The "secure" BB10 OS is not great at establishing secure connections because it uses dated protocols
- I still wonder about DES and its parity bits in the key. It has yet to be proven of a NSA backdoor still, right? Though after Snowden, I'm sure people probably assume there is a backdoor, lol.02-27-14 06:21 PMLike 0
- A beast attack hmm. It's the book of revelations repent I tell you repent!
Enough you said your peace. But seriously keep that secure stuff of your phone and you will be OK. Peace all
Posted via CB1002-27-14 09:06 PMLike 0 - This has been an interesting thread to read. As one that deals with crypto on a fairly regular basis (no I don't have a PhD in mathematics, and I do not profess to have an intimate knowledge of cryptographic algorithms) I thought I would chime in on this.
Yes TLS 1.0 and 1.1 do have published exploits, and the move is on to get to TLS 1.2. However, one of the items that is probably slowing everyone to supporting it us that while TLS 1.0 and 1.1 have a clearly defined process for falling back to a prior level of tls/ssl, tls 1.2 does not,thus making implementation a challenge.
The different ciphers that are used are independent of the ssl variant used (keep in mind that tls 1.0 can also be thought of as ssl v4). SSL/TLS define a protocol that is used in negotiation of the encryption to be used in the session. Part of this negotiation is the decision on what cryptographic cipher will be used. Both the server and the client have a list of ciphers they support, and a sequence in which they support it. When the client connects, it asks the server for it's list of supported ciphers. It the goes.down the list, and the first one that matches is the one that gets used. This is a simplistic description of all that goes on, but it is the way it happens.
Thus, the actual security of an https session, is dependent on the settings of both server and client. Is the owner of.the website chooses to support this ciphers that have been clearly identified has having deficiencies, then the potential exists for the encryption to be weak, as once the cipher is chosen, all subsequent traffic.is done via a symmetric encryption key that was randomly generated during the ssl/tls negotiation.
My knowledge comes from dealing with secure file transmission in my work, and my digging to understand what's going on during the negotiation process. Yes Wikipedia can be used as a tool for resource, but is only as good as the information put into it.
Posted from an alternate universe via my Tardis enabled Z10!02-27-14 10:07 PMLike 3 - Bla1zeCB OGAttachment 250831
TL;DR
BlackBerry's choice of Internet Security Protocols to secure Internet connections made from a BlackBerry 10 device is not the greatest and the competition is doing much better. BlackBerry 10 is using TLS 1.0, the competition TLS 1.2.
I'll let you decide if TLS 1.0 is safe enough to protect your connection to sites and services you use. Cryptographers, the US National Institute of Standards and Technology (NIST), Microsoft all say it isn't.02-27-14 10:24 PMLike 0 -
About BlackBerry Device Service solution security
Both the browser and apps, on both sides of Balance use TLS 1.0 at best.
The underlying libraries support more algorithms than what's available through the TLS bundle and VPNs can use stronger encryption.02-28-14 03:51 AMLike 0 -
Yes, BlackBerry should address the use of older crypto code. While I doubt doing so would have any real effect on security, they are facing more and more competition in the security space. They shouldn't give competitors that kind of ammunition. I see it as a business problem, not a security problem.02-28-14 11:38 AMLike 0 -
-
- Sith_ApprenticeMod Team EmeritusThe document from BlackBerry I listed in the OP says so:
About BlackBerry Device Service solution security
Both the browser and apps, on both sides of Balance use TLS 1.0 at best.
The underlying libraries support more algorithms than what's available through the TLS bundle and VPNs can use stronger encryption.
http://docs.blackberry.com/en/admin/...verview_en.pdf Take a look there.anon(2729369) likes this.03-12-14 09:48 AMLike 1 - All work data is protected between device and BES. Anything past that unfortunately is not protected by BES.
http://docs.blackberry.com/en/admin/...verview_en.pdf Take a look there.
What I got from it:
- It's more dangerous to connect to apps from work than it is from outside of work, since an attacker on the same network only needs to break TLS to have access to data from the target.
- When outside of work, it doesn't matter if the TLS tunnel is broken, since the inner tunnel is still safely encrypted using BlackBerry's encryption layer.
- Link supports TLS 1.1, not that it changes much in terms of strength of encryption
- It's still not clear to me if any proxy can be used to route TLS traffic or if businesses have to use the MDS, which only supports TLS 1.1 according to that document.
- Backups, data at rest, app verifications all use strong encryption, so it's strange to still have TLS 1.0 on devices.
Sith_Apprentice and jajor like this.03-12-14 12:23 PMLike 2 - No look what we've done:
BB10's 'dated' crypto lets snoops squeeze the juice from your BlackBerry – researcher • The Register
I thought we are protected from the BEAST!andyj1967 likes this.03-12-14 01:24 PMLike 1 - No look what we've done:
BB10's 'dated' crypto lets snoops squeeze the juice from your BlackBerry �€“ researcher �€� The Register
I thought we are protected from the BEAST!03-12-14 03:22 PMLike 0 - No look what we've done:
BB10's 'dated' crypto lets snoops squeeze the juice from your BlackBerry – researcher • The Register
From My Sexy Blackberry Z1003-12-14 05:49 PMLike 0 - Just want to thank ofutur and IanWood62 for their insightful posts. I learnt something from your posts. This is what makes Crackberry a good forum!Sith_Apprentice and anon(2729369) like this.03-12-14 07:28 PMLike 2
- Sith_ApprenticeMod Team EmeritusThat's one document I wanted to take a look at . It's pretty detailed, which is great.
What I got from it:
- It's more dangerous to connect to apps from work than it is from outside of work, since an attacker on the same network only needs to break TLS to have access to data from the target.
- When outside of work, it doesn't matter if the TLS tunnel is broken, since the inner tunnel is still safely encrypted using BlackBerry's encryption layer.
- Link supports TLS 1.1, not that it changes much in terms of strength of encryption
- It's still not clear to me if any proxy can be used to route TLS traffic or if businesses have to use the MDS, which only supports TLS 1.1 according to that document.
- Backups, data at rest, app verifications all use strong encryption, so it's strange to still have TLS 1.0 on devices.
Posted via CB1003-13-14 05:45 AMLike 3 - You have to break the TLS1.0, AND AES256 to get the encrypted data ALL BES data in transit is encrypted. Now, if you break the TLS you can intercept traffic between BES and app server absolutely. So both right and wrong in your statement. It isn't any less secure, but the TLS connection is still TLS1.0. You would have to get a malicious app into the workspace (can only be a bb10 app and HAS to be whitelisted from BES) but it is possible.
Posted via CB10
I was referring to this diagram. When you're connected to work wifi, there is no AES256 encryption. You simply need to be on the same network and break TLS 1.0 to have access to the data.
For example, in a work Wi-Fi connection, the data that a device and the BlackBerry Device Service send between each other is encrypted using SSL encryption. The data that the device and work wireless access point send to each other uses Wi-Fi encryption (unless the work wireless access point is an open network). Because the device uses tunneling, the data that the device sends to the BlackBerry Device Service is encrypted first by SSL encryption and then by Wi-Fi encryption as it travels between the device and the wireless access point
Regarding ElReg's article, I'm glad that people have contacted the journalist so that he could update his article to make it more accurate. I wished he had tried to discuss a few scenarios where this could be a problem.
On the same website, you can see that proper implementation of security components also matters (as mentioned by people in this thread) as Apple's pseudo-random number generator has just been discovered to be weak and predictable.
“An unprivileged attacker, even when confined by the most restrictive sandbox, can recover arbitrary outputs from the generator and consequently bypass all the exploit mitigations that rely on the early random PRNG,” Mandt concludes.
03-18-14 08:26 AMLike 0 - 03-18-14 09:48 AMLike 0
- I found this article from the Google Online Security Blog to be informative
Summary
While we recommend the world move to support TLS 1.2, AES-GCM and ChaCha20-Poly1305 (as Chrome and Google are doing) we have to deal with a large fraction of the Internet that moves more slowly than we would like. While RC4 is fundamentally flawed and must be replaced, the attacks against it are very costly. The attacks against CBC mode, however, are much more practical and only one can be conclusively addressed on the client side. It is not clear which is best when nothing better is available.
TLS 1.2 is needed in order to use AES-GCM and ChaCha20-Poly1305. TLS 1.2 deployment is hampered by older servers that fail to process valid TLS messages and thus break version negotiation. It also remains to be seen whether firewalls and other network intermediaries are erroneously processing TLS connections that pass through them, breaking TLS 1.2. Chrome 32 includes an experiment that tests for this issue. If TLS 1.2 is found to be viable on the modern Internet, remedial measures can be taken to repair the TLS version negotiation without breaking the previously mentioned, flawed TLS servers.03-18-14 10:36 AMLike 0 - A huge vulnerability in OpenSSL, one of the crypto libraries used by BlackBerry, has been revealed on Monday.
Let's see how long it takes BlackBerry to patch BlackBerry 10...
A rogue server can compromise any connected client which uses the library.
Attacks don't leave a trace and thus, if BlackBerry takes security seriously, they should also revoke all their server certificates and replace them with new ones...
What leaks in practice?
We have tested some of our own services from attacker's perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.
Does OpenSSL's FIPS mode mitigate this?
No, OpenSSL Federal Information Processing Standard (FIPS) mode has no effect on the vulnerable heartbeat functionality.
Btw, anybody can steal all admins and mods passwords on here right now...
EDIT 2:
Example of leaked passwords as seen by anybody who can do a search on the Internet for tools to get servers to send passwords, courtesy of Yahoo!
EDIT 3:
List of vulnerable sites
https://github.com/musalbas/heartble...er/top1000.txt
EDIT 4:
BlackBerry is on the case and upgrading servers as I write this
EDIT 5: Crackberry has been patched!Last edited by ofutur; 04-08-14 at 08:22 AM.
kbz1960 and flyingsolid like this.04-08-14 03:39 AMLike 2 - Oooh snap.
Heartbleed Bug
The vulnerable versions have been out there for over two years now and they have been rapidly adopted by modern operating systems. A major contributing factor has been that TLS versions 1.1 and 1.2 came available with the first vulnerable OpenSSL version (1.0.1) and security community has been pushing the TLS 1.2 due to earlier attacks against TLS (such as the BEAST).
Seems there's some intelligence in BlackBerry staying with TLS 1.0.
Not only is it immune to the BEAST attack, it's also now immune to the Heartbleed vulnerability.
Go BlackBerry!Richard Buckley and BCITMike like this.04-08-14 09:33 PMLike 2 - Oooh snap.
Heartbleed Bug
TLS 1.0 does NOT contain the vulnerable version of OpenSSL and therefore BlackBerry 10 is not affected by the heartbleed vulnerability.
Seems there's some intelligence in BlackBerry staying with TLS 1.0.
Not only is it immune to the BEAST attack, it's also now immune to the Heartbleed vulnerability.
Go BlackBerry!
Posted via CB1004-09-14 02:51 AMLike 0 - TLS 1.0 does NOT contain the vulnerable version of OpenSSL and therefore BlackBerry 10 is not affected by the heartbleed vulnerability.
Seems there's some intelligence in BlackBerry staying with TLS 1.0.
Not only is it immune to the BEAST attack, it's also now immune to the Heartbleed vulnerability.
Go BlackBerry!
BlackBerry 10 uses OpenSSL 1.0.1e and is vulnerable...04-09-14 03:26 AMLike 0
- Forum
- BlackBerry 10 Phones & OS
- BlackBerry 10 OS
The "secure" BB10 OS is not great at establishing secure connections because it uses dated protocols
« It's probably already too late to worry about FREAK vulnerability
|
Update for BlackBerry 10 devices »
Similar Threads
-
Not Taking a Step Back
By JAS0NB0URNE in forum BlackBerry ClassicReplies: 11Last Post: 02-28-14, 02:05 PM -
BlackBerry ahead of Android 2 years back , hope we had the same thing now.
By rave1090 in forum General BlackBerry News, Discussion & RumorsReplies: 4Last Post: 02-25-14, 11:43 AM -
It's business as usual with app development on the BlackBerry Q20
By CrackBerry News in forum CrackBerry.com News Discussion & ContestsReplies: 1Last Post: 02-25-14, 11:12 AM
LINK TO POST COPIED TO CLIPBOARD