- So aside from getting 'noticed' on a public wifi network how else could one potentially draw the a attention of people who would take advantage of an old unsuported os and chipset? Just trying wrap my head around how a breach could happen in a day-to-day practical aproach.
Posted via CB10
But I'd suggest that you do your on research on the matter.... see what researchers and tech sites suggest.08-20-20 08:48 AMLike 0 - Anti-virus is no substitute. Apart from taking up resources, it doesn't do a whole lot.
https://www.infopackets.com/news/105...ity%20software.
"It is our opinion that antivirus / antimalware apps would only decrease battery usage (requiring too much CPU power to operate to be effective) and should only be installed if and only if the user believes their phone may be infected."
MalwareBytes Anti-Malware, Avast Mobile Security, AVIRA Antivirus, Panda Free Antivirus and VPN, Bitdefender Mobile Security & Antivirus, Comodo Mobile Security, Samsung Device Maintenance, Dr.Web Security Space, Sophos Mobile Security, Emsisoft Mobile Security, ESET Mobile Security & Antivirus, F-Secure Internet Security & Mobile Antivirus, Symantec Norton Security, Google Play Protect, Trend Micro Mobile Security & Antivirus, Kaspersky Lab Mobile Antivirus, Webroot Mobile Security & Antivirus, and McAfee Mobile Security.
So these that are effective can be used safely and effectively per the study they just don't recommend keeping the app on the users device except for the time to scan and potentially clean as they use resources unnecessarily.08-20-20 10:08 AMLike 0 - This is actually misleading and an opinion piece. Not "fact". The fact is that the following were noted as being effective and recommended as they did not have any false positives.
MalwareBytes Anti-Malware, Avast Mobile Security, AVIRA Antivirus, Panda Free Antivirus and VPN, Bitdefender Mobile Security & Antivirus, Comodo Mobile Security, Samsung Device Maintenance, Dr.Web Security Space, Sophos Mobile Security, Emsisoft Mobile Security, ESET Mobile Security & Antivirus, F-Secure Internet Security & Mobile Antivirus, Symantec Norton Security, Google Play Protect, Trend Micro Mobile Security & Antivirus, Kaspersky Lab Mobile Antivirus, Webroot Mobile Security & Antivirus, and McAfee Mobile Security.
So these that are effective can be used safely and effectively per the study they just don't recommend keeping the app on the users device except for the time to scan and potentially clean as they use resources unnecessarily.08-20-20 10:11 AMLike 0 -
Seems since most of these utilize "whitelisted" issues a user using a device no longer patched say once a month and then uninstalling would be safer and good practice in keep things tidy.08-20-20 11:48 AMLike 0 - Yes- that is what I noted: "So these that are effective can be used safely and effectively per the study they just don't recommend keeping the app on the users device except for the time to scan and potentially clean as they use resources unnecessarily."
Seems since most of these utilize "whitelisted" issues a user using a device no longer patched say once a month and then uninstalling would be safer and good practice in keep things tidy.08-20-20 11:50 AMLike 0 - This is actually misleading and an opinion piece. Not "fact". The fact is that the following were noted as being effective and recommended as they did not have any false positives.
MalwareBytes Anti-Malware, Avast Mobile Security, AVIRA Antivirus, Panda Free Antivirus and VPN, Bitdefender Mobile Security & Antivirus, Comodo Mobile Security, Samsung Device Maintenance, Dr.Web Security Space, Sophos Mobile Security, Emsisoft Mobile Security, ESET Mobile Security & Antivirus, F-Secure Internet Security & Mobile Antivirus, Symantec Norton Security, Google Play Protect, Trend Micro Mobile Security & Antivirus, Kaspersky Lab Mobile Antivirus, Webroot Mobile Security & Antivirus, and McAfee Mobile Security.
So these that are effective can be used safely and effectively per the study they just don't recommend keeping the app on the users device except for the time to scan and potentially clean as they use resources unnecessarily.08-20-20 12:01 PMLike 0 - If I used one (I don't) I would run it as recommended and then uninstall the app and keep it in my GPS library when and if needed. I have actually started doing this more and more with many apps I simply don't use regularly. In cleaning up my sons iPad I noticed this is a method Apple suggests using as well for apps not frequently used.08-20-20 12:28 PMLike 0
-
I have noted before and asked how can Amazon have millions upon millions of tablets in users hands (using older Android OS versions) that connect and interface with peoples personal information and banking information daily on one of the largest e-commerce apps/sites in the world and remain viable to use? If things were that dire with the core OS security wise would they not simply stop allowing their applications to work on these older OS versions? Their liability exceeds almost all other use cases in these terms. Common sense password protection and 2 FA are some of the greatest tools to prevent unauthorized access to peoples data.08-20-20 12:44 PMLike 0 - Well up to date security patches are actually useless to "data harvesting" if in relation to websites. A monthly patch based on prior findings could never keep up. Is it not up to individual websites to ensure these malicious bots don't extract the data to be used for other purposes. In this context the onus is on the website builders and hosting browsers is it not? Isn't Chrome, Edge, Safari, Firefox, etc already fighting this battle to ensure users are as safe as can be? (Patched or not?)
I have noted before and asked how can Amazon have millions upon millions of tablets in users hands (using older Android OS versions) that connect and interface with peoples personal information and banking information daily on one of the largest e-commerce apps/sites in the world and remain viable to use? If things were that dire with the core OS security wise would they not simply stop allowing their applications to work on these older OS versions? Their liability exceeds almost all other use cases in these terms. Common sense password protection and 2 FA are some of the greatest tools to prevent unauthorized access to peoples data.
There are dozens of white papers on it, so I'll leave it to them.
People don't seem to understand the concept that vulnerabilities are published one month after having had the opportunity of being patched. This means that every hacker has an available menu of exploits that they may use.
And absolutely remote code execution can harvest information, track keystrokes, and any number of other things.
The vast majority of the times these things occur are without any user knowledge.Last edited by conite; 08-20-20 at 12:57 PM.
08-20-20 12:47 PMLike 0 -
I am asking "how can Amazon have millions upon millions of tablets/devices in users hands (using older Android OS versions) that connect and interface with peoples personal information and banking information daily on one of the largest e-commerce apps/sites in the world and remain viable to use? (Most importantly) If things were that dire with the core OS security wise would Amazon not simply stop allowing their applications to work on these older OS versions? Do you not agree their liability exceeds almost all other use cases on older devices?08-20-20 12:57 PMLike 0 - We all know security patches take place daily, hourly, shoot even by the minute at the app level and certainly on browsers and hosted websites us users use and utilize each and every day. No doubt security is important.
I am asking "how can Amazon have millions upon millions of tablets/devices in users hands (using older Android OS versions) that connect and interface with peoples personal information and banking information daily on one of the largest e-commerce apps/sites in the world and remain viable to use? (Most importantly) If things were that dire with the core OS security wise would Amazon not simply stop allowing their applications to work on these older OS versions? Do you not agree their liability exceeds almost all other use cases on older devices?
No app developer or website in the world would be held responsible for security issues arising from an outdated OS. There is not a single terms of service agreement that would include that.08-20-20 12:58 PMLike 0 -
How is it possible that millions of Amazon tablets on much older core OS versions ok to use today for billions of dollars of financial transactions and commerce?08-20-20 01:29 PMLike 0 - Would you not agree Amazon and their likes employ some of the most intelligent and leading minds in terms of security for their apps and products? If those teams allowed know vulnerabilities on older OS versions to proliferate on their apps and hardware would they not be risking the trust of every user (and their banking institutions) that has made them one of the largest e-commerce vendors in the world?
How is it possible that millions of Amazon tablets on much older core OS versions ok to use today for billions of dollars of financial transactions and commerce?
Does everyone agree that the length of patch support be increased? - absolutely. For the most part it's gone from 1, to 2, to 3, and now to 4 years with many devices. It's a huge problem.
That's also what projects Treble and Mainline are all about too - getting critical OS upgrades out faster.08-20-20 01:37 PMLike 0 - Does everyone agree that the length of patch support be increased? - absolutely. For the most part it's gone from 1, to 2, to 3, and now to 4 years with many devices. It's a huge problem.
That's also what projects Treble and Mainline are all about too - getting critical OS upgrades out faster.
Getting stuff out faster doesn't necessarily mean longer-lived support, alas.08-25-20 12:39 AMLike 0 -
- Usually nefarious code is buried in apps you install - some of which can come via Play Store despite the many safeguards.
They can also be downloaded in SMS or email attachments, or when connected to other devices.
Clicking on weblinks can install software on your device too.
Subsequent deletion of bad apps or attachments will likely still leave the dangerous code behind.
The question: how safe is my use case on this device?
Posted via BlackBerry Passport Silver Edition11-29-20 04:18 AMLike 0 - Real use scenario is here. I do use BlackBerry KEYone Bronze Edition. My email accounts are in the BlackBerry Hub, also have whatsapp, telegram, signal. Few sensitive apps can be accessed only via the Locker. I use Firefox and Blokada 5. To update Blokada I occasionally permit only Firefox to install apps from unknown source. Firefox warns when it detects potentially nefarious website.
The question: how safe is my use case on this device?
Posted via BlackBerry Passport Silver Edition
That may change in the future releases to X-2 but doesn’t really apply in reverse to Android 9 Pie and earlier. Officially for now, the KEYone Oreo 8.1 is at X-3 but the Key2 and Key2 LE are exception with final security updates released in year 3 recently.11-29-20 09:09 AMLike 0 - As safe as any other Android hardware running OS released in 2017 and security patch from 2019 sometime. Many corporate UEM programs won’t allow it for security reasons since only current Android OS (X) and previous Android OS (X-1) are considered updated and supported. That means Android 11 and Android 10 for now are considered up-to-date.
That may change in the future releases to X-2 but doesn’t really apply in reverse to Android 9 Pie and earlier. Officially for now, the KEYone Oreo 8.1 is at X-3 but the Key2 and Key2 LE are exception with final security updates released in year 3 recently.
Posted via BlackBerry Passport Silver Edition11-29-20 11:56 AMLike 0 -
Hackers continually find new and ingenious ways to compromise a device and its data.
The fact is, the KEYᵒⁿᵉ has dozens of PUBLISHED vulnerabilities since patching stopped for it a year and a half ago.
You can have all of the safety equipment with you, but if your boat has a screen for a hull, there is only so much you can do.11-29-20 12:09 PMLike 0 - I don't think a specific answer to your question is possible.
Hackers continually find new and ingenious ways to compromise a device and its data.
The fact is, the KEYᵒⁿᵉ has dozens of PUBLISHED vulnerabilities since patching stopped for it a year and a half ago.
You can have all of the safety equipment with you, but if your boat has a screen for a hull, there is only so much you can do.
Posted via BlackBerry Passport Silver Edition11-29-20 12:28 PMLike 0 - That is the thing, and you know that the devil is in the details. If I don't visit spooky websites and don't install virus apps and don't click on shady links: how can one theoretically get a remote access and control over my (and any) device?
Posted via BlackBerry Passport Silver Edition
But at the end of the day, I, or anyone else, can't give you an exact figure.11-29-20 12:32 PMLike 0 -
I’m using a Pixel 3a running Android 11 on November 5 security patch and iPhone XR with iOS 14.2 on November updates. That what I’m using for my personal and business uses. I’m considered as secure as possible by UEM standards. I’m obviously subject to any improper security decisions that UEM standards recommend against.11-29-20 12:37 PMLike 0 -
Also just being out in public with your WiFi or Bluetooth on is another big risk. Was a time with my Z10 that I regularly had those turned off via Power Tools and it's geo fencing. But at this point, I'm always using both - turning them off isn't really an option. But anyone stuck on an older version of Android without patches, should consider it.11-30-20 08:22 AMLike 0 - That is the thing, and you know that the devil is in the details. If I don't visit spooky websites and don't install virus apps and don't click on shady links: how can one theoretically get a remote access and control over my (and any) device?
Posted via BlackBerry Passport Silver Edition
Only you can decide if running a phone without at least quarterly security updates is worth the risk. I work in data security and personally would not use a phone that is not receiving security updates. We do not let any phones access our company services that is not up to date on security. If you can get by without being up to date, then you need to decide your own comfort level with risk.
You asked the opinion of other forum members of their security comfort level. You have received some great replies about current comfort levels. You are welcome to ignore our comments. I know that several of the comments come from people like myself who work in fields where device security is critical. We can't take chances or allow our customers or their data to be vulnerable. YMMV.11-30-20 06:32 PMLike 0
Similar Threads
-
How to translate a Web page in native BlackBerry browser or any other downloaded from BlackBerry Wor
By Gordo inc in forum BlackBerry 10 AppsReplies: 4Last Post: 08-09-20, 04:25 AM -
How can I install WIckr APK on BB10?
By DoorStop23 in forum BlackBerry 10 OSReplies: 13Last Post: 07-31-20, 10:10 PM -
Learn How to Make Money on Amazon With 40 Hours of Dropship Training
By CrackBerry News in forum CrackBerry.com News Discussion & ContestsReplies: 0Last Post: 07-29-20, 08:12 PM -
How to troubleshoot mobile network connection - Blackberry KeyOne
By Aneta Dinev in forum BlackBerry KEYoneReplies: 2Last Post: 07-27-20, 10:32 PM -
How do I have messages in folders remain in my Hub/Inbox?
By KitJackson67 in forum Ask a QuestionReplies: 2Last Post: 07-27-20, 11:43 AM
LINK TO POST COPIED TO CLIPBOARD