12-21-17 11:19 AM
52 123
tools
  1. ramirom's Avatar
    gonna test it today if i can get time. it is a shame if it is like you say. i was hoping to use it to decrypt mail sent from anywhere not only bb 10 devices.
    08-18-15 12:39 PM
  2. polytan02's Avatar
    My experience so far is that it will not work outside of BlackBerry 10 environment.

    This been said, I could make it work with BES or Microsoft server.

    Posted via CB10
    08-18-15 01:24 PM
  3. sparkaction's Avatar
    Hi,

    My experience, so far, is the following :
    - you can use an Android app (openkeychain in my case) to generate your private key and get public keys for your contacts on public servers
    - or you can import keys exchanged by email (not very good practise for the private key...)
    - anybody can add pgp private and public key to their phone by going to parameters -> security -> pgp (I'm running 10.3.2.x)
    - if you have an ActiveSync account (whatever supplier apparently, mine is just a php frontend for standard imap+carddav+caldav), then you have an option available to use pgp in your email app
    - so far, I have been able to sign, crypt, check signature and decrypt emails with other BlackBerry 10 phones with pgp
    - so far I can only sign, crypt and check signature with people not having BlackBerry 10 , I cannot decrypt their messages even if I have their public key


    Posted via CB10
    Hi

    I used Openkeychain to create key(s) on my Z30. How do I get my private send public key from Openkeychain into my OS. Do I just backup my key(s) from Openkeychain and then point my OS to that file?

    Posted via CB10
    09-07-15 09:34 AM
  4. sparkaction's Avatar
    In Openkeychain, which keys are my private and public keys?

    Posted via CB10
    09-07-15 09:55 AM
  5. woofhaven's Avatar
    Not making excuses for BlackBerry, but I wanted to let you guys know that there is a solution for encryption that doesn't require BES or accessing your mail through an Android app, as long as you have some control over your server.

    Zixmail is available as a hosted solution or can be installed on your own server, and will encrypt/decrypt right on the email server. You can configure it so that it will encrypt an outgoing mail based on a keyword in the subject line of the email.

    I use Google Apps for mail processing, and run outgoing mail through the Zix gateway for encryption as needed. If you encrypt to someone who doesn't use Zix, they can decrypt the email through a https site. Incoming encrypted messages are automatically decrypted by the server.

    This is possible through a number of email providers (Microsoft, Google, Yahoo, etc) or on your own server if you have one.

    I can see that everyone on this thread seems to understand encryption way better than me, but still it strikes me as a "pretty good" solution that must be easy to implement if even I can do it.

    Posted via CB10
    09-07-15 11:20 AM
  6. cveks's Avatar
    http://www.strongpgp.com/
    Hello,

    This threads is really interesting to me as native PGP would be excellent on my Blackberry Passport (and other BB10 devices actually).

    Here is what I have managed to do, so far, but I think that Blackberry is actually blocking the last step, sadly. Otherwise I would have PGP support without BES12, nearly out of the box.

    A little bit of background first : I self-host my web services.
    For a few years, I wanted to be out of google and co and try to "contain" my privacy at best. No easy these days, especially that I still want to be connected.

    I have a VPS in Europe (2€/months !) with Debian on it.
    On top of, I installed Yunohost layer (yunohost.org for the curious ones), which gives nearly out of the box :
    - Imap (for emails)
    - carddav (for contacts)
    - caldav (for calendars)
    - Other web app such as Owncloud (files sharing), Roundcube (webmail) and lots of other excellent web app.

    Recently, I have installed z-push, which is an ActiveSync php layer between imap+carddav+caldav and my Blackberry.

    Thanks to z-push, I can install in one go and very easily an account on a BB10 device.
    Great.
    And I get push notifications, which is even better.

    Since I'm running 10.3.2.2204 on my Passport, I noticed immediately the PGP extention in the parameters -> safety and in emails, but I've never been able to activate it.
    Since I have ActiveSync, I suppose my Blackberry believes it is a pro account with microsoft server and it now lets me activate PGP.

    I have installed openkeychain (OpenKeychain from F-Droid) and generated a new set of public/private keys.

    I saved this key on my phone and installed it on my phone via the parameters -> security -> PGP section. WORKING
    Then I grabbed a public key from a kind contact (he has a working PGP installation) and installed it in my Passport. WORKING

    Following this, we ran a few tests :
    - Signing an email from the Blackberry (apparently working)
    - Verifying a signed signature from the Blackberry (apprently working)
    - Crypting an email from the Blackberry (apparently working)

    When I say "apparently working", it means that the desktop software of my friend tells him it is actually signed or cryted.

    But I cannot uncrypt an email.

    I have to say, all of this is extrememy frustrating and I suppose that there is nothing missing for it to work. It is all there but Blackbery is blocking it in the system.

    I should try with a newer system as soon as I find one.

    Any thoughts on what I can do to try making this working ?
    Could someone using PGP and BES12 contact me in private for us to make a test by any chance ?

    Obviously, my self hosting server is small and simple tool, which suits me, for a private use. I cannot (and I don't want to) install a windows serveur+license with a ActiveSync server+licence with a BES12 serveur and Symantec crap on top of this
    Contact me I have setup and proper knowledge to setup everything. It looks to me that Blackberry devices cant decrypt message because of some sort of bug or missing setup , because when I open same message with Thunderbird + PGP , Thunderbird decrypts fine.
    Last edited by cveks; 01-22-16 at 05:15 PM.
    12-15-15 04:49 AM
  7. Kim Christensen2's Avatar
    Bump? Any news on PGP integration for ALL users? The whatsapp development and the generel privacy development and PGP usage/request must put blackberry in some kind of pressure to make this a normal feature, also for non BES users, since BES is a pain in the **** to license when its for privat use and not company.
    Any news on this matter?
    01-14-16 04:37 PM
  8. tollfeeder's Avatar
    BES is not really a pain in the bum, it's rather expensive nonetheless.

    Bump? Any news on PGP integration for ALL users? The whatsapp development and the generel privacy development and PGP usage/request must put blackberry in some kind of pressure to make this a normal feature, also for non BES users, since BES is a pain in the **** to license when its for privat use and not company.
    Any news on this matter?
    01-14-16 05:54 PM
  9. hobgoblin1961's Avatar
    integrating PGP for everyone would be a nice addition for the next maintenance release in March.

    Posted via -Classic SQC100-1 / 10.3.++
    01-15-16 03:18 AM
  10. Kim Christensen2's Avatar
    Lets hope so, but it shouldnt be in march, it should have been yesterday
    01-15-16 03:44 PM
  11. hobgoblin1961's Avatar
    Lets hope so, but it shouldnt be in march, it should have been yesterday
    well yeah should be... but better late than never.

    Posted via -Classic SQC100-1 / 10.3.++
    01-15-16 04:08 PM
  12. Rendergroup's Avatar
    Blackberry forgot that not all BB users are in a corporate environment, it should be an "accessible way" to use this option.

    Sadly this will be my last BB device, even Iphone and Android have S/mime mail clients.
    01-25-16 11:47 AM
  13. Q10Bold's Avatar
    It still wont work on my PP
    07-20-16 07:58 AM
  14. tylersprice's Avatar
    Keys manually imported onto the smartphone using device options Settings\System Settings\Security and Privacy\PGP Keys do not take presidence over the BlackBerry Enterprise Service 12 PGP key distribution and as such, key(s) obtained from the Symantec Encryption Management server will be the ones utilized.

    My guess is the symantec PGP keys have some sort of identifier in order for the handset to identify it as taking precedence, or using bes to push the PGP key to the handset. I've tried the open Keychain method and in the PGP drop down list it says 'my keys' which stays unpopulated. Also key server requests via os are only tooled to pull from symantec key servers, which requires a ssl cert to be pushed to the handset. Imo it would be a small change for bb to implement PGP for all, be it containing a release of responsibility for RIM pertaining to communicating with unsecured non ssl key servers. Sadly as pointed out it is a selling option, I havnt tried KEYone yet, can anyone confirm how PGP works on it? I'm assuming k9 and openkeychain work great but I'd much rather prefer baked in PGP support with security measures. My 2 cents, have a good one my fellow berryites.
    09-24-17 02:12 PM
  15. Leyra B10's Avatar
    The hub has PGP and SMIME and its effective. Facebook now lets you distribute a key so there is a nice easy way to get your keys out there.

    Posted via CB10
    09-26-17 03:31 AM
  16. Leyra B10's Avatar
    Not making excuses for BlackBerry, but I wanted to let you guys know that there is a solution for encryption that doesn't require BES or accessing your mail through an Android app, as long as you have some control over your server.

    Zixmail is available as a hosted solution or can be installed on your own server, and will encrypt/decrypt right on the email server. You can configure it so that it will encrypt an outgoing mail based on a keyword in the subject line of the email.

    I use Google Apps for mail processing, and run outgoing mail through the Zix gateway for encryption as needed. If you encrypt to someone who doesn't use Zix, they can decrypt the email through a https site. Incoming encrypted messages are automatically decrypted by the server.

    This is possible through a number of email providers (Microsoft, Google, Yahoo, etc) or on your own server if you have one.

    I can see that everyone on this thread seems to understand encryption way better than me, but still it strikes me as a "pretty good" solution that must be easy to implement if even I can do it.

    Posted via CB10
    what kind of encryprtion?

    Posted via CB10
    09-26-17 03:34 AM
  17. jumpmen's Avatar
    So as far as I understand there is still no chance to use PGP without BES connection, so only available for enterprise users?

    Posted via CB10
    12-21-17 07:00 AM
  18. CrackPriv's Avatar
    I have S/MIME on my Passport with an exchange account and it works fine (without BES), also on my BlackBerry Priv.
    12-21-17 08:04 AM
  19. Richard Buckley's Avatar
    S/MIME also works with Outlook.com accounts.

    LeapSTR100-2/10.3.3.2205
    12-21-17 08:10 AM
  20. wingnut666's Avatar
    The hub has PGP and SMIME and its effective. Facebook now lets you distribute a key so there is a nice easy way to get your keys out there.

    Posted via CB10
    wouldnt that defeat the whole point? of course they want your keys.

    Posted via CBX
    12-21-17 08:54 AM
  21. thurask's Avatar
    wouldnt that defeat the whole point? of course they want your keys.

    Posted via CBX
    You don't know how public key cryptography works, do you.
    DrBoomBotz likes this.
    12-21-17 10:16 AM
  22. wingnut666's Avatar
    You don't know how public key cryptography works, do you.
    not really...i've attempted it a few times over the years but gave up

    Posted via CBX
    12-21-17 10:43 AM
  23. thurask's Avatar
    not really...i've attempted it a few times over the years but gave up

    Posted via CBX
    Everyone has two keys, the public one and the private one. You keep the private one hidden and hand out the public key to anyone you want to talk with securely, Facebook in this case. If you set PGP on Facebook up, Facebook encrypts all of their emails to you with your public key, such that the only person who can decrypt the email text and read its contents is whoever holds the corresponding private key (i.e. you). Private keys never change hands, while public keys (what Facebook gets) are meant to be shared.
    12-21-17 10:49 AM
  24. wingnut666's Avatar
    i get that part, but why would you be emailing with facebook?
    also, how do i send a secure email to a far away recipient? oh wait...i remember. they send me their public key

    Posted via CBX
    12-21-17 10:53 AM
  25. thurask's Avatar
    i get that part, but why would you be emailing with facebook?
    also, how do i send a secure email to a far away recipient? oh wait...i remember. they send me their public key

    Posted via CBX
    It's for when Facebook emails you, i.e. notification emails.
    12-21-17 10:55 AM
52 123

Similar Threads

  1. New BlackBerry 10 Slider Rumored Spec's.
    By AtInsider in forum BlackBerry Priv
    Replies: 95
    Last Post: 06-10-15, 05:05 PM
  2. Why I have interest for the Leap
    By piquepoc in forum BlackBerry Leap
    Replies: 7
    Last Post: 03-05-15, 11:30 AM
  3. Replies: 3
    Last Post: 03-04-15, 01:37 PM
  4. Verify BlackBerry ID
    By Ayla Pnx in forum BlackBerry Z10
    Replies: 1
    Last Post: 03-04-15, 08:27 AM
  5. Gmail on Hub not pulling contacts properly
    By davefromcm in forum Ask a Question
    Replies: 0
    Last Post: 03-04-15, 07:55 AM
LINK TO POST COPIED TO CLIPBOARD