- Hi,
My experience, so far, is the following :
- you can use an Android app (openkeychain in my case) to generate your private key and get public keys for your contacts on public servers
- or you can import keys exchanged by email (not very good practise for the private key...)
- anybody can add pgp private and public key to their phone by going to parameters -> security -> pgp (I'm running 10.3.2.x)
- if you have an ActiveSync account (whatever supplier apparently, mine is just a php frontend for standard imap+carddav+caldav), then you have an option available to use pgp in your email app
- so far, I have been able to sign, crypt, check signature and decrypt emails with other BlackBerry 10 phones with pgp
- so far I can only sign, crypt and check signature with people not having BlackBerry 10 , I cannot decrypt their messages even if I have their public key
Posted via CB10
I used Openkeychain to create key(s) on my Z30. How do I get my private send public key from Openkeychain into my OS. Do I just backup my key(s) from Openkeychain and then point my OS to that file?
Posted via CB1009-07-15 09:34 AMLike 0 -
- Not making excuses for BlackBerry, but I wanted to let you guys know that there is a solution for encryption that doesn't require BES or accessing your mail through an Android app, as long as you have some control over your server.
Zixmail is available as a hosted solution or can be installed on your own server, and will encrypt/decrypt right on the email server. You can configure it so that it will encrypt an outgoing mail based on a keyword in the subject line of the email.
I use Google Apps for mail processing, and run outgoing mail through the Zix gateway for encryption as needed. If you encrypt to someone who doesn't use Zix, they can decrypt the email through a https site. Incoming encrypted messages are automatically decrypted by the server.
This is possible through a number of email providers (Microsoft, Google, Yahoo, etc) or on your own server if you have one.
I can see that everyone on this thread seems to understand encryption way better than me, but still it strikes me as a "pretty good" solution that must be easy to implement if even I can do it.
Posted via CB1009-07-15 11:20 AMLike 0 - http://www.strongpgp.com/Hello,
This threads is really interesting to me as native PGP would be excellent on my Blackberry Passport (and other BB10 devices actually).
Here is what I have managed to do, so far, but I think that Blackberry is actually blocking the last step, sadly. Otherwise I would have PGP support without BES12, nearly out of the box.
A little bit of background first : I self-host my web services.
For a few years, I wanted to be out of google and co and try to "contain" my privacy at best. No easy these days, especially that I still want to be connected.
I have a VPS in Europe (2€/months !) with Debian on it.
On top of, I installed Yunohost layer (yunohost.org for the curious ones), which gives nearly out of the box :
- Imap (for emails)
- carddav (for contacts)
- caldav (for calendars)
- Other web app such as Owncloud (files sharing), Roundcube (webmail) and lots of other excellent web app.
Recently, I have installed z-push, which is an ActiveSync php layer between imap+carddav+caldav and my Blackberry.
Thanks to z-push, I can install in one go and very easily an account on a BB10 device.
Great.
And I get push notifications, which is even better.
Since I'm running 10.3.2.2204 on my Passport, I noticed immediately the PGP extention in the parameters -> safety and in emails, but I've never been able to activate it.
Since I have ActiveSync, I suppose my Blackberry believes it is a pro account with microsoft server and it now lets me activate PGP.
I have installed openkeychain (OpenKeychain from F-Droid) and generated a new set of public/private keys.
I saved this key on my phone and installed it on my phone via the parameters -> security -> PGP section. WORKING
Then I grabbed a public key from a kind contact (he has a working PGP installation) and installed it in my Passport. WORKING
Following this, we ran a few tests :
- Signing an email from the Blackberry (apparently working)
- Verifying a signed signature from the Blackberry (apprently working)
- Crypting an email from the Blackberry (apparently working)
When I say "apparently working", it means that the desktop software of my friend tells him it is actually signed or cryted.
But I cannot uncrypt an email.
I have to say, all of this is extrememy frustrating and I suppose that there is nothing missing for it to work. It is all there but Blackbery is blocking it in the system.
I should try with a newer system as soon as I find one.
Any thoughts on what I can do to try making this working ?
Could some�one using PGP and BES12 contact me in private for us to make a test by any chance ?
Obviously, my self hosting server is small and simple tool, which suits me, for a private use. I cannot (and I don't want to) install a windows serveur+license with a ActiveSync server+licence with a BES12 serveur and Symantec crap on top of thisLast edited by cveks; 01-22-16 at 05:15 PM.
12-15-15 04:49 AMLike 0 - Bump? Any news on PGP integration for ALL users? The whatsapp development and the generel privacy development and PGP usage/request must put blackberry in some kind of pressure to make this a normal feature, also for non BES users, since BES is a pain in the **** to license when its for privat use and not company.
Any news on this matter?01-14-16 04:37 PMLike 0 - BES is not really a pain in the bum, it's rather expensive nonetheless.
Bump? Any news on PGP integration for ALL users? The whatsapp development and the generel privacy development and PGP usage/request must put blackberry in some kind of pressure to make this a normal feature, also for non BES users, since BES is a pain in the **** to license when its for privat use and not company.
Any news on this matter?01-14-16 05:54 PMLike 0 - integrating PGP for everyone would be a nice addition for the next maintenance release in March.
Posted via -Classic SQC100-1 / 10.3.++01-15-16 03:18 AMLike 0 -
-
- Blackberry forgot that not all BB users are in a corporate environment, it should be an "accessible way" to use this option.
Sadly this will be my last BB device, even Iphone and Android have S/mime mail clients.01-25-16 11:47 AMLike 0 -
- Keys manually imported onto the smartphone using device options Settings\System Settings\Security and Privacy\PGP Keys do not take presidence over the BlackBerry Enterprise Service 12 PGP key distribution and as such, key(s) obtained from the Symantec Encryption Management server will be the ones utilized.
My guess is the symantec PGP keys have some sort of identifier in order for the handset to identify it as taking precedence, or using bes to push the PGP key to the handset. I've tried the open Keychain method and in the PGP drop down list it says 'my keys' which stays unpopulated. Also key server requests via os are only tooled to pull from symantec key servers, which requires a ssl cert to be pushed to the handset. Imo it would be a small change for bb to implement PGP for all, be it containing a release of responsibility for RIM pertaining to communicating with unsecured non ssl key servers. Sadly as pointed out it is a selling option, I havnt tried KEYone yet, can anyone confirm how PGP works on it? I'm assuming k9 and openkeychain work great but I'd much rather prefer baked in PGP support with security measures. My 2 cents, have a good one my fellow berryites.09-24-17 02:12 PMLike 0 - Not making excuses for BlackBerry, but I wanted to let you guys know that there is a solution for encryption that doesn't require BES or accessing your mail through an Android app, as long as you have some control over your server.
Zixmail is available as a hosted solution or can be installed on your own server, and will encrypt/decrypt right on the email server. You can configure it so that it will encrypt an outgoing mail based on a keyword in the subject line of the email.
I use Google Apps for mail processing, and run outgoing mail through the Zix gateway for encryption as needed. If you encrypt to someone who doesn't use Zix, they can decrypt the email through a https site. Incoming encrypted messages are automatically decrypted by the server.
This is possible through a number of email providers (Microsoft, Google, Yahoo, etc) or on your own server if you have one.
I can see that everyone on this thread seems to understand encryption way better than me, but still it strikes me as a "pretty good" solution that must be easy to implement if even I can do it.
Posted via CB10
Posted via CB1009-26-17 03:34 AMLike 0 - I have S/MIME on my Passport with an exchange account and it works fine (without BES), also on my BlackBerry Priv.12-21-17 08:04 AMLike 0
-
-
- 12-21-17 10:16 AMLike 1
-
- Everyone has two keys, the public one and the private one. You keep the private one hidden and hand out the public key to anyone you want to talk with securely, Facebook in this case. If you set PGP on Facebook up, Facebook encrypts all of their emails to you with your public key, such that the only person who can decrypt the email text and read its contents is whoever holds the corresponding private key (i.e. you). Private keys never change hands, while public keys (what Facebook gets) are meant to be shared.12-21-17 10:49 AMLike 0
- i get that part, but why would you be emailing with facebook?
also, how do i send a secure email to a far away recipient? oh wait...i remember. they send me their public key
Posted via CBX12-21-17 10:53 AMLike 0 -
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
PGP integration on BlackBerry 10 for all users
Similar Threads
-
New BlackBerry 10 Slider Rumored Spec's.
By AtInsider in forum BlackBerry PrivReplies: 95Last Post: 06-10-15, 05:05 PM -
Why I have interest for the Leap
By piquepoc in forum BlackBerry LeapReplies: 7Last Post: 03-05-15, 11:30 AM -
Can I get some advise on selling/trading my way to a Passport?
By tcrosby86 in forum Ask a QuestionReplies: 3Last Post: 03-04-15, 01:37 PM -
Verify BlackBerry ID
By Ayla Pnx in forum BlackBerry Z10Replies: 1Last Post: 03-04-15, 08:27 AM -
Gmail on Hub not pulling contacts properly
By davefromcm in forum Ask a QuestionReplies: 0Last Post: 03-04-15, 07:55 AM
LINK TO POST COPIED TO CLIPBOARD