1. jpvj's Avatar
    FYI:
    KB36557-BlackBerry response to reports of tethered jailbreak vulnerabilities

    From the brief description it sounds like BB OS devices based on the Qualcomm chipset is prone to be rooted.
    I wonder if we ever hear more about this.

    Anyone knows who found the vulnerability?
    serbanescu and DaFoxGrey like this.
    12-29-14 10:27 AM
  2. ArmedHitman's Avatar
    FYI:
    KB36557-BlackBerry response to reports of tethered jailbreak vulnerabilities

    From the brief description it sounds like BB OS devices based on the Qualcomm chipset is prone to be rooted.
    I wonder if we ever hear more about this.

    Anyone knows who found the vulnerability?
    Even Android phones on Qualcomm were found to be easy to change IMEI with their chipsets... BlackBerry has a string or field when it asks for updates to see if the phones bootloader has been tampered with. Other than that, I think whoever has found it has probably signed a NDA...
    12-30-14 06:25 AM
  3. jpvj's Avatar
    I don't get the NDA thing: The person discovering (=having the knowledge) must sign an NDA with BlackBerry? They should just be exited to get the information before somebody creates an exploit and uses it in the wild.

    I doubt BlackBerry shares very much information in return. If the person was smart enough to find the vulnerability in the first place, he could continue reverse engineering/debugging anyway.

    Legal department must have a lot of power within BB. I recall a case where a big customer of mine wanted BlackBerry to sign an NDA in order to let them approve the design. It delayed the project 3 months before their legal department had approved the NDA.
    12-30-14 02:35 PM
  4. jpvj's Avatar
    12-30-14 02:39 PM
  5. ArmedHitman's Avatar
    I don't get the NDA thing: The person discovering (=having the knowledge) must sign an NDA with BlackBerry? They should just be exited to get the information before somebody creates an exploit and uses it in the wild.

    I doubt BlackBerry shares very much information in return. If the person was smart enough to find the vulnerability in the first place, he could continue reverse engineering/debugging anyway.

    Legal department must have a lot of power within BB. I recall a case where a big customer of mine wanted BlackBerry to sign an NDA in order to let them approve the design. It delayed the project 3 months before their legal department had approved the NDA.
    IF every person that did find a exploit and used it in the wild straight after... I don't think we would have any privacy in the slightest. Lots of clever minds doing exploits, good and very very bad... Breaking NDA specially if you sent the exploit information to BBRY and then using would be very bad. Jail would almost be certain as NDA is a very strong thing if handled in the right way by legal teams.

    I'm sure BlackBerry must reward certain people for finding exploits in some way or form.

    BBRY love their NDA's, trust me.

    I've used this on a device to unlock more LTE bands on a device which had all the radios.
    12-31-14 04:38 AM
  6. jpvj's Avatar
    IF every person that did find a exploit and used it in the wild straight after... I don't think we would have any privacy in the slightest. Lots of clever minds doing exploits, good and very very bad... Breaking NDA specially if you sent the exploit information to BBRY and then using would be very bad. Jail would almost be certain as NDA is a very strong thing if handled in the right way by legal teams.

    I'm sure BlackBerry must reward certain people for finding exploits in some way or form.

    BBRY love their NDA's, trust me.



    I've used this on a device to unlock more LTE bands on a device which had all the radios.
    I'm under NDA with BlackBerry as partner, betatester etc. This makes sense because I am allowed early access to software and devices.

    But why would the finder of an exploit want to sign a NDA with BlackBerry in the first place?
    Unless BlackBerry gives something in return, like a reward or access to source code review it makes no sense at all (no benefit for the person finding the exploit).
    kbz1960 likes this.
    12-31-14 06:23 AM

Similar Threads

  1. SketchBook for BlackBerry 10 Discussion
    By Puneet Kohli in forum BlackBerry 10 Apps
    Replies: 62
    Last Post: 02-17-15, 02:12 AM
  2. What would you like to see in Successor of Blackberry Passport?
    By faraz98 in forum BlackBerry Passport
    Replies: 59
    Last Post: 01-11-15, 09:47 AM
  3. How to reinstall BlackBerry World using the BlackBerry World Recovery Tool
    By CrackBerry News in forum CrackBerry.com News Discussion & Contests
    Replies: 2
    Last Post: 01-07-15, 07:28 AM
  4. BlackBerry Link
    By Rizzoo2014 in forum Ask a Question
    Replies: 2
    Last Post: 12-30-14, 11:36 AM
  5. Is new BB10.3 theme necessary for Built for Blackberry apps?
    By CrackBerry Question in forum Ask a Question
    Replies: 1
    Last Post: 12-29-14, 09:45 AM
LINK TO POST COPIED TO CLIPBOARD