05-13-21 08:44 AM
37 12
tools
  1. harris hpe's Avatar
    Hi guys, just purchased a Keyone from eBay. I haven't owned a BB device since BB 10. It wil one used as a second device mostly, emails, Google maps, the odd WhatsApp, driving apps etc for work. Wil lthe outdated android system give me any bother? Also does it allow you too use android auto in a vehicle. Many thanks
    05-11-21 01:56 PM
  2. conite's Avatar
    Hi guys, just purchased a Keyone from eBay. I haven't owned a BB device since BB 10. It wil one used as a second device mostly, emails, Google maps, the odd WhatsApp, driving apps etc for work. Wil lthe outdated android system give me any bother? Also does it allow you too use android auto in a vehicle. Many thanks
    Audroid Auto, no problem.

    Using apps with Oreo, no problem.

    Security flaws due to being 3 (soon 4) Android versions behind and the lack of patches for more than 2 years, very big problem.
    05-11-21 02:05 PM
  3. harris hpe's Avatar
    so no banking apps, purchases recommended on it? thankyou for replying ✌️
    05-11-21 03:33 PM
  4. bh7171's Avatar
    so no banking apps, purchases recommended on it? thankyou for replying
    Of course you can use your banking apps. They are updated and scanned daily for issues and malware from the Google PlayStore. Your device has face unlock, fingerprint biometrics, password/pin, apps that are more and more common and likely to request 2FA, DTEK to keep apps in check and locked down and BlackBerry software that ensures root of trust on boot.

    **Realize no one is ever fully safe on any computer or when online even with the latest versions or patches but if you utilize the items above you should be a-ok. Netguard or Blokada are also good for locking down apps and tracking. If interested in NetGuard go direct to developer because the versions on Google Play Store don't actually allow ad blocking. I bought the "pro" version through the Google Play Store to support the dev and just realized even using the block that is neutered.
    05-11-21 03:56 PM
  5. Chuck Finley69's Avatar
    Audroid Auto, no problem.

    Using apps with Oreo, no problem.

    Security flaws due to being 3 (soon 4) Android versions behind and the lack of patches for more than 2 years, very big problem.
    It comes down to a mobile OS that has all types of security flaws being discovered on a monthly basis at the mobile OS level and not the vendor app level. Those security exploits are published monthly telling everyone how they’re exploited and this can direct hackers on how to build a Trojan horse to spam out to millions of unsuspecting people.

    You’re good unless you’re a person that opens an email containing Trojan horse from a newer device that doesn’t have the updated security patch or your vendor institution hasn’t gotten around to patching their app.

    It’s a statistical game. You should be ok until you’re not and then it just depends on how you’re violated. Account breaches happen and usually limited damages or your vendor eats the loss instead of you, eventually…. However, sometimes the breach is bigger, like your personal identity or corporate accounts and client’s identities which could leave you eating client losses or simply losing angry friends or clients.
    05-11-21 04:18 PM
  6. conite's Avatar
    Of course you can use your banking apps. They are updated and scanned daily for issues and malware from the Google PlayStore. Your device has face unlock, fingerprint biometrics, password/pin, apps that are more and more common and likely to request 2FA, DTEK to keep apps in check and locked down and BlackBerry software that ensures root of trust on boot.

    **Realize no one is ever fully safe on any computer or when online even with the latest versions or patches but if you utilize the items above you should be a-ok. Netguard or Blokada are also good for locking down apps and tracking. If interested in NetGuard go direct to developer because the versions on Google Play Store don't actually allow ad blocking. I bought the "pro" version through the Google Play Store to support the dev and just realized even using the block that is neutered.
    If you believe a security patch is at least somewhat important, how about 28 of them?
    05-11-21 04:20 PM
  7. bh7171's Avatar
    It comes down to a mobile OS that has all types of security flaws being discovered on a monthly basis at the mobile OS level and not the vendor app level. Those security exploits are published monthly telling everyone how they’re exploited and this can direct hackers on how to build a Trojan horse to spam out to millions of unsuspecting people.

    You’re good unless you’re a person that opens an email containing Trojan horse from a newer device that doesn’t have the updated security patch or your vendor institution hasn’t gotten around to patching their app.

    It’s a statistical game. You should be ok until you’re not and then it just depends on how you’re violated. Account breaches happen and usually limited damages or your vendor eats the loss instead of you, eventually…. However, sometimes the breach is bigger, like your personal identity or corporate accounts and client’s identities which could leave you eating client losses or simply losing angry friends or clients.
    Irrespective of mobile OS or patch level breeches can and do happen on even the latest, most up to date versions. The user is always THE most important factor in any use case. Nobody, irrespective of OS version or patch level should EVER open an unsuspecting email or link or photo within an email. If you don't know that it doesn't matter the Windows, iOS or Android version. And persons with the most critical of client information are going to already be using a locked down corporate device with more security than inherent to the phone or desktop OS.

    Presently there is a lovely little ransomware issue affecting a east coastal gasoline pipeline that is nicely and unnecessarily raising national fuel prices. Over 4 dollars a gallon here in the longest locked down state of the pandemic. Good ole California where we refine our own fuel (don't have a (Ransomware scenario) and already tax fuel to the moon.

    Reality is that almost all "potential" security exploits "could" occur if the user did x,w and y to result in z. (That almost no one would ever do)

    Use a password, a biometric, keep apps updated and simply don't open unsuspecting emails and the average user is a-ok. If this wasn't the case telecoms would drop support, Google or the companies that develop the apps simply wouldn't allow them to work on prior OS versions. (Samsung recently did this with one of their apps. Nothing under Nougat level devices any longer)

    There are still millions and millions of iOS and Android users utilizing devices with older OS versions than the KeyOne safely and without harm. All Fire tablets through the 8th gen are on Lollipop or Nougat but they still seem to receive forms of support. People have their cc information on those devices to interact with one of the world's largest (and hacker sought after) online vendors.
    Winnertrack likes this.
    05-11-21 05:15 PM
  8. conite's Avatar
    Irrespective of mobile OS or patch level breeches can and do happen on even the latest, most up to date versions. The user is always THE most important factor in any use case. Nobody, irrespective of OS version or patch level should EVER open an unsuspecting email or link or photo within an email. If you don't know that it doesn't matter the Windows, iOS or Android version. And persons with the most critical of client information are going to already be using a locked down corporate device with more security than inherent to the phone or desktop OS.

    Presently there is a lovely little ransomware issue affecting a east coastal gasoline pipeline that is nicely and unnecessarily raising national fuel prices. Over 4 dollars a gallon here in the longest locked down state of the pandemic. Good ole California where we refine our own fuel (don't have a (Ransomware scenario) and already tax fuel to the moon.

    Reality is that almost all "potential" security exploits "could" occur if the user did x,w and y to result in z. (That almost no one would ever do)

    Use a password, a biometric, keep apps updated and simply don't open unsuspecting emails and the average user is a-ok. If this wasn't the case telecoms would drop support, Google or the companies that develop the apps simply wouldn't allow them to work on prior OS versions. (Samsung recently did this with one of their apps. Nothing under Nougat level devices any longer)

    There are still millions and millions of iOS and Android users utilizing devices with older OS versions than the KeyOne safely and without harm. All Fire tablets through the 8th gen are on Lollipop or Nougat but they still seem to receive forms of support. People have their cc information on those devices to interact with one of the world's largest (and hacker sought after) online vendors.
    So stop all security patches then?

    Google curating is important. Play Protect scanning is important. Safe user behaviour is important. OS updates are important. But so are security patches.

    We need all cylinders to be firing to stay safe.

    You are on record as touting Apple's long-term support, and Samsung's newly added 4th year of bi-annual security patches. Are they not a big deal now?
    Last edited by conite; 05-11-21 at 05:56 PM.
    05-11-21 05:17 PM
  9. spARTacus's Avatar
    If I flash up my windows 98 machine and start surfing the internet (if the browser could render any of the current day websites), I wonder how long before I am hacked?
    05-11-21 06:01 PM
  10. Chuck Finley69's Avatar
    Irrespective of mobile OS or patch level breeches can and do happen on even the latest, most up to date versions. The user is always THE most important factor in any use case. Nobody, irrespective of OS version or patch level should EVER open an unsuspecting email or link or photo within an email. If you don't know that it doesn't matter the Windows, iOS or Android version. And persons with the most critical of client information are going to already be using a locked down corporate device with more security than inherent to the phone or desktop OS.

    Presently there is a lovely little ransomware issue affecting a east coastal gasoline pipeline that is nicely and unnecessarily raising national fuel prices. Over 4 dollars a gallon here in the longest locked down state of the pandemic. Good ole California where we refine our own fuel (don't have a (Ransomware scenario) and already tax fuel to the moon.

    Reality is that almost all "potential" security exploits "could" occur if the user did x,w and y to result in z. (That almost no one would ever do)

    Use a password, a biometric, keep apps updated and simply don't open unsuspecting emails and the average user is a-ok. If this wasn't the case telecoms would drop support, Google or the companies that develop the apps simply wouldn't allow them to work on prior OS versions. (Samsung recently did this with one of their apps. Nothing under Nougat level devices any longer)

    There are still millions and millions of iOS and Android users utilizing devices with older OS versions than the KeyOne safely and without harm. All Fire tablets through the 8th gen are on Lollipop or Nougat but they still seem to receive forms of support. People have their cc information on those devices to interact with one of the world's largest (and hacker sought after) online vendors.
    Either security matters or it doesn’t. You can’t pine away that OEMs should provide longer support and then say it’s really not important. Look, I’m a personal actual risk taker in my life and profession up to point my decisions cross some boundaries that others like my clients have chosen not too.

    I silo everything that I do by different contracts I undertake and one reason I have multiple devices. My unimportant short-term contract over the fall and winter holidays, just became my biggest longer-term contract. That vendor provided me recently with a new laptop and VoIP apps built-in so I’m not using my equipment, but a lone mobile device I still get emails on a vendor provided contracted email address.

    This company has recently had their domain scraped and we’ve gotten Trojan emails to multiple synced emails that feed to me. Since I have the new laptop and remote with little traveling, I don’t use the mobile for my phone calls. I don’t usually open emails on it anymore. I got a legitimate email from another person at the company that laptop scan caught an embedded Trojan in email body. Had I opened it on my phone, it could have been disastrous.

    I’m pretty security conscious but how does one not open a legitimate email? No phone antivirus would have caught this I suspect but regardless, somebody in the company must have opened something without the security protocols on something other than secured laptops. If someone wants to use antiquated KEYone, that’s fine to do if they understand the risks well enough to make an informed decision. If that person comes here looking for the answer, just give them actual facts and let them decide. Why feel the need to encourage them with accepting your level of risk if they don’t really understand it for themselves? What’s the benefit to encouraging the older devices to less informed BlackBerry supporters that believe they’re magically secure because of the BlackBerry name ?
    05-11-21 06:26 PM
  11. bh7171's Avatar
    So stop all security patches then?

    Google curating is important. Play Protect scanning is important. Safe user behaviour is important. OS updates are important. But so are security patches.

    We need all cylinders to be firing to stay safe.

    You are on record as touting Apple's long-term support, and Samsung's newly added 4th year of bi-annual security patches. Are they not a big deal now?
    I would not turn down the small patches the NA Key2 is getting on Oreo 8.1 it and my BE are running. And of course I wish all the Key devices had 3 OS updates and 4 years patching. The hardware is good enough to warrant it as are most devices produced recently.

    For now I'll continue using my BE KeyOne in the manner I do and with the precautions noted. I have a Galaxy A71 that's all up to date. Unfortunately it is not as enjoyable to use. My personal preference is a PKB and the BE so I use it cautiously and void of any games or SM apps.

    I also throw caution to the wind as I choose to continue driving a pristine 2012 vehicle. It certainly lacks today's latest safety features while carrying my loved ones and friends. I control what I can and have always maintained it as well as possible with exceptional rotors, brake pads, tires, servicing, etc and try to obey road laws. I am not going to stop driving the vehicle or buy a new one because it's simply not as safe as a new vehicle today. I am more worried about all the people on their phones operating newer vehicles and not paying attention while driving. When my '12 hits the 10 year mark (and has served me for 6 payment free years) it will then be someone else's (not as safe) well cared for and maintained vehicle to use.
    saint300 likes this.
    05-11-21 07:03 PM
  12. conite's Avatar
    I would not turn down the small patches the NA Key2 is getting on Oreo 8.1 it and my BE are running. And of course I wish all the Key devices had 3 OS updates and 4 years patching. The hardware is good enough to warrant it as are most devices produced recently.

    For now I'll continue using my BE KeyOne in the manner I do and with the precautions noted. I have a Galaxy A71 that's all up to date. Unfortunately it is not as enjoyable to use. My personal preference is a PKB and the BE so I use it cautiously and void of any games or SM apps.

    I also throw caution to the wind as I choose to continue driving a pristine 2012 vehicle. It certainly lacks today's latest safety features while carrying my loved ones and friends. I control what I can and have always maintained it as well as possible with exceptional rotors, brake pads, tires, servicing, etc and try to obey road laws. I am not going to stop driving the vehicle or buy a new one because it's simply not as safe as a new vehicle today. I am more worried about all the people on their phones operating newer vehicles and not paying attention while driving. When my '12 hits the 10 year mark (and has served me for 6 payment free years) it will then be someone else's (not as safe) well cared for and maintained vehicle to use.
    Except no one else is actively trying to use whatever tools are available to them to thwart your attempts at staying safe in your car.

    There is also not a published instruction-set available to said evil-doers, specifically detailing hundreds of ways to affect critical elements of your vehicle remotely.
    05-11-21 07:24 PM
  13. bh7171's Avatar
    Except no one else is actively trying to use whatever tools are available to them to thwart your attempts at staying safe in your car.

    There is also not a published instruction-set available to said evil-doers, specifically detailing hundreds of ways to affect critical elements of your vehicle remotely.
    Nefarious persons do not try to hack newer vehicles and their systems?
    05-11-21 07:56 PM
  14. conite's Avatar
    Nefarious persons do not try to hack newer vehicles and their systems?
    Just pointing out that your analogy doesn't fit.

    But sure, an autonomous AI vehicle is just like your phone - another mobile endpoint. Anything plugged in needs to stay constantly updated.
    Last edited by conite; 05-11-21 at 10:37 PM.
    05-11-21 08:17 PM
  15. pdr733's Avatar
    Why feel the need to encourage them with accepting your level of risk if they don’t really understand it for themselves? What’s the benefit to encouraging the older devices to less informed BlackBerry supporters that believe they’re magically secure because of the BlackBerry name ?
    I feel that for many people commenting in that manner it is just a post hoc rationalization of not wanting to get rid of their PKB phones.
    If current gen PKBs existed (with current OS and all) probably the very same people would be very much in favor of continually updated device, but now that it's not the case, some justification needs to be established for still using the KEYs.
    05-12-21 03:34 AM
  16. saint300's Avatar
    I would not turn down the small patches the NA Key2 is getting on Oreo 8.1 it and my BE are running. And of course I wish all the Key devices had 3 OS updates and 4 years patching. The hardware is good enough to warrant it as are most devices produced recently.

    For now I'll continue using my BE KeyOne in the manner I do and with the precautions noted. I have a Galaxy A71 that's all up to date. Unfortunately it is not as enjoyable to use. My personal preference is a PKB and the BE so I use it cautiously and void of any games or SM apps.

    I also throw caution to the wind as I choose to continue driving a pristine 2012 vehicle. It certainly lacks today's latest safety features while carrying my loved ones and friends. I control what I can and have always maintained it as well as possible with exceptional rotors, brake pads, tires, servicing, etc and try to obey road laws. I am not going to stop driving the vehicle or buy a new one because it's simply not as safe as a new vehicle today. I am more worried about all the people on their phones operating newer vehicles and not paying attention while driving. When my '12 hits the 10 year mark (and has served me for 6 payment free years) it will then be someone else's (not as safe) well cared for and maintained vehicle to use.
    I also used a Galaxy A51 with Android 10 for almost 6 months. Didn't enjoy it one tiny bit. I disliked even more Samsung's UI, so I sent it to a new home and bought a Priv. In my case, even Android 6 is safe and sound!
    the_boon likes this.
    05-12-21 11:44 AM
  17. saint300's Avatar
    I would not turn down the small patches the NA Key2 is getting on Oreo 8.1 it and my BE are running. And of course I wish all the Key devices had 3 OS updates and 4 years patching. The hardware is good enough to warrant it as are most devices produced recently.

    For now I'll continue using my BE KeyOne in the manner I do and with the precautions noted. I have a Galaxy A71 that's all up to date. Unfortunately it is not as enjoyable to use. My personal preference is a PKB and the BE so I use it cautiously and void of any games or SM apps.

    I also throw caution to the wind as I choose to continue driving a pristine 2012 vehicle. It certainly lacks today's latest safety features while carrying my loved ones and friends. I control what I can and have always maintained it as well as possible with exceptional rotors, brake pads, tires, servicing, etc and try to obey road laws. I am not going to stop driving the vehicle or buy a new one because it's simply not as safe as a new vehicle today. I am more worried about all the people on their phones operating newer vehicles and not paying attention while driving. When my '12 hits the 10 year mark (and has served me for 6 payment free years) it will then be someone else's (not as safe) well cared for and maintained vehicle to use.
    I also used a Galaxy A51 with Android 10 for almost 6 months. Didn't enjoy it one tiny bit. I disliked even more Samsung's UI, so I sent it to a new home and bought a Priv. In my case, even Android 6 is safe and sound!
    05-12-21 11:44 AM
  18. conite's Avatar
    In my case, even Android 6 is safe and sound!
    But it's not. Not even close.
    05-12-21 11:46 AM
  19. saint300's Avatar
    But it's not. Not even close.
    Well, but it most certainly is. Please note that I did say "in my case".
    05-12-21 11:48 AM
  20. conite's Avatar
    Well, but it most certainly is. Please note that I did say "in my case".
    If your "case" is not connecting to the internet, then ok.
    05-12-21 11:50 AM
  21. saint300's Avatar
    If your "case" is not connecting to the internet, then ok.
    While I understand the importance of security patches, I cannot agree to the notion that all people using Android 6 devices need to throw them away; even more, people using Keyones' and even Key2's that are not NA versions and cannot use an autoloader. Because what you are saying, in other words, is that even Key2 devices that cannot get the latest patches, should be ditched. And then get a slab?? In any case, it really comes down to the user, how informed they are, and how they decide to use their device. I am very happy with my Keyone, and never had any such issues with my Priv. And yes, I do connect to the internet; actually I am connected all the time.
    the_boon likes this.
    05-12-21 12:02 PM
  22. pdr733's Avatar
    While I understand the importance of security patches, I cannot agree to the notion that all people using Android 6 devices need to throw them away; even more, people using Keyones' and even Key2's that are not NA versions and cannot use an autoloader. Because what you are saying, in other words, is that even Key2 devices that cannot get the latest patches, should be ditched. And then get a slab?? In any case, it really comes down to the user, how informed they are, and how they decide to use their device. I am very happy with my Keyone, and never had any such issues with my Priv. And yes, I do connect to the internet; actually I am connected all the time.
    Ok but you probably admit that you use it because no current gen PKB phone is available. So you are forced to deal with the downside of old and unpatched OS. Not because a newer OS is useless or security is unimportant.
    05-12-21 12:54 PM
  23. Chuck Finley69's Avatar
    While I understand the importance of security patches, I cannot agree to the notion that all people using Android 6 devices need to throw them away; even more, people using Keyones' and even Key2's that are not NA versions and cannot use an autoloader. Because what you are saying, in other words, is that even Key2 devices that cannot get the latest patches, should be ditched. And then get a slab?? In any case, it really comes down to the user, how informed they are, and how they decide to use their device. I am very happy with my Keyone, and never had any such issues with my Priv. And yes, I do connect to the internet; actually I am connected all the time.
    I think where there’s a disconnect here, is the idea that a person can somehow manually and carefully visit the internet and through best practices and procedures continue to be safe. The problem is that you don’t know you’re even infected with the malware or virus.
    05-12-21 01:12 PM
  24. bh7171's Avatar
    If your "case" is not connecting to the internet, then ok.
    Are all the browsers updated and secure? Is a Chrome or Chrome based browser on the latest version not safe (and therefore) on any device?
    05-12-21 01:20 PM
  25. Chuck Finley69's Avatar
    Are all the browsers updated and secure? Is a Chrome or Chrome based browser on the latest version not safe (and therefore) on any device?
    But that only addresses exploits done via the browser. That has nothing to do with mobile OS level vulnerabilities.
    05-12-21 01:23 PM
37 12

Similar Threads

  1. WTS/WTT: BlackBerry KEYone Black Edition
    By the_boon in forum The Marketplace - Buy, Sell & Trade
    Replies: 12
    Last Post: 05-29-21, 02:17 AM
  2. In App Purchases
    By mike1123 in forum BlackBerry KEYone
    Replies: 5
    Last Post: 05-07-21, 07:32 PM
  3. Keyone space bar has come off one one side
    By Emaderton3 in forum BlackBerry KEYone
    Replies: 25
    Last Post: 05-07-21, 07:07 AM
  4. KEYone LE (Black Edition/64GB)
    By Argo82 in forum BlackBerry KEYone
    Replies: 3
    Last Post: 05-06-21, 02:15 PM
  5. Keyone Keeps Rebooting
    By royphotog in forum BlackBerry KEYone
    Replies: 3
    Last Post: 05-06-21, 07:36 AM
LINK TO POST COPIED TO CLIPBOARD