[yhamaie]

Modem (radio) circuits of Snapdragon 810 (MSM 8994) and 808 (MSM 8992) are common, I presume.

----------

About phone

Model number
STV100-6

Processor info
Qualcomm Technologies, Inc MSM8992

Android version
5.1.1

Baseband version
O.2.5.c11-00011-M8994FAAAANAZM-1

Kernel version
3.10.49-grsec-perf-g7b69651
ec_agent@br605cnc #1
Wed Sep 2 17:42:36 EDT 2015

Build number
AAC450 (master aospl-msm8992 635 qc8992_sfi-user)

Attachment 371993

Yup. As pretty much expected.

[The Big Picture]

Actually I don't see proof of BlackBerry safeguard as the OP and titile says.

Only grsecurity.

BlackBerry safeguard is app sandboxing isn't it? Or permissions control?

Posted via CB10

[Benjamin Black]

Well, that'll be harder now: http://grsecurity.net/announce.php

Internet detectives point their fingers at Intel, so I guess we should thank them for making things harder for other kernel developers. /s

Posted via CB10

Woah. Who is the company? Does anyone know?

Posted via BlackBerry Passport Silver Edition

[Uzi]

Woah. Who is the company? Does anyone know?

Posted via BlackBerry Passport Silver Edition

I read in other thread Cgk (CB member) said it was intel

[Benjamin Black]

Damn it. I have always liked Intel.

Posted via BlackBerry Passport Silver Edition

[The Big Picture]

http://www.wilderssecurity.com/threa...public.379263/

Read this thread to find out who! I hope justice is served and I hope BlackBerry is being honourable.

Posted via CB10

[smart548]

Actually I don't see proof of BlackBerry safeguard as the OP and titile says.

Only grsecurity.

BlackBerry safeguard is app sandboxing isn't it? Or permissions control?

Posted via CB10

Posted via CB10

[Benjamin Black]

It wasn't Intel directly. It was a company that Intel acquired. Intel simply backed up the company they acquired.

Posted via BlackBerry Passport Silver Edition

[yhamaie]

I wonder if they read as follows . . .

BlackBerry Safeguard rating poor
Tap to change security features . . .

No SIM card
To connect to the cellular network . . .

Attachment 372504

[The Big Picture]

Posted via CB10

Sweet! thanks for that.

Posted via CB10

[Bluenoser63]

I think the main point is that BB is not going to intentionally allow rooting and will react quickly to plug any holes. Being that security is what BB is really focused on, their reputation is at stake and it'd be a PR disaster if a root exploit was found. It's early days and they are retrofitting Android which wasn't designed for security from the ground up, so it won't be easy.

Since BlackBerry didn't design the security, they are dependent on someone else to patch any holes. They don't have the knowledge or skill to change the security since they didn't design it.

Chen misled people when he said that they would release an Android device if he found a way to make it secure. He implied it was BlackBerry securing it. Taking someone elses security and using it when you are a security company is foolish. You are betting your reputation of security their security, not yours. If something happens and the device is compromised, all the talk will be able BlackBerry phones being hacked, not grSecurity having a hole.

[conite]

Since BlackBerry didn't design the security, they are dependent on someone else to patch any holes. They don't have the knowledge or skill to change the security since they didn't design it.

Chen misled people when he said that they would release an Android device if he found a way to make it secure. He implied it was BlackBerry securing it. Taking someone elses security and using it when you are a security company is foolish. You are betting your reputation of security their security, not yours. If something happens and the device is compromised, all the talk will be able BlackBerry phones being hacked, not grSecurity having a hole.

That said, Grsecurity is miles ahead of anything BlackBerry could have come up with from scratch over the last few months. Realistically, I'm not sure what the alternative could have been.

BlackBerry has spent its time on the Experience Suite and Safeguard, where it probably should have.

Z30STA100-5/10.3.2.2639

[ayngling]

Since BlackBerry didn't design the security, they are dependent on someone else to patch any holes. They don't have the knowledge or skill to change the security since they didn't design it.

Well, sure, they started out with a kernel that is already hardened. Smart move. I believe it still takes competence in security to get it right. I doubt they have just thrown it in there and hoped for the best.

I also wished they miraculously has managed to use QNX underneath instead, but this way is probably better, especially in terms of time to market.

[dusanvn]

Since BlackBerry didn't design the security, they are dependent on someone else to patch any holes. They don't have the knowledge or skill to change the security since they didn't design it.

Chen misled people when he said that they would release an Android device if he found a way to make it secure. He implied it was BlackBerry securing it. Taking someone elses security and using it when you are a security company is foolish. You are betting your reputation of security their security, not yours. If something happens and the device is compromised, all the talk will be able BlackBerry phones being hacked, not grSecurity having a hole.

I agree. I just don't think BlackBerry is a security company. So, they have done their best within their capability in that respect in the Venice.

Posted via CB10/BB PP SE.

[Soulstream]

The thing is for rooting you need physical access to the device. I am 1000 times more scared of remote hacking and exploits than rooting.

[ayngling]

I just don't think BlackBerry is a security company.

What? That is the one thing I am convinced they are... It is their single core competency.

[dusanvn]

What? That is the one thing I am convinced they are... It is their single core competency.

Security companies build firewalls, antivirus, IPS or system lockdown/ hardening solutions. BlackBerry builds systems and integrates them with security solutions (that it get licensed from security companies). It's like a civil engineer. He knows how to build a secure house (or can hire somebody to do that job for him) but doesn't know how to secure a house that was built by somebody else.

Posted via CB10/BB PP SE.

[thurask]

It wasn't Intel directly. It was a company that Intel acquired. Intel simply backed up the company they acquired.

Posted via BlackBerry Passport Silver Edition

It's Wind River's techs and Intel's attack lawyers.

[ayngling]

Security companies build firewalls, antivirus, IPS or system lockdown/ hardening solutions. BlackBerry builds systems and integrates them with security solutions (that it get licensed from security companies). It's like a civil engineer. He knows how to build a secure house (or can hire somebody to do that job for him) but doesn't know how to secure a house that was built by somebody else.

I am pretty sure BlackBerry considers itself a security company...

[BrentRoss]

When is someone going to peel that darned protective sheet off the screen?

It's an evaluation unit. Peel that sheet off and evaluate it.

Posted via CB10

That made my day. Nuff said

Posted via the CrackBerry App for Android

[DaedalusIcarusHelios]

Since BlackBerry didn't design the security, they are dependent on someone else to patch any holes. They don't have the knowledge or skill to change the security since they didn't design it.

Chen misled people when he said that they would release an Android device if he found a way to make it secure. He implied it was BlackBerry securing it. Taking someone elses security and using it when you are a security company is foolish. You are betting your reputation of security their security, not yours. If something happens and the device is compromised, all the talk will be able BlackBerry phones being hacked, not grSecurity having a hole.

Nobody builds everything from scratch, and BB still had to use open source code for certain things. I'm sure they don't simply take things off the shelf and hope for the best. I'm sure they review everything and validate it for security as a cohesive whole as well as its individual parts.

I agree. I just don't think BlackBerry is a security company. So, they have done their best within their capability in that respect in the Venice.

Posted via CB10/BB PP SE.

BlackBerry has a ton of security-focused people - much more than most companies. They are known for security, and they've explicitly stated that is one of their primary focuses.

Security companies build firewalls, antivirus, IPS or system lockdown/ hardening solutions. BlackBerry builds systems and integrates them with security solutions (that it get licensed from security companies). It's like a civil engineer. He knows how to build a secure house (or can hire somebody to do that job for him) but doesn't know how to secure a house that was built by somebody else.

Posted via CB10/BB PP SE.

BlackBerry 10, BES, and various recent and past acquisitions show security-focused products. They've implemented end-to-end secure solutions as well as offered pieces to help secure products that are not their own. The reality is they have been forced to work more in securing products that are not their own. In the case of Android, it is open source, so they can review the source code and add in solutions to help better secure it. Of course they are limited by the inability to completely re-architect Android without forking it (and breaking the full app-compatibility they are going for), but there is still a lot they can do to mitigate security risks. They are uniquely positioned to do so, especially since they are one of the largest security-focused companies with a lot of talent in that regard.

[raremage]

They didn't ;-) Still, they decided to adopt it. It's like using WPA2 key for a wifi connection instead of a weak WEP. If you don't know nothing (I mean really nothing)about internet security and call your provider for assistance for your home wifi, a good company will teach their employees to set you up a WPA2 password. A bad provider/company will not or will just tell them to put a WEP(bad move).
Even if way too simplistic, that example explain what BlackBerry is doing. BB didn't "made" GrSecurity, but decided to use it, which SEEMS to be a good move.
If it is definetly rootable or not, we'll never know until it will come out of course but I strongly believe that it is SUPPOSED not to be rootable

Posted via CB10

If it's not rootable that will lead to much gnashing of teeth among the vocal Android faithful.

Practically speaking most people have exactly zero legitimate reasons for rooting a phone, which of course will not dampen the complaints.

Posted via CB10

[sf49ers]

Security companies build firewalls, antivirus, IPS or system lockdown/ hardening solutions. BlackBerry builds systems and integrates them with security solutions (that it get licensed from security companies). It's like a civil engineer. He knows how to build a secure house (or can hire somebody to do that job for him) but doesn't know how to secure a house that was built by somebody else.

Posted via CB10/BB PP SE.

they hold the patents to the eleptic curve encrytption(ECC) which pretty much every security focused organisation uses..actually one other source of blackberry software revenues apart from QNX is Certicom which is a security company to the core and helped Blackberry reach new hieghts interms of security. Certicom acquition is a crown jewel even more so than QNX

[BCITMike]

Since BlackBerry didn't design the security, they are dependent on someone else to patch any holes. They don't have the knowledge or skill to change the security since they didn't design it.

Chen misled people when he said that they would release an Android device if he found a way to make it secure. He implied it was BlackBerry securing it. [b]Taking someone elses security and using it when you are a security company is foolish. [\b]You are betting your reputation of security their security, not yours. If something happens and the device is compromised, all the talk will be able BlackBerry phones being hacked, not grSecurity having a hole.

The more you talk, the less you appear to know the enterprise market.

I'm also guessing, you've not had the pleasure of working with "rockstar" developers.

Posted via CB10

[lift]

The thing is for rooting you need physical access to the device. I am 1000 times more scared of remote hacking and exploits than rooting.

Not true. Malware just discovered on Google Play has the ability to root the device.
Advanced malware gets into Google Play store twice, possibly 1M downloads - SC Magazine