloods
By ssirica in forum Rehab & Off-Topic LoungeReplies: 0Last Post: 05-04-18, 10:22 PM -
BlackBerry ID not responding
By CrackBerry Question in forum Ask a QuestionReplies: 2Last Post: 05-04-18, 03:45 PM
LINK TO POST COPIED TO CLIPBOARD