[RKSSDBB]

You can actually be FAR more private on Android than iOS.

Get a phone that you can install LineageOS on (a private, beefed up version of open-source, non-Google, Android). Like a Pixel 4 or OnePlus Nord or 7T Pro for instance.

Then use Netguard to prevent all trackers from 3rd party apps.

Thank you.

I am sure you are correct.

But my eyes glazed over reading your post. Probably not hard to do what you suggest, but well beyond my level of knowledge.

I am retired and have no client info or other business related need to be super locked down.

On the consumer side, while I appreciate the availability of technology and services from Google, Amazon, Microsoft and perhaps Apple, I prefer to minimize the amount of intrusion if I can.

[Chuck Finley69]

Thank you.

I am sure you are correct.

But my eyes glazed over reading your post. Probably not hard to do what you suggest, but well beyond my level of knowledge.

I am retired and have no client info or other business related need to be super locked down.

On the consumer side, while I appreciate the availability of technology and services from Google, Amazon, Microsoft and perhaps Apple, I prefer to minimize the amount of intrusion if I can.

One thing I'm different from conite with is my Apple preference over Google as my primary choice. I dual carry XR/3a but I use factory setup from the box with both. For that reason I lean towards Apple ever so minimal slightly....

[conite]

One thing I'm different from conite with is my Apple preference over Google as my primary choice. I dual carry XR/3a but I use factory setup from the box with both. For that reason I lean towards Apple ever so minimal slightly....

In this context though, I'm speaking only to the topic of privacy. Otherwise, preference should rule the day.

[Old_Mil]

If you're looking for privacy, I would not recommend an iOS device. Apple harvests the heck out of your data. A lot of basic browser security add ons (EG privacy badger) simply can't be installed on the iOS versions of the browser. A properly secured, de-googled android based phone is much better.

If you like your Key2LE and Motion, there's really no reason to retire them right now.

[RKSSDBB]

If you're looking for privacy, I would not recommend an iOS device. Apple harvests the heck out of your data. A lot of basic browser security add ons (EG privacy badger) simply can't be installed on the iOS versions of the browser. A properly secured, de-googled android based phone is much better.

If you like your Key2LE and Motion, there's really no reason to retire them right now.

As to retiring my Key2le and Motion, don't you agree with Conite about the lack of security patches, the known vulnerabilities and the on line instructions as to how to use those vulnerabilities?

They seem like significant points to me.

And thank you for your view on IOS and it's intrusive harvesting of personal data.

[Chuck Finley69]

If you're looking for privacy, I would not recommend an iOS device. Apple harvests the heck out of your data. A lot of basic browser security add ons (EG privacy badger) simply can't be installed on the iOS versions of the browser. A properly secured, de-googled android based phone is much better.

If you like your Key2LE and Motion, there's really no reason to retire them right now.

I don't think Apple harvests my data at the OEM level or third party level apps worse than Google harvests at the proprietary OEM level while third party OEMs and third party apps probably even worse.

[bh7171]

As to retiring my Key2le and Motion, don't you agree with Conite about the lack of security patches, the known vulnerabilities and the on line instructions as to how to use those vulnerabilities?

They seem like significant points to me.

And thank you for your view on IOS and it's intrusive harvesting of personal data.

I hope you realize to have a vulnerability outside of the apps that are always updated and scanned for Malware in the Google Play Store (See Play Protect) you would have to do w,x and y to get the hypothetical z issue. These are not simple attack vectors that render an OS version unusable! If you use an updated browser, only apps from the Google Play Store and your email runs through a secure vendor like Office 365 you will not have problems. Similar to the billions of other users on older Android OS but with updated applications. If you throw on NetGear Pro (pay the dev) you can also eliminate trackers.

[conite]

I hope you realize to have a vulnerability outside of the apps that are always updated and scanned for Malware in the Google Play Store (See Play Protect) you would have to do w,x and y to get the hypothetical z issue. These are not simple attack vectors that render an OS version unusable! If you use an updated browser, only apps from the Google Play Store and your email runs through a secure vendor like Office 365 you will not have problems. Similar to the billions of other users on older Android OS but with updated applications. If you throw on NetGear Pro (pay the dev) you can also eliminate trackers.

No matter what you do, you will eventually run out of corks to plug all of the holes.

Patches are extremely important.

Vulnerabilities pile up fast - to the tune of over 40 a month on AOSP alone.

[RKSSDBB]

Thanks Chuck, Conite and the other posters. I've looked up the privacy controls on Android 11 and IOS14. it looks like both now offer many more privacy options now than previously.

[bh7171]

Interestingly enough the Motion and KeyOne (BE specs) remain on the Google Android Enterprise Solutions list of still approved devices.

https://androidenterprisepartners.wi...om/device/#!/1

https://androidenterprisepartners.wi...om/device/#!/2

Blackberry and BlackBerry Mobile\TCL must have done something right in their partnership.

[conite]

Interestingly enough the Motion and KeyOne (BE specs) remain on the Google Android Enterprise Solutions list of still approved devices.

https://androidenterprisepartners.wi...om/device/#!/1

https://androidenterprisepartners.wi...om/device/#!/2

Blackberry and BlackBerry Mobile\TCL must have done something right in their partnership.

It really means that Google doesn't give a damn about the whole thing, as it's just a bunch of hooey.

It absolves TCL since they have maintained their promise to be a part of the program, but it makes Google look stupid for not enforcing their own rules.

[bh7171]

It really means that Google doesn't give a damn about the whole thing, as it's just a bunch of hooey.

It absolves TCL since they have maintained their promise to be a part of the program, but it makes Google look stupid for not enforcing their own rules.

I believe Google takes security and the program seriously. Their enterprise partners depend on it.

Seems to me that BlackBerry's software, SoC signage, root of trust on boot for OS (that now seems a staple for Android) and even DTEK and it's ability to monitor apps tracking and events was far ahead of other Android OEM's. I mean to this date I have not read of BlackBerry Android devices being hacked. Does anyone have a published report of this?

[bh7171]

I have been looking around here;

https://www.cvedetails.com/

And I cannot find anything significant in regards to the BlackBerry Android products under "BlackBerry" "BlackBerry Mobile" or even under "TCL". I also tried keyword searches for the various device names.

[conite]

I believe Google takes security and the program seriously. Their enterprise partners depend on it.

Seems to me that BlackBerry's software, SoC signage, root of trust on boot for OS (that now seems a staple for Android) and even DTEK and it's ability to monitor apps tracking and events was far ahead of other Android OEM's. I mean to this date I have not read of BlackBerry Android devices being hacked. Does anyone have a published report of this?

Almost every single vulnerability that affects normal Android affects BlackBerry Android too.

The whole root of trust and secure boot business only catches issues related to persistent root - which most exploits don't bother with.

All else being equal, any extra hardening is better than none, but it is totally eclipsed by patching and updated OS versions.

[bh7171]

Almost every single vulnerability that affects normal Android affects BlackBerry Android too.

The whole root of trust and secure boot business only catches issues related to persistent root - which most exploits don't bother with.

All else being equal, any extra hardening is better than none, but it is totally eclipsed by patching and updated OS versions.

Are there any published hacks of BlackBerry hardened and secured Android devices?

Google Play Protect has the device applications and browsers protected and any enterprise and most consumers have a email client like Office 365 than protects email. ASOP is primarily for basic call and email functions.

All Key and Motion devices also have biometrics along with password protection.

My contention, as apparently Google Enterprise recommend still publishes and agrees, is that used safely and with common sense, these devices are still safe for consumers and enterprise alike to use. (Key 2 is omitted because it never received the 1 OS upgrade it was initially to receive. Perhaps that's why it has still be receiving patches in NA?)

[conite]

Are there any published hacks of BlackBerry hardened and secured Android devices?

Google Play Protect has the device applications and browsers protected and any enterprise and most consumers have a email client like Office 365 than protects email. ASOP is primarily for basic call and email functions.

All Key and Motion devices also have biometrics along with password protection.

My contention, as apparently Google Enterprise recommend still publishes and agrees, is that used safely and with common sense, these devices are still safe for consumers and enterprise alike to use. (Key 2 is omitted because it never received the 1 OS upgrade it was initially to receive. Perhaps that's why it has still be receiving patches in NA?)

AOSP is 95% of Blackberry Android, and every other flavour of Android.

There are few published hacks of any specific devices, because almost all hacks are device-independent.

Google, and almost every security expert, has stated multiple times that 3 months is the longest a device should go without patches. As to why a ton of old devices are still sitting on the Enterprise Recommended site is just a testament to laziness.

Play Protect and updated clients are complementary services, but by no means replacements for patches or updates.

[bh7171]

AOSP is 95% of Blackberry Android, and every other flavour of Android.

There are no published hacks of any devices, because almost all hacks are device-independent.

Google, and almost every security expert, has stated multiple times that 3 months is the longest a device should go without patches. As to why a ton of old devices are still sitting on the Enterprise Recommended site is just lazy.

Play Protect is a complementary service, but by no means a replacement for patches or updates.

Why doesn't Google immediately kill application usage to older devices if they are no longer safe or secure for a consumer to use?

Amazon is still updating (2016) 6th gen Fire tablets using a Android OS 5 backbone for consumers usage. A lot at stake for consumers utilizing these with payments and CC info and Amazon as one of the largest online vendors in the world.

[conite]

Why doesn't Google immediately kill application usage to older devices if they are no longer safe or secure for a consumer to use?

Amazon is still updating (2016) 6th gen Fire tablets using a Android OS 5 backbone for consumers usage. A lot at stake for consumers utilizing these with payments and CC info and Amazon as one of the largest online vendors in the world.

Because it's ultimately not up to them. Plus, they want to sell their ecosystem to everyone they can.

That said, Google spends many tens of millions of dollars a year developing and promoting easier updates (Treble, Mainline, etc), and defragmentation.

[bh7171]

Because it's ultimately not up to them. Plus, they want to sell their ecosystem to everyone they can.

That said, Google spends many tens of millions of dollars a year developing and promoting easier updates (Treble, Mainline, etc), and defragmentation.

Probably also spend a ton on "Play Protect" to ensure all apps downloaded from the GPS are safe and or removed from store and devices.

So are we really saying all Android devices only downloading apps from GPS are safe for consumers to continue to use? Say like an older car that is maintained well, drives and operates perfectly fine even though it doesn't have the latest and greatest security, safety or telematic equipment as newer rides?

[conite]

Probably also spend a ton on "Play Protect" to ensure all apps downloaded from the GPS are safe and or removed from store and devices.

So are we really saying all Android devices only downloading apps from GPS are safe for consumers to continue to use? Say like an older car that is maintained well, drives and operates perfectly fine even though it doesn't have the latest and greatest security, safety or telematic equipment as newer rides?

Play Protect is complimentary - NOT a replacement for updates. It's like anti-virus that scans against known code. There is still plenty on Play Store that gets through despite it being the safest place to be.

There are over 40 exploits published every single month, month after month. Patching is the ONLY way to address this. These published exploits are recipes for any hacker that wants to try them.

[Sam Rosu1]

The battery change on the Motion is pretty simple and the battery inexpensive. I've done mine and 2 others.

Posted via CB10