12-08-11 07:03 PM
152 ... 4567
tools
  1. qbnkelt's Avatar
    OK. Explain to me how a device which can be rooted and modded can be secure in a secure environment. Because by its very nature a rooted/jailbroken device has shown a vulnerabilty that can be exploited and any attempts at control of its use is rendered nonexistent.
    .
    12-08-11 07:26 AM
  2. Branta's Avatar
    OK. Explain to me how a device which can be rooted and modded can be secure in a secure environment. Because by its very nature a rooted/jailbroken device has shown a vulnerabilty that can be exploited and any attempts at control of its use is rendered nonexistent.
    The problem is not devices which *can* be rooted, but those which *have already* been attacked. There is a similarity with computers which have been rooted and backdoor installed - there is no way to know what other damage was done, whether other sleeping vulnerabilities were introduced using the access of the first attack. As every server admin knows, the only safe repair for a cracked machine is to wipe and reinstall all software from trusted media, then patch before it is exposed to attack again.

    Unfortunately there is no certain way to prevent successful attacks if a hostile user has unrestricted physical access to the device.
    12-08-11 07:52 AM
  3. kbz1960's Avatar
    Wow what are companies going to do. They have all been hacked except for BBOS. Even windows which most are on.

    The way people talk on here if any one of them have ever been hacked, even just one time, it can't be used. And in the next breath they say that they are going to apple
    alnamvet68 likes this.
    12-08-11 08:34 AM
  4. qbnkelt's Avatar
    Yup. Difference understood, Branta.
    12-08-11 08:41 AM
  5. qbnkelt's Avatar
    Wow what are companies going to do. They have all been hacked except for BBOS. Even windows which most are on.

    The way people talk on here if any one of them have ever been hacked, even just one time, it can't be used. And in the next breath they say that they are going to apple
    Apple is on its way in, it's used in numerous projects.

    That's separate from the PB OS being deployed with this vulnerability.

    In my work environment this is huge.
    12-08-11 08:49 AM
  6. kbz1960's Avatar
    But it has been HACKED also. Contradiction in everything in this thread.

    I don't care what they do or do not use. They could use butter OS. But to say one thing is omited because it has been hacked and in the next breath it is said this hacked one will be used.

    I will just STFU now and leave this alone.
    12-08-11 09:00 AM
  7. brucep1's Avatar
    But it has been HACKED also. Contradiction in everything in this thread.

    I don't care what they do or do not use. They could use butter OS. But to say one thing is omited because it has been hacked and in the next breath it is said this hacked one will be used.

    I will just STFU now and leave this alone.
    You are missing the point...

    The Playbook being rooted is a big deal for one reason and one reason only..QNX is the future OS of Blackberries. No one cares that the current OS is secure, that's gonna die off in the next couple of months. However, if RIM has security issues for the future of it's OS, it loses the corporate customers.
    12-08-11 09:23 AM
  8. shootsscores's Avatar
    Apple is on its way in, it's used in numerous projects.

    That's separate from the PB OS being deployed with this vulnerability.

    In my work environment this is huge.
    iOS is far more vulnerable than QNX. The recent rooting is very shallow.
    12-08-11 09:24 AM
  9. OMGitworks's Avatar
    iOS is far more vulnerable than QNX. The recent rooting is very shallow.
    But it has been done. The barn door is open. The single greatest feature and only market it had a true chance at capturing (high security/gov't use) is now in serious question. They have patched it, but I would guess there is already a new way in or one coming very soon. Their is a huge difference between jail breaking an iOS device and some employee at the FBI, CIA DoD, utility company, you name it walking around with an exploitable tablet. It will simply cause they agency or company not to deploy them and there goes the market the PB had a serious shot at. The IT people do not trust the users and with good cause. Multiple layers and millions of dollars worth of security have been famously bi-passed by a cheap USB thumb drive used by either an unknowing or sometimes wayward employee, sometimes it really is that simple and scary.
    12-08-11 09:38 AM
  10. qbnkelt's Avatar
    But it has been HACKED also. Contradiction in everything in this thread.

    I don't care what they do or do not use. They could use butter OS. But to say one thing is omited because it has been hacked and in the next breath it is said this hacked one will be used.

    I will just STFU now and leave this alone.
    It's not contradictory. Apple is on its way to being approved, but it's not there yet. How it will implemented is being worked out, I'm sure. It is possible that specific changes in iOS will make it ready for deployment in secure environments, through Fusion. That's the buzz right now. I'm not saying what "flavour" it will be, but it will be.
    The PB was already in the environment. We've got it. With this exploit it will have lost the legendary BB almost-invincibility. Therefore, with iOS almost at the door of secure agencies and the PB troubled by BB's security questioned by the existence of this exploit, coupled by Apple's aggressive march towards secure environments, it is logical to see that the PB's misstep will cost Rim dearly.
    I'm not speaking as a consumer. I'm speaking from the IT directorate's perspective behind my security minded agency's firewall.
    12-08-11 09:38 AM
  11. kbz1960's Avatar
    You are missing the point...

    The Playbook being rooted is a big deal for one reason and one reason only..QNX is the future OS of Blackberries. No one cares that the current OS is secure, that's gonna die off in the next couple of months. However, if RIM has security issues for the future of it's OS, it loses the corporate customers.
    One last post.

    I don't think I'm missing any point but then again I've been ignorant before.

    So apple has changed their OS to one that has never been hacked, rooted or jailbroken? Or are they deploying the same OS that has been hacked? Is apple not hackable now or will it not be in the not so distant future.

    Leave RIMs future out of it for this thought. Lets even leave apple out of it.

    1 butter OS was hacked so now it is omitted. Another butter OS has been hacked but they are deploying it.

    Makes perfect sense to me.......not.
    12-08-11 09:44 AM
  12. brucep1's Avatar
    One last post.

    I don't think I'm missing any point but then again I've been ignorant before..
    Yes

    So apple has changed their OS to one that has never been hacked, rooted or jailbroken?.
    No

    Or are they deploying the same OS that has been hacked? .
    Yes

    Is apple not hackable now or will it not be in the not so distant future..

    No

    Leave RIMs future out of it for this thought. Lets even leave apple out of it.

    1 butter OS was hacked so now it is omitted. Another butter OS has been hacked but they are deploying it.

    Makes perfect sense to me.......not.
    Both Blackberry and iPhone are both rootable/jailbreakable. Security are concerns for both future lines of phones, where in this past, this was an advantage for Blackberry. Don't know how to explain it any further.

    I tried.
    12-08-11 09:50 AM
  13. Accidental Post's Avatar
    The glaring difference in the whole Argument is that RIM screams about security as their stake in the mobile market.

    Apple never did.........................
    12-08-11 09:59 AM
  14. kbz1960's Avatar
    OK so this whole thing is not about which is secure. It is about which one they prefer to use. Security has nothing to do with it. Gotcha.

    You all made it sound like it was about security.

    Over and out.
    12-08-11 10:04 AM
  15. OMGitworks's Avatar
    OK so this whole thing is not about which is secure. It is about which one they prefer to use. Security has nothing to do with it. Gotcha.

    You all made it sound like it was about security.

    Over and out.
    You are missing the point. If security becomes equal, then the vast majority of all corporate companies will PREFER to switch to iproducts. RIM was THE leader in secure devices and if that changes, then they lose the one true important advantage they had over iOS products. RIM is all about security, lose that and iOS wins big time.
    howarmat and avt123 like this.
    12-08-11 10:09 AM
  16. kbz1960's Avatar
    No I get that now that it has been pointed out it isn't about security. As I said I don't care what they use. I read this as it was all about security. Not what decice is chosen. Or how much it is gong to hurt RIM.
    12-08-11 10:15 AM
  17. bluenose363's Avatar
    From what I understand from my readings, it appears that Dingleberry root code has only managed to gain LOCAL access to both the connected computer running Blackberry Desktop software and the pb. The infiltrator will also has to have knowledge of the set security passwords. In other words, the infiltrator CANNOT wirelessly gain access to the files. He has to illegally obtain the pb and break the passwords on both the computer and pb. IMO, this is a low security risk.

    Futhermore RIM quickly released a security patch! That was quick. Kudos to the company.

    I would highly recommend that you Chicken Littles take some serious chill pills! You guys need to seriously find a place to chill out!
    Last edited by bluenose363; 12-08-11 at 11:21 AM.
    alnamvet68 and hpjrt like this.
    12-08-11 11:09 AM
  18. ifarlow's Avatar
    Futhermore RIM quickly released a security patch! That was quick. Kudos to the company.
    ...that did absolutely nothing to stop root access.
    avt123 likes this.
    12-08-11 12:10 PM
  19. bluenose363's Avatar
    ...that did absolutely nothing to stop root access.
    It did patch the targeted vulnerability but another low risk security flaw was discovered by the jailbreaking community. I'm confident that RIM will release another patch shortly.

    Do you remember how long it had taken for the original iPad to be jailbroken? Wasn't it less than 1 month? I'm sure that it was way less than 2 months. BB Playbook... how long??? Let's see... over 7 months!! That to me signifies that pb is extremely difficult to be rooted! Additionally, implementing this root into your playbooks is not for the faint hearted and definitely not for the average user.

    Oh yeah, how about the Amazon Fire? Less than 1 month, wasn't it? Yep it's rooted already. Both Android tablets and phones have already been heavily rooted and seem to be notoriously weak on security!

    In conclusion, all of RIM's competitors seem to be easily quickly rooted and the pb is not. So kudos to RIM.
    Last edited by bluenose363; 12-08-11 at 12:50 PM.
    12-08-11 12:46 PM
  20. Accidental Post's Avatar
    Like iOS5 jailbroken until you reboot......Let's be objective about this. Apple never said we have the most secure communication device nor has Android. RIM has and still does and has been proven that the PB can be hacked pure and simple and now that it has been "rooted" it will always be a game of cat and mouse. This will not end RIM will patch and devs will root, except the DEVS will make it more of a mess when they get into the machine fully and completely port ICS over to it.
    Last edited by Accidental Post; 12-08-11 at 12:57 PM.
    12-08-11 12:52 PM
  21. ifarlow's Avatar
    It did patch the targeted vulnerability but another low risk security flaw was discovered by the jailbreaking community. I'm confident that RIM will release another patch shortly.
    I'm sure they will too, but the PlayBook was re-rooted within hours of the patch. Doesn't inspire much confidence.

    Do you remember how long it had taken for the original iPad to be jailbroken? Wasn't it less than 1 month? I'm sure that it was way less than 2 months. BB Playbook... how long??? Let's see... over 7 months!!
    Actually, a moderator here alerted RIM almost as soon as the PlayBook hit the streets that exploiting the PlayBook could be possible due to some critical flaws. RIM's response to the warning was to do absolutely nothing about it. Besides, do you know how long it really took to root? Don't assume that just because the root came out recently that the developers were working on it since April of this year. As far as we know, they could have been working on it for just a few short weeks.

    See here: http://crackberry.com/crackberrycom-...playbook-april

    That to me signifies that pb is extremely difficult to be rooted! Additionally, implementing this root into your playbooks is not for the faint hearted and definitely not for the average user.
    Perhaps, but since the PlayBook was rooted within hours of the "fix" I'm not so confident in the integrity of the PlayBook/QNX at the moment. Let's see what next year brings, especially since QNX is supposed to be the savior of RIM.

    Oh yeah, how about the Amazon Fire? Less than 1 month, wasn't it? Yep it's rooted already. Both Android tablets and phones have already been heavily rooted and seem to be notoriously weak on security!

    In conclusion, all of RIM's competitors seem to be easily quickly rooted and the pb is not. So kudos to RIM.
    Why do you believe the PlayBook isn't easy? Do you honestly know how long it took to root?
    12-08-11 01:20 PM
  22. kbz1960's Avatar
    To sum up this thread.

    RIM used scare tatics to make everyone think they needed to use their devices and systems because they were secure.

    RIM is only in business because of these tatics.

    Now that RIM has been exposed as being not secure just like the others no one will choose to use their devices or services since they will all be on the same level now.

    Therefore RIM is dead.
    12-08-11 01:23 PM
  23. soccernamlak's Avatar
    It did patch the targeted vulnerability but another low risk security flaw was discovered by the jailbreaking community. I'm confident that RIM will release another patch shortly.

    Do you remember how long it had taken for the original iPad to be jailbroken? Wasn't it less than 1 month? I'm sure that it was way less than 2 months. BB Playbook... how long??? Let's see... over 7 months!! That to me signifies that pb is extremely difficult to be rooted! Additionally, implementing this root into your playbooks is not for the faint hearted and definitely not for the average user.

    Oh yeah, how about the Amazon Fire? Less than 1 month, wasn't it? Yep it's rooted already. Both Android tablets and phones have already been heavily rooted and seem to be notoriously weak on security!

    In conclusion, all of RIM's competitors seem to be easily quickly rooted and the pb is not. So kudos to RIM.
    Post hoc ergo propter hoc; your conclusion is a fallacy I'm afraid.

    You state that RIM's device is difficult to root based on the length of time it took for the first jailbreak to occur on the device.

    I would like to suggest a different alternative.

    Regarding the iPad, I'd argue it was quickly jailbroken because:
    1. iOS had been out for a few years and jailbroken, so the fundamentals of the innerworkings of the OS was understood
    2. The iPad (while not to the extent of the iPad2) was met with anticipation and pretty good sales: 300K Wi-Fi on launch day; 500K within first week. Hence, the device was available to more people in a short time frame which would drive the demand for inner access by those who had grown accustomed to it on their iPhones.


    Regarding the Fire, I'd argue that it was quickly jailbroken because, again, the number of devices drive demand for root access and makes it worth while for hackers AND it's based on Android, which has already been rooted dozens of times.


    For the PlayBook, the one advantage it did have was new mobile OS from the ground up, which means any hacker would need to really get to know how the operating system works.

    Sadly, that's where the obvious advantage ends: sale numbers have not been close to Fire or iPad 1 in the first days of sales. It still sold, but the demand just wasn't there.

    Which means you have a smaller user base. Which means the push for access isn't as strong. Which means that, if as a hacker, I need to spend my time jailbreaking the PlayBook or work on the iPad 2 code, where do you think I'd spend my time?


    This of course just looks at anticipation, sales figures, and past history (or lack thereof) of OS development.

    Of course, I'd hope that QNX is pretty secure coming from BlackBerry, but comparing the security between operating systems can't be done on a sole factor of how long it took to jailbreak the device.
    Accidental Post likes this.
    12-08-11 01:26 PM
  24. Tre Lawrence's Avatar
    It did patch the targeted vulnerability but another low risk security flaw was discovered by the jailbreaking community. I'm confident that RIM will release another patch shortly.

    Do you remember how long it had taken for the original iPad to be jailbroken? Wasn't it less than 1 month? I'm sure that it was way less than 2 months. BB Playbook... how long??? Let's see... over 7 months!! That to me signifies that pb is extremely difficult to be rooted! Additionally, implementing this root into your playbooks is not for the faint hearted and definitely not for the average user.

    Oh yeah, how about the Amazon Fire? Less than 1 month, wasn't it? Yep it's rooted already. Both Android tablets and phones have already been heavily rooted and seem to be notoriously weak on security!

    In conclusion, all of RIM's competitors seem to be easily quickly rooted and the pb is not. So kudos to RIM.
    One thing that you Accidental has alluded to is this: at the end of the day, Google and Apple do not care, because they don't really need the semblance of security. As Qbnkelt pointed out, RIM desperately does.

    Apple, in particular, is sitting pretty. Apple can take their sweet time to encroach on RIM, and RIM isn't really returning the favor in the consumer area.

    I think that demand has a lot to do with it. I am not sure, but I think the PB root project is a fairly new one, mostly stimulated by the PB firesale. Plus, if you are telling a purchasing exec concerned with this that "well, it takes 7 months to jailbreak/root OUR device" you'll get laughed out the building.

    Now, I don't think the ability to root a QNX (or is it BB10?) device makes RIM a less viable option for enterprise. The "aura" of security might be damaged, but it would take more than just rooting to create a true security issue, no?
    Accidental Post and howarmat like this.
    12-08-11 01:28 PM
  25. qbnkelt's Avatar
    It does, if the platform in question, long known for being the gold standard for security, releases its next generation platform and that platform is then shown to be vulnerable.
    Let me put it another way.
    I was a long time AT&T customer with an unlimited data plan. Due to a change in devices, I lost my grandfathered unlimited plan and refused to give it back. At that point, AT&T removed my main incentive to stay with them. So began porting over all my lines to VZW, since the thing that kept me with AT&T is now gone.
    Similarly, my agency piloted a PB program. BB having a hold in the federal governmnent, the PB was deemed to be the right choice. In comes news of this root. PB can be rooted. IPad 2 can be jailbroken. Android is not a considertion. Given the ease of use, the aura of excellence currently surrounding the iPad, the fact that *it* is the tablet to beat in the consumer market, what is the incentive to remain with PB?
    Understand this, I LOVE BBerries. I'd give up my Atrix fifty times over before I give up my BB. I don't own an iPad nor an iPhone. But I'm not blind to the repercussions of RIM's failure to heed warning that this was coming, or to fail to produce a secure tablet out of two secure platforms.
    12-08-11 05:07 PM
152 ... 4567
LINK TO POST COPIED TO CLIPBOARD