[tubularbell]

Research from Consumentenbond in the Netherlands showed that 42 phones out of 110 tested phones were able to be unlocked with a picture. Among these 42 also the KEY2. I suppose the same goes for the LE.

https://www.consumentenbond.nl/veili...ning-te-hacken

Although there is a warning, this surely doesn't really look good on a brand that claims to be among the safest where it comes to Android.

[geobueck]

the key2 Has no face unlock I think?! or am I wrong???

[tubularbell]

the key2 Has no face unlock I think?! or am I wrong???

Through Smart Lock

[TheBond]

Yep that's been the same with Android all along.
You're always better to use pin, password, pattern and/or fingerprint.
There's also a picture password but that has its own weaknesses.

[tubularbell]

Yep that's been the same with Android all along.
You're always better to use pin, password, pattern and/or fingerprint.
There's also a picture password but that has its own weaknesses.

What worried me was that the KEY's were among the worst performers.
Several Huawei and Samsung devices performed way better. And in my book that is not what you'd want as BlackBerry and TCL.

[TheBond]

What worried me was that the KEY's were among the worst performers.
Several Huawei and Samsung devices performed way better. And in my book that is not what you'd want as BlackBerry and TCL.

By "KEY's" you mean physical keyboard or BlackBerry Key series? I have Samsung Note 8 and I don't think Key² is any bad in terms of what it is intended to do. It has better multitasking capabilities than S8. But then again, different style of phones to do different type of things.

[tubularbell]

By "KEY's" you mean physical keyboard or BlackBerry Key series? I have Samsung Note 8 and I don't think Key² is any bad in terms of what it is intended to do. It has better multitasking capabilities than S8. But then again, different style of phones to do different type of things.

I mean the phones. And the article is about lack of security. Several Samsung and Huawei devices performed better than the BlackBerry KEY ² on face recognition. The KEY's were able to be unlocked with a picture of the user, where it is supposed not to unlock in that case.
And that's not good advertising....

[pgg101]

Most enterprises disable facial recognition on their phones for that reason. It's not that surprising.

[tubularbell]

Most enterprises disable facial recognition on their phones for that reason. It's not that surprising.

To me it would be logical if BlackBerry Mobile would do the same for now, unless they can fix it with a security patch.

[pgg101]

To me it would be logical if BlackBerry Mobile would do the same for now, unless they can fix it with a security patch.

On BB10, my employer disabled picture password and the assistant from reading out emails. The OS has the features, but it's up to the organization to determine how secure they want to make it. Should BlackBerry Ltd have removed picture password and assistant from BB10?

[tubularbell]

On BB10, my employer disabled picture password and the assistant from reading out emails. The OS has the features, but it's up to the organization to determine how secure they want to make it. Should BlackBerry Ltd have removed picture password and assistant from BB10?

Well, if it is a company phone, I can imagine. But this is about the basics. BlackBerry Mobile claims that these are the Most secure Android phones in the world. But this doesn't apply for the camera software apparently.
And ofcourse one can argue that overall the phones are still the most secure. But that doesn't change the fact that this is bad press when you make that claim...

[Blackberryphosphamide]

If someone was determined to gain access to an area holding valuable information or products which was being secured by a system utilising facial recognition then I can believe they might go to the effort of acquiring a photograph of somebody with authorised access to that area. However, if I were using facial recognition as the primary method for securing my phone and I lost it tomorrow, I wouldn't be worried about somebody accessing my phone because they probably wouldn't even know who it belonged to. And I can't see someone punching my lights out and snapping a close up picture of my face on their phone just so they can access my phone. They might as well cut my thumb off at the same time just in case i'm using fingerprint ID too

[tubularbell]

If someone was determined to gain access to an area holding valuable information or products which was being secured by a system utilising facial recognition then I can believe they might go to the effort of acquiring a photograph of somebody with authorised access to that area. However, if I were using facial recognition as the primary method for securing my phone and I lost it tomorrow, I wouldn't be worried about somebody accessing my phone because they probably wouldn't even know who it belonged to. And I can't see someone punching my lights out and snapping a close up picture of my face on their phone just so they can access my phone. They might as well cut my thumb off at the same time just in case i'm using fingerprint ID too

Haha, that's ofcourse always true. But I can imagine that it is considered a blow to the image to certain people. I cannot help but thinking that John Chen is not amused by this...

[mralgi]

Research from Consumentenbond in the Netherlands showed that 42 phones out of 110 tested phones were able to be unlocked with a picture. Among these 42 also the KEY2. I suppose the same goes for the LE.

https://www.consumentenbond.nl/veili...ning-te-hacken

Although there is a warning, this surely doesn't really look good on a brand that claims to be among the safest where it comes to Android.

Yikes. You would think that Blackberry would have covered that loophole in the Key series devices.

[GoGoGoose]

Most phones don't have this awesome input device, so I can see the use of delving into other gimmicks in lieu of password or thumbprint. But good grief, knowing already that facial recognition technology is still in its infancy, why would you even use that on the pkb device.

[Bla1ze]

What worried me was that the KEY's were among the worst performers.
Several Huawei and Samsung devices performed way better. And in my book that is not what you'd want as BlackBerry and TCL.

Huawei and Samsung use their own mechanisms. BlackBerry and TCL don't actually have any of their own, it's using what Google offered in the core OS. The test while interesting, does a bad job of outlining what facial recognition systems were used, it doesn't state if it was using the OEM offerings or just using what is offered in stock Android which hasn't been improved in forever and shouldn't be used.

[tubularbell]

Huawei and Samsung use their own mechanisms. BlackBerry and TCL don't actually have any of their own, it's using what Google offered in the core OS.

That may be, but it doesn't make it less concerning. I would have imagined that TCL had adressed this vulnerability one way or another. It just doesn't look well on a phone with a name that is so strongly associated with security.

[Bla1ze]

That may be, but it doesn't make it less concerning. I would have imagined that TCL had adressed this vulnerability one way or another. It just doesn't look well on a phone with a name that is so strongly associated with security.

That's the thing.. I'm not sure they can entirely. If they never added their own and are using the built-in Google offering, they may not have been able to address it and pass the requirements needed for Google Play services with the function removed. Hard to say without knowing more.

[Blackberryphosphamide]

Huawei and Samsung use their own mechanisms. BlackBerry and TCL don't actually have any of their own, it's using what Google offered in the core OS. The test while interesting, does a bad job of outlining what facial recognition systems were used, it doesn't state if it was using the OEM offerings or just using what is offered in stock Android which hasn't been improved in forever and shouldn't be used.

With BlackBerry still being in the software business with a focus on providing secure management and communication in the Internet Of Things do you think they might develop their own facial recognition software? Or would that not really integrate with what they're working on now?

[Bla1ze]

With BlackBerry still being in the software business with a focus on providing secure management and communication in the Internet Of Things do you think they might develop their own facial recognition software? Or would that not really integrate with what they're working on now?

Doubt it. People take that 'software company' thing far too seriously and try and relate it to phones, phone software is not at the top of BlackBerry Ltd's interests. When they say software company, they mean UEM, BlackBerry Spark, etc. They don't mean 'we're going to fix Android in every way!'. That, and I don't think BlackBerry believes Facial Recognition is secure anyway, they didn't even ease into fingerprints easily.

[tubularbell]

That's the thing.. I'm not sure they can entirely. If they never added their own and are using the built-in Google offering, they may not have been able to address it and pass the requirements needed for Google Play services with the function removed. Hard to say without knowing more.

I understand. Just pondering makes me wonder: couldn't they extend the collaboration with Samsung?

[Vistaus]

Through Smart Lock

Please explain as I can't find face unlock anywhere on the KEY2.

[Bla1ze]

I understand. Just pondering makes me wonder: couldn't they extend the collaboration with Samsung?

That's one way, I suppose. Another would be to let implement their own as that would replace the weak Google one.

[Bla1ze]

Please explain as I can't find face unlock anywhere on the KEY2.

Settings>Search for Smart Lock>Tap on Smart Lock>Enter Password>Find Trusted Face.

[tubularbell]

Please explain as I can't find face unlock anywhere on the KEY2.

Settings -> Security & Location -> Smartlock