No More Playbook OS Updates = Web security concern
- Apple has dropped some support also for older hardware like the iPad 1 and some phones. The iOS operating system will not be used there. Even the iPad 2 will not be able to run some parts of iOS 6.
https://discussions.apple.com/message/22713743#22713743
Sure, it won't run iOS 7... but it still gets security updates.
Posted with Z10 via CB1004-01-14 09:33 PMLike 0 -
PlayBook UK BBM Channel C001CB4A104-02-14 12:33 AMLike 0 - I'd say the odds of an exploit being encountered that could do a system level infection is pretty low. Unlike the windows xp situation.
Say you hit a Flash exploit. Well once it executes it will try to do a system level change. At that point unless it was specifically engineered to attack a weakness in the PlayBook OS, it won't be very effective.
It could happen. Just not all that likely I'd say. No real motive to attack such a small user base. And a shrinking one at that.
Z10STL100-4/10.2.1.2141kbz1960 and anon(6038817) like this.04-02-14 12:49 AMLike 2 - 1. I curious what other forum readers think about this. 2. I love my PB and can accept its current function but wonder how long it will be safe to use on the web. I have read the articles about the end of Windows XP support, and there are some similar elements here minus the user and app baselines.
2. Assume that it will no longer be safe from now on.
On the bright side, you can now pickup a perfectly capable 64 GB PlayBook and PlayBook goodies for a lot cheaper.04-02-14 12:57 PMLike 0 - Before I changed jobs I used my PlayBook as a netbook using the blue tooth keyboard. The new job doesn't require me to use the tools on the PlayBook!
And truth be told, my Z10 seems to have replaced need for the PlayBook as there is little I can't do on it!
I'll keep the PlayBook in use as an e reader ad long as Kobo and media console continue to work on it! That said, books are just as easy to read in the z10.
And, as long as I can connect to NFB I'll continue to use the html connections to watch films on a bigger screen.
And I'll download movies and documentaries to watch while I'm travelling as long as I can.
Too bad BlackBerry is pulling support for the PlayBook, I've enjoyed using it so far!
I have no need for another tablet at this time, the html connections on the Z10 works just as well.
Mary Margaret From my Z-1004-02-14 01:30 PMLike 0 - I'd say the odds of an exploit being encountered that could do a system level infection is pretty low. Unlike the windows xp situation.
Say you hit a Flash exploit. Well once it executes it will try to do a system level change. At that point unless it was specifically engineered to attack a weakness in the PlayBook OS, it won't be very effective.
It could happen. Just not all that likely I'd say. No real motive to attack such a small user base. And a shrinking one at that.
Z10STL100-4/10.2.1.2141
But I doubt anyone cares about the Playbook because it is such a niche device. There aren't enough users to make exploiting it worth the effort.AWB70 likes this.04-02-14 01:49 PMLike 1 -
-
-
to use Playbook as well, and Bold 9900 for secure E Mails etc, not worried use and enjoy.04-02-14 02:51 PMLike 0 -
- I seriously doubt any government had been using the playbook in any meaningful capacity anyway. Certainly not with the same software we've been given.04-02-14 03:10 PMLike 0
- I'd say the odds of an exploit being encountered that could do a system level infection is pretty low. Unlike the windows xp situation.
Say you hit a Flash exploit. Well once it executes it will try to do a system level change. At that point unless it was specifically engineered to attack a weakness in the PlayBook OS, it won't be very effective.
It could happen. Just not all that likely I'd say. No real motive to attack such a small user base. And a shrinking one at that.
Z10STL100-4/10.2.1.2141
Now here's the massively ironic bit. People are worried about the security of the playbook now updates have ceased. Two things that are high up on the list of wanted things are the ability to get into the OS to adjust things ourselves and an updated flash player. Firstly, anyone following the Playbook rooting threads will see that thus far some of the finest minds on the subject are finding it impossible to do so, to the point that we're asking Blackberry please let us do it. Blackberry won't let us because if they did that would open the flood gates for people doing this for malicious reasons.
That puts in perspective how difficult it is to get into Playbook system files and alter it.
Flash here we go again If windows has back doors, pardon the pun. Then flash is the skeleton key. Just as BB has ended updates so has Adobe for Flash. Before people mention 12. something for Flash, 12. is for windows based computers for the reasons above. So, there are two ways of looking at this. Blackberry and Adobe could either leave this project with an unsecure OS and Flash or they could lock down the OS and Stop Flash working on sites based on if no one is updating it then it's safer not to let you at all.
I suppose it all depends on whether you want a secure device or the freedom to do what you want with it. Windows went with freedom and Antivris Firewall companies made a good living from it. Blackberry, as ever went with security.kbz1960 likes this.04-02-14 03:54 PMLike 1 - TL;DR ALERT
I agree with this for the wrong reasons. Not too happy about discontinuing Playbook updates, however, comparing it to windows xp isn't a fair comparison. XP is/was fundamentaly floored as are all windows os. Windows gives access to system files and has many, many open doors. For hackers it's a case of finding keys to these doors which, with enough time they will. In fact, AV and FW software is in a constant cat and mouse game trying to plug these holes.
Now here's the massively ironic bit. People are worried about the security of the playbook now updates have ceased. Two things that are high up on the list of wanted things are the ability to get into the OS to adjust things ourselves and an updated flash player. Firstly, anyone following the Playbook rooting threads will see that thus far some of the finest minds on the subject are finding it impossible to do so, to the point that we're asking Blackberry please let us do it. Blackberry won't let us because if they did that would open the flood gates for people doing this for malicious reasons.
That puts in perspective how difficult it is to get into Playbook system files and alter it.
Flash here we go again If windows has back doors, pardon the pun. Then flash is the skeleton key. Just as BB has ended updates so has Adobe for Flash. Before people mention 12. something for Flash, 12. is for windows based computers for the reasons above. So, there are two ways of looking at this. Blackberry and Adobe could either leave this project with an unsecure OS and Flash or they could lock down the OS and Stop Flash working on sites based on if no one is updating it then it's safer not to let you at all.
I suppose it all depends on whether you want a secure device or the freedom to do what you want with it. Windows went with freedom and Antivris Firewall companies made a good living from it. Blackberry, as ever went with security.
Windows has a perfectly fine permissions system. Unless a malware ran on an account that has Administrator Priviledges (or Power User, depending on what it was made to do), or could escalate itself to Administrator, there is not much it could do - even on Windows XP - unless it specifically exploited a security hole in the OS.
The biggest issues with Windows XP was the manner in which it was set up in consumer machines, and how consumers used their machines.
1. Administrator Account was often enabled with *no* password, which made it trivial for malware to gain system access. They could "Run As" themselves using that account by supplying a Blank Password and do *anything* on the machine. This setup was/is VERY common on Windows XP Home Edition machines.
2. Windows XP forced the creation of an Administrator-Level Account in addition to the built-in Administrator account, and
3. Most users, out of habit, used an Administrator-level account for general computer operation (OEMs usually set machines up by default with an Administrator Account and logged users straight into it, never telling them why this is a bad idea or prompting them to create a Limited User Account for general use - or even setting an Administrator Password)
4. There was no graceful system of priviledge escalation - Microsoft introduced UAC later
Windows XP Professional often lacked the Blank Password issue because from what I've experienced it always prompted me to set an account for Administrator during the install process. It still required a non-Administrator Admin account to be created for maintenance, however (without having to log into the Admin Account).
Windows XP certainly had bugs and flaws elsewhere in the system, but it was the first post-9x consumer-oriented Windows NT-based Operating System and Microsoft/OEMs made some critical (in a bad way) concessions to ensure the user experience of the users was as uninterrupted as possible, which causes some significant security issues. Users coming from Windows 98/Me were not accustomed to not being able to install a program or run certain programs because they weren't logged in with Admin privileges. All accounts on older Windows versions were basically Administrators.
The big problem isn't Windows XP, but the fact that Windows Longhorn (later Vista) was super delayed so it basically extended the Lifecycle of Windows XP well-past it's expected EOL and with Vista not performing well and being the Tech Press' whipping boy, that didn't help things at all. Under ideal circumstances, Windows XP would have been EOL'd years ago, but things had to be jumbled due to the Vista Delay and Vista's Performance/Acceptance.
NT is fairly secure. Vista was a huge step forward for Windows from a Security standpoint (and after the first Service Pack, there is really no reason for anyone to be running anything less than Vista at this point, unless their PC is so old that it cannot handle anything past XP). But to put this into perspective, let's say you're using Linux, but:
1. root has a blank password
2. You're operating the PC using an account with root priviledges
3. There is no graceful system of priviledge escalation (so if you run a malware you won't even get a UAC-like prompt stating that application wants to access system folders, etc. - Windows basically implemented what Linux Desktop Environments had already been using for a while, which is why I was so shocked when Linux people used UAC as a way to bash Vista... Lol)
???
Guess what you have? Nothing much better than Windows XP, and it isn't even the same operating system. Malware can still sudo by providing a blank password in a script. Anything you run under your root-priviledges user account can still do whatever it wants on the machine. The system is still not going to tell you when an app is attempting to write to protected area or run code that can be potentially malicious in nature without giving you a chance to abort it... This has nothing to do with the security of the OS itself, but simply terrible defaults/setup on the machine it is installed on.
This was a particular issue on Machines with Windows XP Home Edition. Almost everyone I knew with a PC (and this issue still exists today, but UAC does alert them to things that XP would have just let go through) simply turned it on, went through the quick setup, and continued on with their Blank Administrator Password and "HP-Administrator" user account (in the "Administrators" group) on XP.
If you used XP with a Limited User Account and a strong password for Administrator (and a strong password on the required Admin account, but not using it for general computing but only maintenance or via "Run As"), then the account-level issues were largely mitigated and at that point the only thing you really had to worry about were OS-level security flaws. And judging by the errata I would get for Red Hat Enterprise Linux (3, 4, and 5), I don't think XP was really all that much worse for the number of exploits Microsoft had to patch. It just got a ton more visibility because it was so widely used in the consumer market thus putting more people at risk to those flaws than a Linux distro would.Last edited by n8ter#AC; 04-02-14 at 10:55 PM.
04-02-14 10:37 PMLike 0 - Meanwhile back on topic. We could discuss the subtle differences between computer os until the cows come home but in the case of the PlayBook how do you feel about that?
In my personal experience regarding windows there are hundreds of thousands of malware and virus built specifically for those machines. You can count ones for Linux and Mac on your hands. You really have to go the extra mile run to get malware to install if you use it properly. In the case of windows you simply have to click yes and away you go installing it into your os. Now xp is now not being updated when that is found no one will be there to patch it.
In the case of the PlayBook, from which I'm drawing my comparison. Afaik no body has of yet managed to install anything into the os that blackberry didn't want in there to start with which is what people are complaining about because they want to. Also, nothing can start at the tablets boot other than the certified os preventing us from installing any other os. The last I read from hackers was the possibility of altering hardware itself as a possibility. So, unless you are installing a program from another source other than BB world (bars are sandboxed as well) and prepared to get a soldering iron out then the difference between xp not being updated and the PlayBook is huge and not even worth drawing a comparison.
With one you would have to be a technical wizard with the other you just click yes.
Ultimately windows, like other os gives the choice to the consumer, in the case of PlayBook you don't get that option and that's not through obscurity.
Being used like they have in government and military department I guess many have tried because of the information that potentially is on there AFAIK up to press, not one instance of it being compromised.
Posted via CB1004-03-14 02:43 AMLike 0 -
- I think they put the TL;DR alert at the top of their response since you know their response was longer than your comment. But it is your perogative to get bent out of shape by someone playfully acknowledging that their thoughtful response to your comments is indeed long winded. Make me wonder how you function on a forum with that dramatic flair you are showing.
"won't someone think of the children!!!"04-03-14 05:11 PMLike 0 - Unless I'm mistaken, tldr at the top of the post means, too long, didn't read. Or has done before on other forums I use. Which suggests they can't be bothered reading the post.
If that isn't the case I take it all back. I function fine amongst adults thanks.
Posted via CB1004-04-14 01:02 AMLike 0 - Unless I'm mistaken, tldr at the top of the post means, too long, didn't read. Or has done before on other forums I use. Which suggests they can't be bothered reading the post.
If that isn't the case I take it all back. I function fine amongst adults thanks.
Posted via CB1004-04-14 01:16 AMLike 0 -
Z10STL100-3/10.2.1.214104-04-14 01:20 AMLike 0 -
The OP was asking if there was a security risk by eol of the PlayBook and comparison to xp. I just pointed out the major differences which I can't see what was wrong with that or the information provided. Generally unless you take extra measures like they described windows is insecure relative to the PlayBook. Most people run as admin, most people will click yes when asked and the second line of defence firewall and AV most people will say yes if they think they are installing something legitimate. None of these situations could arise on the PlayBook because it's designed not to let you.
I'm off to sit in my happy place. It's been a stressful week as evident in my post note to self don't reply to topics when I've just got out of bed.
Posted via CB1004-04-14 04:33 AMLike 0 - I think it's great for used gadget enthusiasts. I picked up a used 64 GB 2 days ago off Kijiji for the same price I sold my 16 GB for 6 months ago. A LOT more space for downloading TED Talks HD podcasts. And all of my previously installed apps and games were still available for download too.AWB70 likes this.04-04-14 02:05 PMLike 1
-
Z10STL100-4/10.2.1.2141Last edited by southlander; 04-04-14 at 05:10 PM.
kbz1960 likes this.04-04-14 04:58 PMLike 1
- Forum
- BlackBerry PlayBook Forums
- BlackBerry PlayBook
No More Playbook OS Updates = Web security concern
« Amazon UK 360 Degree Rotating PU Leather Case �4.95 when you spend �10
|
need autoloader for playbook please help »
Similar Threads
-
BlackBerry OS 10.2 update for AT&T?
By jcclive in forum General Carrier DiscussionReplies: 13Last Post: 05-31-14, 10:25 PM -
Help : Blackberry reload OS
By Vicky Vikky in forum BlackBerry 10 OSReplies: 34Last Post: 04-01-14, 10:36 PM -
BlackBerry PlayBook OS 2.0 and 2.1 support officially ends this April
By CrackBerry News in forum CrackBerry.com News Discussion & ContestsReplies: 19Last Post: 04-01-14, 12:28 PM -
BlackBerry os 10.2 update
By jcclive in forum BlackBerry 10 OSReplies: 1Last Post: 03-31-14, 08:58 PM -
PlayBook Display Frozen
By Tony Torino in forum BlackBerry PlayBookReplies: 1Last Post: 03-31-14, 08:36 PM
LINK TO POST COPIED TO CLIPBOARD