[CherokeeMarty]

Can you share a document to combat the EFF claims of the validity of messaging app securities?

Go here and read this:BBM: Security You Can Trust | | Inside BlackBerry for Business Blog

Basically, EFF took the lazy route to cheap shot article.

[lovedaazn]

Okay, BlackBerry should come up with some sort of reply to this non sense BS.

[BB30000]

why don't you tell me the reason BB released BBM Protected if the regular BBM was secure?

The default level of security offered by BBM today is already very secure, offering two layers of encryption for messages sent between BBM contacts. First, BBM uses a TLS to establish a secure connection between the smartphone and the server. TLS is a common web standard that is used for online shopping and internet banking. Additionally, BBM messages are encrypted using a triple DES 168-bit BBM scrambling key which encrypts messages leaving the sender?s phone, and authenticates and decrypts messages on the recipient?s phone. These two layers working together mean that you have secure messages flowing through a secure pipe. BBM Protected adds an additional layer of advanced encryption to this security model helping to meet the needs of the most security conscious organizations.

http://ca.blackberry.com/business/pr...ces/e-bbm.html

Via The BlackBerry Z30 experience!

[bbjdog]

Okay, BlackBerry should come up with some sort of reply to this non sense BS.

BlackBerry Fact check does not check nonsense from internet-based articles. Blackberry only Fact checks direct competitors false advertising. If apple comes out and claims something about their security and Imessage then BlackBerry will respond. Both parties will not respond to some EFF report.

Posted via CB10

[imcurved]

BlackBerry myth buster needs to get to work! Or perhaps that statement is true...

PassportSQW100-1/10.3.0.1154

[bbjdog]

No its not, call in the myth busters and also the ghost busters.

Posted via CB10

[dguy123]

BlackBerry Fact check does not check nonsense from internet-based articles. Blackberry only Fact checks direct competitors false advertising. If apple comes out and claims something about their security and Imessage then BlackBerry will respond. Both parties will not respond to some EFF report.

Posted via CB10

Well that's a huge mistake!
Where do you think public opinion is formed?
Doesn't matter if it's factual or not. If this type of garbage isn't responded to then this is the only message people will hear. People will not research it. Oh Apple is now more secure than BlackBerry? Awesome! ... And off they go with a new belief system.

Posted via CB10

[bbjdog]

Well that's a huge mistake!
Where do you think public opinion is formed?
Doesn't matter if it's factual or not. If this type of garbage isn't responded to then this is the only message people will hear. People will not research it. Oh Apple is now more secure than BlackBerry? Awesome! ... And off they go with a new belief system.

Posted via CB10

I agree with you 100%, but that doesn't change the legal part of it. All BlackBerry can do is state their product is secure. You don't hear either company commenting on the issue. Ask yourself one question, if the G7 and the G20 use BlackBerry products, how secure is it?

Posted via CB10

[dguy123]

I agree with you 100%, but that doesn't change the legal part of it. All BlackBerry can do is state their product is secure. You don't hear either company commenting on the issue. Ask yourself one question, if the G7 and the G20 use BlackBerry products, how secure is it?

Posted via CB10

Oh 'I' get it. But the average person reading that report won't. They won't ask themselves anything and BlackBerry will loose the perception war.
Apple wants to move into the secure device space and the groundwork on public perception is well underway.

I'm not sure what the legal part you're referring to is. I'm sure BlackBerry would be in it's legal right to refute inaccurate claims. BlackBerry doesn't have to play nice and respect the scoring system some external body uses to convey the message that BlackBerry is insecure.

If they stay silent Apple will quickly eat their lunch.

(I'm not saying Apple is behind the BBM is among the least secure IMs out there report, but with Apple's enterprise focus their will be plenty of media support playing up ios security, sometimes by playing down or outright attacking BlackBerry's security story. Remember, perception is reality in the market.)

Posted via CB10

[LoneStarRed]

Apple can't seem to face the naked truth.

" I do not think that word means what you think it means. "

[bbjdog]

Oh 'I' get it. But the average person reading that report won't. They won't ask themselves anything and BlackBerry will loose the perception war.
Apple wants to move into the secure device space and the groundwork on public perception is well underway.

I'm not sure what the legal part you're referring to is. I'm sure BlackBerry would be in it's legal right to refute inaccurate claims. BlackBerry doesn't have to play nice and respect the scoring system some external body uses to convey the message that BlackBerry is insecure.

If they stay silent Apple will quickly eat their lunch.

(I'm not saying Apple is behind the BBM is among the least secure IMs out there report, but with Apple's enterprise focus their will be plenty of media support playing up ios security, sometimes by playing down or outright attacking BlackBerry's security story. Remember, perception is reality in the market.)

Posted via CB10

Blackberry doesn't need to prove anything to anyone. This conversation has taken place already. People can claim what ever they want, it's a free world. If perception is everything then I would have an iPhone or Android phone , which I don't. I have a Blackberry passport and before that a Z10. Should I follow the crowd because I read something in the newspaper or Internet? Will I make a corporate decision because some article states their opinions. Check BlackBerry credentials with DOD and DISA and all the rest of the world.

Posted via CB10

[AndyYNWA]

Checked a Swedish Apple forum, and they also think this report looks strange. Both regarding iMessage and other apps, even BBM.

[Superfly_FR]

Still no rebuttal on the BB fact Check...on Inside BB..I hope these guys aren't getting lazy and going back to their old ways,I Know there is a new guy heading this blog but haven't seen anything for the whole month,look at how many times they contradicted others in past months and they seem to be slacking off,they have a great idea with this and maybe it served it's original purpose,keep it going it is a great idea that doesn't need to die.

They did in the Business Blog.

Yup : Four Key Ways that BlackBerry Protects Your Privacy | Inside BlackBerry for Business Blog

[Superfly_FR]

why don't you tell me the reason BB released BBM Protected if the regular BBM was secure?

They added a private encryption layer


Plus several enterprise focused features, notably for regulated industries, where you need to securely store a track record (like time stamps, for example) of exchanges between users. This is mandatory in several industries where you need to be able - many years after - to state who said what to who and when.

"Regular BBM" only offers a single key encryption which will not be NSAproof, for instance. But believe me, very few may be able to intercept and decrypt anything BBM. Again, it's really theoretical. I found this in proper english to explain it clearer (note it's RIM, so that's probably old stuff, reason why I don't link it).

The Achilles’ heel of [regular] BBM is that while PIN-to-PIN messages are encrypted using Triple DES, RIM adds a global cryptographic “key”, which is shared between every BlackBerry device manufactured. This automatically allows a situation (in theory, at least) where, if the messages can be intercepted at the cellular service provider’s network and the hacker party manages to spoof the intended recipient’s PIN, any BlackBerry device can be used to decrypt all PIN-to-PIN messages sent by any other BlackBerry device.While this has never happened as yet, or at least has not been brought to our attention, the scenario lies entirely within the realm of possibility.
The same key, used by all BlackBerry devices to be able to decrypt PIN-to-PIN messages, can be used by RIM at their relay station to decrypt any user’s messages. Again, this is not to suggest that RIM is in the business of reading their users’ content. However, if legally put to the task, RIM can provide decrypted PIN-to-PIN messages in clear-text to law enforcement authorities.

[ugahairydawgs]

And here from today's news of the world...

Apple iOS bug makes iPhones, iPads vulnerable to Masque Attack - Technology & Science - CBC News

Enjoy!!!

I'm not sure I'd jump up and down too much with that. The only way a device can be infected (for the moment) is by side-loading an app from a pop up or spam. Seeing as how a large number of BB10 users are side-loading to get the Android apps they want these days the same type of thing could happen for BB10 users if coders were so inclined.

[RubberChicken76]

however, if legally put to the task, RIM can provide decrypted PIN-to-PIN messages in clear-text to law enforcement authorities.

I think this is really an important point that none of them will discuss, but they all have to live with.

A real world example here

Canadian Police Hacked BBM Messages to Shut Down Organized Crime Mobs | Complex. The press made it sound initially in the title that the police hacked into BBM. The real answer was at the bottom of the article.

[MC_A_DOT]

And here from today's news of the world...

Apple iOS bug makes iPhones, iPads vulnerable to Masque Attack - Technology & Science - CBC News

Enjoy!!!

From the same article:

The company says users can protect themselves by:

-Installing apps only from Apple�s official App Store or the user�s own organization and not from third-party app stores.
-Never installing an app from a third-party web page pop-up.
-Uninstalling any apps that show an alert with �Untrusted App Developer� when the user tries to open it.

I'm not defending apple but try harder...

[Dunt Dunt Dunt]

Simple truth is.... who cares!

Companies and Governments have been using Windows Desktops and Laptops for a couple of decades now.... and we know how secure they were.

Apple has stated they are number one in business, and I see no reason to doubt them, as here in the US Apple Tablets and Phones do seem to be in a lot of board rooms and meeting.

Is BlackBerry more secure, I believe they are when managed correctly using BES. But I think it is a very small group that will put the Security of BlackBerry ahead of the productivity and reliability (not up for sale or closing hardware) of other Platforms. If BB10 had been release five years ago and the platform's ecosystem was the same as Apple and Google.. there wouldn't even be a discussion. BlackBerry would be the default choice of business and even consumers. But that didn't happen and BB10 is still a toddler and doesn't have much of an ecosystem to support it - and almost NO marketing to let people even know they are still in business.

[MC_A_DOT]

Simple truth is.... who cares!

Is BlackBerry more secure, I believe they are when managed correctly using BES. But I think it is a very small group that will put the Security of BlackBerry ahead of the productivity and reliability (not up for sale or closing hardware) of other Platforms. If BB10 had been release five years ago and the platform's ecosystem was the same as Apple and Google.. there wouldn't even be a discussion. BlackBerry would be the default choice of business and even consumers. But that didn't happen and BB10 is still a toddler and doesn't have much of an ecosystem to support it - and almost NO marketing to let people even know they are still in business.

This....So much this

[Bluenoser63]

I'm not sure I'd jump up and down too much with that. The only way a device can be infected (for the moment) is by side-loading an app from a pop up or spam. Seeing as how a large number of BB10 users are side-loading to get the Android apps they want these days the same type of thing could happen for BB10 users if coders were so inclined.

Only difference is BB10 apps are sandboxed. How is the malicious android app supposed to get into the sandbox to replace the app in the same manner?

[xandermac]

I don't trust an organization that's only a few months old and already are misleading people with informations. For all I know it could be two wannabe website startup guys trying to create a publicity stunt.

The EFF has been around for years and has done more to protect you than you can possibly imagine. Most people would trust their findings. As they stated, this is just phase 1 of their study. You may end up happier in the long run as they continue their research.

[xandermac]

It's about imessenger. the Messenger app with a backdoor to Mr NSA.

LOL. I love it...

[power5]

Blackberry doesn't need to prove anything to anyone. This conversation has taken place already. People can claim what ever they want, it's a free world. If perception is everything then I would have an iPhone or Android phone , which I don't. I have a Blackberry passport and before that a Z10. Should I follow the crowd because I read something in the newspaper or Internet? Will I make a corporate decision because some article states their opinions. Check BlackBerry credentials with DOD and DISA and all the rest of the world.

Posted via CB10

Do you think Business people would like to place their BB PP on a table at a huge meeting between companies and hear a snicker from the other company reps because they think their devices are better for business and security? Trust me, business cares about perception and not just if their contacts have read an article on a BB news site. The other people may only know about that security win by apple because their teenager is a techie and was reading about it and then told their father at dinner. Now the father trusts his kid on tech and thinks it is gospel.

It would be quite easy and cheap to hire another PR person to illuminate the internet with BBs true security policies and accolades when articles like this come out.

Not everyone does their homework. I didn't and I should have looking back. The chart was even childish looking and I am ashamed that I thought it could have been at all valid.

[xandermac]

And here from today's news of the world...

Apple iOS bug makes iPhones, iPads vulnerable to Masque Attack - Technology & Science - CBC News

Enjoy!!!

Hey look! A sideloading bug! I still feel safe though as I don't install 3rd party, shady app stores or use sideloaded apps personally. But I also don't have BB10 so don't really need to

BTW, here are the steps needed for Masque to work. Hopefully it won't bite too many users, and I'm sure it won't.

"Apple has a lot of safeguards built into iOS. A Masque attack tries to get you to circumvent those safeguards and install it anyway. In order to make a Masque attack work, an attacker has to:

1. Have an iOS Developer Enterprise Program account or the universal device identifier (UDID) for the device they want to target.
2. Make a malicious app that looks like a popular, existing app. (New Flappy Bird is the example given.)
3. Get you to download their fake app from outside the App Store. (For example, by sending you an email with a link in it.)
4. Get you to agree to the iOS popup that warns you the app you're trying to install is from an untrusted source."

[rambo47]

Apple Inc. (NASDAQ:AAPL) News Analysis: Apple: More Secure Than BlackBerry?

Was reading through the Stocks app articles when I came upon this misinformed article with the most ridiculous looking picture downplaying BlackBerry security!
I would have hoped by now that the Blackberry bashing had stopped. This is just over the top.

Via The BlackBerry Z30 experience!

First, this is only iMessage vs. BBM. This is NOT about overall device security.
Second, this doesn't mean BBM is not secure. It's just that Apple has added some new security layers after "The Fappening" with iCloud.

Catchy headline but ultimately nothing to see here.