10-11-17 04:49 PM
29 12
tools
  1. bb10adopter111's Avatar
    I am struggling with notifications being defined at the app level. I want to be able to quickly select notification profiles for different contexts such as "Phone calls only," "Office," "Meetings," "Home," etc. like I could in BB10, then toggle them easily throughout the day.

    So far, it looks like I have to edit notifications in each individual app. I know I must be missing something, because it's inconceivable that I can't quickly change notifications as a group for different contexts.

    Please help.
    Tim-ANC, yourhums and MissBerri like this.
    10-09-17 10:24 AM
  2. citystars41's Avatar
    ive also been looking into this a little. i really just want my phone to be on vibrate for everything but phone calls that would ring.
    10-09-17 10:36 AM
  3. conite's Avatar
    Use Sound Profile by Corcanoe.
    10-09-17 12:34 PM
  4. bb10adopter111's Avatar
    Posted with my trusty Z10
    10-09-17 02:00 PM
  5. bb10adopter111's Avatar
    Use Sound Profile by Corcanoe.
    Thanks, Conite, for the suggestion. I know I sound like a broken record, but I find it incredibly annoying that I have to act like a systems integrator just to use my phone in what I would consider a "normal" way. I'll try the app out, but the lack of global controls for alerts and notifications is inconceivable to me.

    I'm really trying to adjust to Android, but the more time I spend with it, the less confidence I have that anyone on the Android team actually cares about professional use cases. Just this morning I tried to copy a folder with 5 GB of marketing PDFs from my OneDrive account to my KEYone only to find out that, while I can copy files between locations with the native file manager, I can't copy or move FOLDERS!

    Seriously? Who on earth are the business analysts writing the requirements for Android????

    Posted with my trusty Z10
    MissBerri likes this.
    10-09-17 02:12 PM
  6. conite's Avatar
    Thanks, Conite, for the suggestion. I know I sound like a broken record, but I find it incredibly annoying that I have to act like a systems integrator just to use my phone in what I would consider a "normal" way. I'll try the app out, but the lack of global controls for alerts and notifications is inconceivable to me.

    I'm really trying to adjust to Android, but the more time I spend with it, the less confidence I have that anyone on the Android team actually cares about professional use cases. Just this morning I tried to copy a folder with 5 GB of marketing PDFs from my OneDrive account to my KEYone only to find out that, while I can copy files between locations with the native file manager, I can't copy or move FOLDERS!

    Seriously? Who on earth are the business analysts writing the requirements for Android????

    Posted with my trusty Z10
    Any decent file manager can copy folders, so I'm not sure what the problem is there (I use Solid Explorer).

    I understand what you're saying, but the default priority mode seems to be enough for most people.

    For notification fiends coming from BB10, the defaults are certainly lacking. I experimented with a few, but I now prefer Sound Profile to BB10. So there you have it.

    I'm fortunate because I both CAN do this and LIKE doing this.

    At the end of the day, every person can create a system that is optimal for their use case. If they can't be bothered, there may be an iPhone with their name on it - which is generally the "good enough" OS.
    10-09-17 02:34 PM
  7. bb10adopter111's Avatar
    There's no way I can use iOS. Sure it's simple, but not in a good way!

    But I'm genuinely stumped when it comes to using a bunch of apps from small developers with no real accountability. I'm currently the COO for a cybersecurity strategy consultancy, and the first thing we tell our clients is to not allow any untrusted players into their cybersecurity supply chain. Our criteria for using any kind of software is that the vendors have to meet criteria consistent with best practices in cybersecurity:
    1) Reputable company with 3+ years in operation that is either publicly traded or, if private, has well known investors.
    2) Physical address in the EU, US or Canada
    3) Named officers, who are legally accountable for their company's actions.
    4) Strong Privacy and Security Policies consistent with NIST Special Publication 800-171

    This works fine for companies like Blackberry and Microsoft, but it pretty much excludes small app developers targeting the individual user market. As an example, "Sound Profile" fails every single one of our criteria except for having a physical address in Spain! For example, here is the statement on Permissions: How do I create BB10-style global notification profiles on the KEYone?-sound-profile-permissions.png. It says:
    Version 1.04 can access Other. Updates to Sound Profile Pro Key may automatically add additional capabilities within each group.
    That's basically a blank check for permissions!

    The developer might be great, and I would be happy to pay for the app, but I can't violate our policies, which we provide in writing as part of our contract with our clients.

    For my personal use, the DTEK app is sufficient to give me confidence that most apps are behaving as described, but I won't risk my reputation for the convenience of a few small apps.

    As for Solid Explorer, again, I would not endorse any of my clients granting highly privileged file manager permissions to a small company in Warsaw. I know many, many wonderful software developers in Poland, and my instinct, like yours, is that NeatBytes is a legit company working hard on developing a useful Android app, but installing it is a non-starter, as it would be for practically any Fortune 1000 company or Tier 1-3 supplier to the federal government in the US.

    Until I find a reputable file manager, I'll just have to transfer files by USB cable, I guess. Sure doesn't feel like a step forward from BB10!

    The whole App Store model is problematic, because there is no real accountability for many of the apps distributed. I know that lots of people download whatever works for them, but, just because a practice is widely used and "normalized" doesn't mean it's safe.

    It's hard enough protecting our networks from seemingly legitimate products like Kaspersky without trying to guarantee the security of tiny companies about whom we have almost no verified information.
    Last edited by bb10adopter111; 10-09-17 at 03:40 PM.
    FF22, MissBerri and yourhums like this.
    10-09-17 03:18 PM
  8. conite's Avatar
    There's no way I can use iOS. Sure it's simple, but not in a good way!

    But I'm genuinely stumped when it comes to using a bunch of apps from small developers with no real accountability. I'm currently the COO for a cybersecurity strategy consultancy, and the first thing we tell our clients is to not allow any untrusted players into their cybersecurity supply chain. Our criteria for using any kind of software is that the vendors have to meet criteria consistent with best practices in cybersecurity:
    1) Reputable company with 3+ years in operation that is either publicly traded or, if private, has well known investors.
    2) Physical address in the EU, US or Canada
    3) Named officers, who are legally accountable for their company's actions.
    4) Strong Privacy and Security Policies consistent with NIST Special Publication 800-171

    This works fine for companies like Blackberry and Microsoft, but it pretty much excludes small app developers targeting the individual user market. As an example, "Sound Profile" fails every single one of our criteria except for having a physical address in Spain! For example, here is the statement on Permissions: Click image for larger version. 

Name:	Sound Profile Permissions.PNG 
Views:	71 
Size:	10.9 KB 
ID:	430439. It says:
    That's basically a blank check for permissions!

    The developer might be great, and I would be happy to pay for the app, but I can't violate our policies, which we provide in writing as part of our contract with our clients.

    For my personal use, the DTEK app is sufficient to give me confidence that most apps are behaving as described, but I won't risk my reputation for the convenience of a few small apps.

    As for Solid Explorer, again, I would not endorse any of my clients granting highly privileged file manager permissions to a small company in Warsaw. I know many, many wonderful software developers in Poland, and my instinct, like yours, is that NeatBytes is a legit company working hard on developing a useful Android app, but installing it is a non-starter, as it would be for practically any Fortune 1000 company or Tier 1-3 supplier to the federal government in the US.

    Until I find a reputable file manager, I'll just have to transfer files by USB cable, I guess. Sure doesn't feel like a step forward from BB10!

    The whole App Store model is problematic, because there is no real accountability for many of the apps distributed. I know that lots of people download whatever works for them, but, just because a practice is widely used and "normalized" doesn't mean it's safe.

    It's hard enough protecting our networks from seemingly legitimate products like Kaspersky without trying to guarantee the security of tiny companies about whom we have almost no verified information.
    Well I can tell you that neither Sound Profile nor Solid Explorer have ever used any of my permissions according to DTEK. Ever.

    But don't forget NSA spyware has been found on even Samsung phones before delivery to the customer.

    Honestly, unless you live inside of an EMM, and stick to the solutions' own apps, your issue is unresolvable in the world today.
    10-09-17 03:39 PM
  9. bb10adopter111's Avatar
    Well I can tell you that neither Sound Profile nor Solid Explorer have ever used any of my permissions according to DTEK. Ever.

    But don't forget NSA spyware has been found on even Samsung phones before delivery to the customer.

    Honestly, unless you live inside of an EMM, and stick to the solutions' own apps, your issue is unresolvable in the world today.
    I think you're right. But I'm still not convinced that indiscriminate downloading of apps from basically anonymous third parties, even from official app stores, is advisable for individuals either. It would be great if we lived in a world where that were possible. But we're very far from that reality.

    Posted with my trusty Z10
    10-09-17 06:30 PM
  10. conite's Avatar
    I think you're right. But I'm still not convinced that indiscriminate downloading of apps from basically anonymous third parties, even from official app stores, is advisable for individuals either. It would be great if we lived in a world where that were possible. But we're very far from that reality.

    Posted with my trusty Z10
    At least many of the big apps (like Solid Explorer) are combed over daily by hoards of propeller heads at XDA and the like. Anything nefarious would most likely have been picked up by now. This is a level of scrutiny unheard of in the land of BB10 apps - even those by BlackBerry themselves.
    10-09-17 06:43 PM
  11. bb10adopter111's Avatar
    At least many of the big apps (like Solid Explorer) are combed over daily by hoards of propeller heads at XDA and the like. Anything nefarious would most likely have been picked up by now. This is a level of scrutiny unheard of in the land of BB10 apps - even those by BlackBerry themselves.
    Yes. And larger enterprises can access threat intelligence databases as well. For sophisticated individuals and organizations there are many ways of assessing the cyber risk of software and cloud services.

    The problem for me, working with smaller and less sophisticated organizations, is that they can't make those assessments with any degree of reliability so they need simple products and policies, and a minimum amount of complexity, to secure the confidentiality, integrity, and availability of their information assets.

    And, just to be clear, these are not optional choices. For many of our smaller clients, a significant data breach or loss of certification would be catastrophic.

    The more time I spend in Android land, the more convinced I am of the value of Blackberry's EMM offerings!

    Posted with my trusty Z10
    yourhums likes this.
    10-09-17 07:12 PM
  12. RegN's Avatar
    Still running my Classic and looking to switch. But I know with using my wife's dtek50 and managing it for her, we struggle with the lack of easy notification options and sounds. No bedside mode. I will check out the app mentioned for her and see if I can find enough positive to look harder at making the switch. Seems basic stuff bb10 just does you have to find an app for.

    Posted via CB10
    yourhums likes this.
    10-09-17 11:36 PM
  13. conite's Avatar
    Seems basic stuff bb10 just does you have to find an app for.
    The corollary is that due to a deprecated ecosystem and complete lack of options, one is forced to use BB10 defaults.
    10-09-17 11:40 PM
  14. bb10adopter111's Avatar
    Obviously that's true, but it's still impressive how much better many of those defaults are for basic use cases than iOS and Android.

    Going back to my original post, it doesn't take a ton of imagination to realize that people carry their phones in different contexts and would like to set global notifiction/alert profiles beyond "Default" and "Do Not Disturb."

    I am very happy with the customization options in Android, but the lack of UX design and basic features in the core OS is very unfortunate.

    I am an avid cyclist, and I might spend $1,500 customizing a $1,500 bicycle, but I expect the bike I buy to be 100% serviceable without the customizations. That's where Android falls short. It's basically a bicycle that comes without a seat or pedals.

    Posted with my trusty Z10
    FF22 and Vladislavt like this.
    10-10-17 09:38 AM
  15. FF22's Avatar
    Obviously that's true, but it's still impressive how much better many of those defaults are for basic use cases than iOS and Android.

    Going back to my original post, it doesn't take a ton of imagination to realize that people carry their phones in different contexts and would like to set global notifiction/alert profiles beyond "Default" and "Do Not Disturb."

    I am very happy with the customization options in Android, but the lack of UX design and basic features in the core OS is very unfortunate.

    I am an avid cyclist, and I might spend $1,500 customizing a $1,500 bicycle, but I expect the bike I buy to be 100% serviceable without the customizations. That's where Android falls short. It's basically a bicycle that comes without a seat or pedals.

    Posted with my trusty Z10
    True, BB10 came with the wheels and seats and if you do not need much else, you were set and your data more or less protected. Unfortunately, even if Google provided those wheels and seats, they would report to the mothership so I'm not sure you gain much but I guess Google might be safer than XYZ corporation incorporated in either Moscow or Beijing. (please, give me a moment, I'm adjusting my tinfoil hat)
    10-10-17 10:08 AM
  16. bb10adopter111's Avatar
    True, BB10 came with the wheels and seats and if you do not need much else, you were set and your data more or less protected. Unfortunately, even if Google provided those wheels and seats, they would report to the mothership so I'm not sure you gain much but I guess Google might be safer than XYZ corporation incorporated in either Moscow or Beijing. (please, give me a moment, I'm adjusting my tinfoil hat)
    LOL. The differences between privacy and cybersecurity are interesting.

    For personal privacy reasons, I avoid most of Google's free services in my private life because I find their free -services-in-return-for-your-personal-data business model to be deceptive and generally unappealing, but I'm not at all hesitant to use G-Suite and other professional Google products because I find that their cybersecurity strategy controls are quite adequate for non-sensitive data.

    In the US, October is Cybersecurity Awareness Month, and many of my clients are very focused on reducing their cyber risk. They are very conflicted about the risk vs. productivity equation for mobile endpoints, and several are rethinking their BYOD strategy completely, either by restricting access to company networks, increased encryption/rights management /or by enforcing EMM policies that significantly reduce their employees' ability to install apps on their devices.

    Recently, a Fortune 1000 Chief Securiy Officer told me, "If employees don't like our policies for smart phones, they can simply carry their laptops with them instead. But we're no longer letting them install anything except whitelisted apps on mobike devices that connect to our network resources. This isn't 2009."

    He further explained that their threat intelligence is showing increasing bad behavior by third party mobile apps using a variety of approaches to obtain user credentials through social engineering and traditional malware.

    Posted with my trusty Z10
    yourhums and FF22 like this.
    10-10-17 10:50 AM
  17. FF22's Avatar
    LOL. The differences between privacy and cybersecurity are interesting.

    He further explained that their threat intelligence is showing increasing bad behavior by third party mobile apps using a variety of approaches to obtain user credentials through social engineering and traditional malware.

    Posted with my trusty Z10
    Oh, you make me feel so much better!!!

    I've taken to telling friends it is not if we will be hacked but when it will happen. I'm old enough to want the good old paper Bank-Pass books we had when I was young. There it was in black and white. No password to hack and no smooth electronic transfer of my wealth (whatever there is of it) and some offshore account.

    I was a computer programmer in a former life. They are to be trusted only so far - readjusting the tin foil it does not appear to be working correctly!
    10-10-17 11:10 AM
  18. bb10adopter111's Avatar
    Oh, you make me feel so much better!!!

    I've taken to telling friends it is not if we will be hacked but when it will happen. I'm old enough to want the good old paper Bank-Pass books we had when I was young. There it was in black and white. No password to hack and no smooth electronic transfer of my wealth (whatever there is of it) and some offshore account.

    I was a computer programmer in a former life. They are to be trusted only so far - readjusting the tin foil it does not appear to be working correctly!
    I've seen spearfishing attacks so methodical that only someone clinically paranoid would have avoided them! For example, the latest trend is take someone's hacked email account, export their contacts, then search through Facebook and LinkedIn to find specific shared events or references, then send emails targeted at the first victims's contacts that is specific to each one with a link to Facebook or LinkedIn that steals the 2nd victims' credentials, rinse and repeat.

    The only protection from these sophisticated attacks is robust 2nd factor authentication for every online service that contains sensitive information. Usernames and passwords are like privacy locks on interior doors, a polite request for privacy, not a guarantee of security at all.

    Posted with my trusty Z10
    yourhums likes this.
    10-10-17 12:41 PM
  19. evodevo69's Avatar
    I've read the posts. So if what you're saying is true, why did they switch to android? Was it for the consumers or for enterprise ?

    You're basically saying it would never fly for your clients...so what's the point of the app ecosystem loll
    10-10-17 05:38 PM
  20. bb10adopter111's Avatar
    I've read the posts. So if what you're saying is true, why did they switch to android? Was it for the consumers or for enterprise ?

    You're basically saying it would never fly for your clients...so what's the point of the app ecosystem loll
    Well, the phone is for me, not my clients. And I'm happy to have an Android phone to play with in any case. But the security issues are real for any company that holds any kind of sensitive data.

    I'm not saying that it's impossible to secure Android. But I'm also not convinced that simply segregating personal and enterprise data via an EMM solution is sufficient, either.

    It's one thing to say, as an individual, that you trust a developer based on reputation. But it's another thing entirely to bet your company's existence on an app whose developer uses a personal Gmail address as a contact. The cost of a data breach in some industries can be $10-15,000 per record. If you're a company with 50,000 customers, doing $10,000,000 a year in business, a single significant breach could result in a company-killing judgement leading to bankruptcy and the end of your career., all because one employee used a bad app and sacrificed the confidentiality of sensitive data.

    Enterprise software vendors are willing to sign business associate agreements and offer other warranties and certifications that make them financially and criminally liable for negligence. But small app developers don't.

    There's always a tradeoff between convenience and security. And there's nothing wrong with accepting a risk for the sake of convenience and/or productivity. But I am certainly worried that the app stores have created a false sense of security for people downloading millions of apps from developers who don't accept any liability for mistakes or misdeeds.



    Posted with my trusty Z10
    yourhums likes this.
    10-10-17 06:06 PM
  21. evodevo69's Avatar
    Well, the phone is for me, not my clients. And I'm happy to have an Android phone to play with in any case. But the security issues are real for any company that holds any kind of sensitive data.

    I'm not saying that it's impossible to secure Android. But I'm also not convinced that simply segregating personal and enterprise data via an EMM solution is sufficient, either.

    It's one thing to say, as an individual, that you trust a developer based on reputation. But it's another thing entirely to bet your company's existence on an app whose developer uses a personal Gmail address as a contact. The cost of a data breach in some industries can be $10-15,000 per record. If you're a company with 50,000 customers, doing $10,000,000 a year in business, a single significant breach could result in a company-killing judgement leading to bankruptcy and the end of your career., all because one employee used a bad app and sacrificed the confidentiality of sensitive data.

    Enterprise software vendors are willing to sign business associate agreements and offer other warranties and certifications that make them financially and criminally liable for negligence. But small app developers don't.

    There's always a tradeoff between convenience and security. And there's nothing wrong with accepting a risk for the sake of convenience and/or productivity. But I am certainly worried that the app stores have created a false sense of security for people downloading millions of apps from developers who don't accept any liability for mistakes or misdeeds.



    Posted with my trusty Z10
    Right I understand. So my question is then, what devices do your clients use?
    10-10-17 06:27 PM
  22. z10Jobe's Avatar
    Yep... stock notifications on Android and having to adjust on an app by app basis sucks.

    Z30STA100-5/10.3.3.2163

    Posted via CB10
    10-10-17 08:34 PM
  23. bb10adopter111's Avatar
    Right I understand. So my question is then, what devices do your clients use?
    We work mostly with small and medium businesses, and they currently all over the place. Some use Apple, based on an assumption that it's more secure (which doesn't mean it IS secure). Some allow Apple and Android using an EMM solution, and others have very few policies or controls in place other than 2nd factor Authentication for their Cloud-based resources.

    IMO, mobile cybersecurity has no simple, turn-key solution other than locking mobile devices out of the Enterprise, which costs too much in terms of productivity.

    What we recommend our clients do is focus on identifying sensitive and valuable information assets and develop integrated risk reduction programs for those assets based on people, processes and technology. Assume you will be breached eventually, but put In place plans to limit the impact of that breach, such as not exposing all of your sensitive data at once a la Equifax!

    Posted with my trusty Z10
    yourhums likes this.
    10-10-17 09:09 PM
  24. yourhums's Avatar
    This turned into one of the most interesting threads I've read in a long time. I've missed BB sound profiles since I switched to android years ago. None of the apps I tried did the job reliably. I'll give Sound Profile a look.
    10-10-17 09:59 PM
  25. bb10adopter111's Avatar
    Yep... stock notifications on Android and having to adjust on an app by app basis sucks.

    Z30STA100-5/10.3.3.2163

    Posted via CB10
    I've pretty much decided to turn off all notifications and alerts for every app except the Hub + Suite. If Android is going to make me babysit dozens of individual apps, then I'm going to put them down for a nap!

    Posted with my trusty Z10
    MissBerri likes this.
    10-10-17 10:43 PM
29 12

Similar Threads

  1. Considering making the Switch to the keyone
    By wfm69685 in forum BlackBerry KEYone
    Replies: 8
    Last Post: 10-10-17, 07:30 PM
  2. bb10-0015 error
    By CrackBerry Question in forum Ask a Question
    Replies: 5
    Last Post: 10-10-17, 11:25 AM
  3. Replies: 2
    Last Post: 10-09-17, 03:14 PM
  4. Major problems with new KeyOne
    By DBJS in forum Ask a Question
    Replies: 1
    Last Post: 10-09-17, 09:25 AM
  5. Why is copy and paste shortcut not working on keyone?
    By Ashish Dev in forum BlackBerry KEYone
    Replies: 1
    Last Post: 10-09-17, 08:46 AM
LINK TO POST COPIED TO CLIPBOARD