- Hey folks,
I've been playing around with the PGP encryption for BES12 over the last days and I feel that BlackBerry as the self-proclaimed most secure platform should offer PGP encryption to all their users and not only BES12 customers
Since we've seen many petition over several topics regarding the BlackBerry system and apps I believe BlackBerry needs to know that people would love to use PGP if BlackBerry would build it into the system and make it easy for everyone to use.
From my point of view we don't need a website to host this petition - we use crackberry instead - by simply liking this discussion you can show your support - there is no easier way than kicking the like button.
Background info
The current situation of PGP on BlackBerry10
to show that we are not talking about something impossible I'd like to point out that BES12 users are currently able to encrypt as well as decrypt and sign their work emails with PGP.
I've tested it and it works quite good - only problem is searching for a key online doesn't work at all even though the system has the option.
unfortunatly you are not able to create the PGP keys on the BlackBerry Devices itself.
You need to use the PGP suite for mac or windows and transfer the private key over to your device and get it into the work side, which is quite difficult since you can't access the work site via BB link.
What the future should bring
Since you know that BlackBerry already has part of the needed system in place I don't understand why they don't bring it to all BlackBerry10 users.
What we need is a simple way to create PGP keys on the go on BlackBerry10 - we need to be able to upload them to public server as well as being able to search for keys on those public servers.
And lastly all BlackBerry10 users should have the ability to choose if they want to encrypt their mails via PGP or not.
For the future I'd believe that it would be an awesome model to offer PGP encryption for BBM on a monthly subscript base like we have BBMprotected right now for the BES12 customers.
BlackBerry should allow ALL USERS to choose their level of privacy and encryption!
so if you believe in my idea and want to support it please like the discussion, comment on it and please share it
Last edited by bbschorsch; 03-04-15 at 09:27 AM.
03-04-15 08:32 AMLike 16 - It may be extended to all in 10.3.2
http://forums.crackberry.com/showthread.php?p=11404743
Posted via CB10 on Passport.03-04-15 09:29 AMLike 0 - that would be awesome but what is still needed is a way to create you key on the go with your BBPaul Callahan likes this.03-04-15 10:05 AMLike 1
- The Reason for it not to be available for non-BES User right now is, that BlackBerry is still using the PGP Function as a Selling Point these days.
Yes I know it is unbelievable that a BlackBerry Device (OS) which claims to be the most secure one, is not even offering Standard Features like Call Blocking, PGP, S/Mime and other.
The PGP + S/Mime Functionality has been built in the OS since 10.0 and was activated in 10.1 - but only for BES.
The Beta NDA is still in effect so the only thing I can say is: You are not alone. This is one of the Most-Wanted Features.
Maybe 10.4 will finally bring it for all. Hopefully. I mean stranger things have happened.
Via CB10 App. STL100-2 @ 10.3.1.2267bbschorsch likes this.03-04-15 10:32 AMLike 1 - charge us more for buying the devices and give us more security out of the box
or sell it as a security add on for 5$ like we had the BB option on the os7 devices . . .
and give us BBM protected and PGP for itlasouthern likes this.03-04-15 11:12 AMLike 1 - Thank you, bbschorsch for the well written post and bringing more attention to this issue.
I will admit, PGP key handling is not the feature most users are falling over themselves to have, but it should be. We have seen unprecedented shifts from various companies towards a security centric approach, so it has puzzled me as to why my BBOS phone was able to handle S/MIME without issue, yet this feature was intentionally crippled in BB10.
With all due respect to the PGpgp app, which has done admirably in filling in the PGP gap for is BlackBerry 10 users, PGP capabilities should be baked right into the OS itself without the need for BES.
MeerMusik is right. This is unfortunately a "premium" feature and selling point for BES right now. I do however believe that PGP will one day (relatively soon) be considered a norm and not the exception to email. With free services (E.g. ProtonMail) baking PGP key handling right into their software, it is my hope that PGP key usage will increase worldwide. I do believe BlackBerry could be playing an integral role in this by giving this feature, for free, to non-BES users.
The protocol email was originally built upon was/is fundamentally not secure. When one adds PGP to email, you have essentially gone from delivering a post card to using an armoured truck delivering your message (if implemented properly).
I think it is time for BlackBerry to step up to the plate and deliver this feature to all users.
Posted via CB10bbschorsch likes this.03-04-15 02:53 PMLike 1 - If you search Crackberry, there is a solution using k9 mail. Not very pretty. Its is GPG.
I agree that today, BlackBerry should just give non BES users encryption since Android already provides that.
Posted via CB10Paul Callahan likes this.03-05-15 02:15 AMLike 1 - It may be extended to all in 10.3.2
http://forums.crackberry.com/showthread.php?p=11404743
Posted via CB10 on Passport.
Posted via CB1003-05-15 02:17 AMLike 0 - K9 is a android port running inside the sandbox.
This is what I call an insecure and user unfriendly version. Everyone who ever used PGP on BES knows how convenient using it can be. And that's what we need. Paired with checking the public servers instead of only using the symantec key servers...
Posted via CB1003-05-15 09:04 AMLike 0 - K9 is a android port running inside the sandbox.
This is what I call an insecure and user unfriendly version. Everyone who ever used PGP on BES knows how convenient using it can be. And that's what we need. Paired with checking the public servers instead of only using the symantec key servers...
Posted via CB10
Posted via CB1003-05-15 10:40 AMLike 0 - But that app isn't integrated into the email. Can you explain how it is used? The description sounded like cut and paste.
Posted via CB10bbschorsch likes this.03-05-15 02:58 PMLike 1 -
At this point you have the option of hitting the "mail" button where it will directly export your PGP encrypted message to a new email screen (also where you can select your email account to send with). Conversely you can also hit the three dotted buttons in the lower right corner and hit "share" which can export your entire message to other applications, such as BBM if you were inclined to do so.
Posted via CB1003-05-15 03:18 PMLike 0 -
With this enabled you can now open your emails from the Hub as you always would, but now if you click the three dots button in the lower right corner, you'll see "Share PGpgp" which will import the received encrypted message into the app for decryption.
While it is not perfect, I have found this system to not be very cumbersome. The developer is active in development so I expect to see more ease of use in the future.
Posted via CB1003-05-15 05:12 PMLike 0 - I just discovered that BlackBerry did not even put PGP into all their BES12 apps - it seems it's a BlackBerry10 only feature. . . pretty sad to see that03-09-15 08:44 PMLike 0
- Prem WatsAppCrackBerry Jester of Jesters
� "Oh Classic, you are the fairest here so true. But Passport is a thousand times more powerful than you..." (no offense, Classic is a great device, when it's charged) �03-09-15 11:42 PMLike 0 - Hello,
This threads is really interesting to me as native PGP would be excellent on my Blackberry Passport (and other BB10 devices actually).
Here is what I have managed to do, so far, but I think that Blackberry is actually blocking the last step, sadly. Otherwise I would have PGP support without BES12, nearly out of the box.
A little bit of background first : I self-host my web services.
For a few years, I wanted to be out of google and co and try to "contain" my privacy at best. No easy these days, especially that I still want to be connected.
I have a VPS in Europe (2�/months !) with Debian on it.
On top of, I installed Yunohost layer (yunohost.org for the curious ones), which gives nearly out of the box :
- Imap (for emails)
- carddav (for contacts)
- caldav (for calendars)
- Other web app such as Owncloud (files sharing), Roundcube (webmail) and lots of other excellent web app.
Recently, I have installed z-push, which is an ActiveSync php layer between imap+carddav+caldav and my Blackberry.
Thanks to z-push, I can install in one go and very easily an account on a BB10 device.
Great.
And I get push notifications, which is even better.
Since I'm running 10.3.2.2204 on my Passport, I noticed immediately the PGP extention in the parameters -> safety and in emails, but I've never been able to activate it.
Since I have ActiveSync, I suppose my Blackberry believes it is a pro account with microsoft server and it now lets me activate PGP.
I have installed openkeychain (OpenKeychain from F-Droid) and generated a new set of public/private keys.
I saved this key on my phone and installed it on my phone via the parameters -> security -> PGP section. WORKING
Then I grabbed a public key from a kind contact (he has a working PGP installation) and installed it in my Passport. WORKING
Following this, we ran a few tests :
- Signing an email from the Blackberry (apparently working)
- Verifying a signed signature from the Blackberry (apprently working)
- Crypting an email from the Blackberry (apparently working)
When I say "apparently working", it means that the desktop software of my friend tells him it is actually signed or cryted.
But I cannot uncrypt an email.
I have to say, all of this is extrememy frustrating and I suppose that there is nothing missing for it to work. It is all there but Blackbery is blocking it in the system.
I should try with a newer system as soon as I find one.
Any thoughts on what I can do to try making this working ?
Could some�one using PGP and BES12 contact me in private for us to make a test by any chance ?
Obviously, my self hosting server is small and simple tool, which suits me, for a private use. I cannot (and I don't want to) install a windows serveur+license with a ActiveSync server+licence with a BES12 serveur and Symantec crap on top of thisArchGalileu likes this.08-13-15 07:10 AMLike 1 -
Posted via CB1008-14-15 05:20 AMLike 0 - I may have express myself wrongly : obviously yes, I do have other people public keys installed in my BlackBerry.
What I was saying is that two BlackBerry can exchage and decrypt emails with PGP, but not with emails coming from outside a BlackBerry system (such as Android, thunderbird, etc)
Posted via CB1008-17-15 12:43 PMLike 0 - Bb10 users can now choose to encrypt an email via pgp? This is done on an ad hoc basis?
Does the bb10 automatically decrypt pgp encrypted emails so long as you have the proper key?
Posted via CB1008-17-15 02:35 PMLike 0 - Hi,
My experience, so far, is the following :
- you can use an Android app (openkeychain in my case) to generate your private key and get public keys for your contacts on public servers
- or you can import keys exchanged by email (not very good practise for the private key...)
- anybody can add pgp private and public key to their phone by going to parameters -> security -> pgp (I'm running 10.3.2.x)
- if you have an ActiveSync account (whatever supplier apparently, mine is just a php frontend for standard imap+carddav+caldav), then you have an option available to use pgp in your email app
- so far, I have been able to sign, crypt, check signature and decrypt emails with other BlackBerry 10 phones with pgp
- so far I can only sign, crypt and check signature with people not having BlackBerry 10 , I cannot decrypt their messages even if I have their public key
Posted via CB1008-17-15 03:00 PMLike 0 -
you dont need someone public key to decrypt a message, the message comes encrypted to you, and only you with your private key can decrypt it.
a public key is for encrypting a message for someone else to decrypt with their private key.08-17-15 06:46 PMLike 0 - And you are correct, I don't need their public key for this.
If anything, I would need it to check their signature.
In any case, I cannot decrypt messages coming from something different than a BlackBerry phone (and using my public key to crypt)
I can decrypt messages coming from a BlackBerry phone. It's actually quite nicely implemented, all smooth and nearly completely transparent for the user.
Posted via CB10ramirom likes this.08-17-15 11:48 PMLike 1
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
PGP integration on BlackBerry 10 for all users
Similar Threads
-
New BlackBerry 10 Slider Rumored Spec's.
By AtInsider in forum BlackBerry PrivReplies: 95Last Post: 06-10-15, 05:05 PM -
Why I have interest for the Leap
By piquepoc in forum BlackBerry LeapReplies: 7Last Post: 03-05-15, 11:30 AM -
Can I get some advise on selling/trading my way to a Passport?
By tcrosby86 in forum Ask a QuestionReplies: 3Last Post: 03-04-15, 01:37 PM -
Verify BlackBerry ID
By Ayla Pnx in forum BlackBerry Z10Replies: 1Last Post: 03-04-15, 08:27 AM -
Gmail on Hub not pulling contacts properly
By davefromcm in forum Ask a QuestionReplies: 0Last Post: 03-04-15, 07:55 AM
LINK TO POST COPIED TO CLIPBOARD