[donnation]

With Blackberry releasing an Android phone I really think their security is going to be majorly tested. Since its an Android phone I'm betting that there are guys out there that are just itching to get their hands on it to see if they can root it. I really think this is going to be a major test for Blackberry and their security. With BB10 I don't think that a lot of people have put a whole lot of effort to attempt to crack a BB10 phone because of the low amount of people using them. Even if the phone isn't on BES and someone gains root access to it I think it could really hurt Blackberry's "We are all about security and privacy" statements. With such a large population of people using Android, this is going to be a different world for Blackberry.

[gvs1341]

If I may take the freedom to alter the thread's title a little bit, BlackBerry's claims and Android 6's security would be tested...

Let's hope there's no hubris involved or eroded in the process...

 Q5 / Z30

[AnimalPak200]

Well, at least they didn't call it 'Sec' ...

Posted via CB10

[early2bed]

What's going to be tested is the idea that security is in their DNA, which doesn't make much sense when you literally adopt Android as your handset OS. That would be like me adopting a fully grown adult man and claiming he's a "chip off the ol' block." If you're a programmer of any kind, you know that securing something as complex as an operating system is an impossible task, especially if you don't have control over the core technologies.

It's also interesting that BlackBerry has gone after the privacy theme which is fine until you have to access any of the features that people want in modern handsets like location awareness, predictive language recognition, financial management, cloud services, etc., etc. etc., It's like turning on airplane mode on your smartphone - you still have something but you certainly wouldn't want to keep it like that any more than you had to.

Like the enterprise focus, it's not a strategy that they would have chosen, it's the corner they were backed into and they are trying to make the best of it. The original BlackBerry strategy was more about being connected. Now it's about having the option of being disconnected while on Google.

[Joao Oliveira]

They will always have the escape rope "... for full security you will have to go to our BB10 devices". Better than nothing

[fattyacid]

They'll hack it the first day just for the fun of it.

love your curVes and all your edges all your peRfEct imPerfections

[AnimalPak200]

It's also interesting that BlackBerry has gone after the privacy theme which is fine until you have to access any of the features that people want in modern handsets like location awareness, predictive language recognition, financial management, cloud services, etc., etc. etc., It's like turning on airplane mode on your smartphone - you still have something but you certainly wouldn't want to keep it like that any more than you had to.

I think there's been a misunderstanding between 'privacy' and 'breach of privacy'.

Breach of privacy is when something you didn't want to be known about you becomes available for others to know.

If I give the pizza shop my address in exchange for a pizza delivery, I expect the pizza shop to know my address. Similarly, if I tell my doctor I have 'an itch down there' in exchange for a diagnosis and treatment, then I expect them to know such a thing.

The problem is when those parties then expose that information to other parties I did not agree to, or... when those parties collect information from me that I was not aware I was providing.

And so it goes with apps and the internet.

Most likely, you are voluntarily providing some information about your location, preferences, needs, payment capabilities,.. in exchange for some service (directions, search results, buying a thing, porn, etc). If you don't want to do so, then you can simply NOT use that service.

So the issue, from a user's point of view, becomes one of awareness and ability to decide based on that awareness.

The best way to gain awareness is to fully read TOS, fine print, etc. That is a skill that people probably learn the hard way (after getting screwed). Complementary to that are system mechanisms that alert you or somehow breakdown the information about what an App or service is doing, such that a user can look at it and decide: OK, or WTF.

And this is what BlackBerry seems to be proposing here.

Instead of blocking everything, they propose detecting everything, alerting the user based on that, and letting the user make an informed decision.

Frankly I think this is the only plausible approach to the user terminal side of the 'privacy/security' equation.

...

Of course none of it matters if the pizza store's credit card processing server gets hacked.

Posted via CB10

[zyad]

I don't understand why being rooted is associated with lack of security.
Rooting is something the owner of the phone can do deliberately. It's choosing to alter the entire OS.
So he/she is the one choosing to do it, knowing the risks.
If you want a "secure" device, wouldn't you just not root it in the first place?
How does being rootable make it the manufacturer's fault for having a less secure device out of the box?

Posted via CB10

[BB-JAM215]

BlackBerry is producing a more or less mainstream Android phone with extra security features built in. All they have to do is demonstrate that it is one of the most secure Android phones available.

That's enough to make the Priv a desirable option for people interested in a more secure (whatever that is) device.

[Zmain]

BlackBerry is producing a more or less mainstream Android phone with extra security features built in. All they have to do is demonstrate that it is one of the most secure Android phones available.

That's enough to make the Priv a desirable option for people interested in a more secure (whatever that is) device.

Selling the idea that this is most secure android phone on the market Is not good enough it's either it's secured or not?

''Splendiferousness'' is not even a word that I use to decide my passport

[dbmalloy]

What seems to be missing from the conversation is what exactly BB is touting when saying security and privacy... The main misconception on rooting is what it actually does... basically it alters Android Root system and gives the user super user status.. this in and of itself is not a security issue.. but does leave you wide open for malware and virus infection.. which is why it is a risk... the paper tiger in security is simple.. if you can figure out the users password then it does not matter how good you security is .. it is then meaningless..... for me... I do not consider myself that "important" to care... my company uses a very strict MDM policies for my Apple 6 so it does not matter... I use my Z30 as my daily driver... but do not store any personal info on it.. save my address.... for me online purchases are what computers are for as I can personally lock it down.,.. in the end BB may not care about routing... my guess would be their method of if they sandbox apps.. If they lock down data... and shieild it from rooting... then really does not matter and they have a great come back if and when the device is rooted....

[BB-JAM215]

Selling the idea that this is most secure android phone on the market Is not good enough it's either it's secured or not?

It's not what us phone nerds think that will determine whether or not the Priv is a success. As long as most people know that the Priv is available and feel that it's worth getting because it's more secure than most other phones, that's all that matters.

So yes, selling the idea that this is most secure android phone on the market is good enough.

[donnation]

It's not what us phone nerds think that will determine whether or not the Priv is a success. As long as most people know that the Priv is available and feel that it's worth getting because it's more secure than most other phones, that's all that matters.

So yes, selling the idea that this is most secure android phone on the market is good enough.

That would imply that people cared that if it was the most secure Android phone on the market. Judging by the massive amount of people who buy low end Android phones I don't know if that many people care or will be willing to pay the amount that BB is going to want for this phone.

[AnimalPak200]

That would imply that people cared that if it was the most secure Android phone on the market. Judging by the massive amount of people who buy low end Android phones I don't know if that many people care or will be willing to pay the amount that BB is going to want for this phone.

Which raises an interesting issue.

Generally in a situation like that, you use marketing to 'help' the customer realize they need A, B or C.

However, how eager will carriers be to pay for marketing that will essentially imply the rest of their inventory (which makes up the bulk of their sales) is undesirable?

This is also why it's funny how people scratch their heads wondering why Google didn't 'make a big deal' about the Priv during their event.

The way the product is being framed, it essentially claims to fix a pretty bad flaw of the entire product domain.

Posted via CB10

[ImBerryCurious]

That would imply that people cared that if it was the most secure Android phone on the market. Judging by the massive amount of people who buy low end Android phones I don't know if that many people care or will be willing to pay the amount that BB is going to want for this phone.

Entry level devices can make profit, not success. The reality is that the world does not care as deeply about privacy as they swear they do. People stand in arms against companies that data mine when they see a report on the news about it, but stand in line for a Galaxy S6 the next day. In order to cover their butts, BlackBerry is going to have to specify that they are making the most secure mainstream Android device. In order to make a profit, they need to price it at about Passport price. In order to experience success, they have to release one moderate marketing campaign. They do not currently have the standing to go full scale with a campaign, when they don't even know if there is genuine interest in this device. Chen said they need to sell 10 million units in a year to make a profit. They weren't terribly far from that last year. They weren't close, but the odds aren't quite as dim as one would expect. That said, another Leap level device on Android would likely push them right into that territory.

Posted via CB10

[donnation]

Which raises an interesting issue.

Generally in a situation like that, you use marketing to 'help' the customer realize they need A, B or C.

However, how eager will carriers be to pay for marketing that will essentially imply the rest of their inventory (which makes up the bulk of their sales) is undesirable?

This is also why it's funny how people scratch their heads wondering why Google didn't 'make a big deal' about the Priv during their event.

The way the product is being framed, it essentially claims to fix a pretty bad flaw of the entire product domain.

Posted via CB10

Which is why they are going to have to be somewhat careful on their marketing campaign, if they do one. I highly doubt that Google is going to allow them to market a device as "The Android phone that won't data mine you like all the others," simply because of what you said above. How much is Google really going to allow them to say in regards to "Android isn't private, so buy our private version of Android." Maybe in the corporate world that will be fine, but I don't think it will fly in the straight up personal phone consumer market.

[Crapshoot2010]

I figure at this point BlackBerry should just give up on phones and start making just external keyboards like the Typo for everybody.

I can't really see the long term viability of trying to figure keep IOS and android platforms secured. I actually think the Priv will come with a ton of disclaimers for use in the so called consumer segment and I'll bet there will be a lot of legal overhead associated with the initial launch of the Priv.

In the end I think since most people really don't know the difference between BB10 and the Priv, once the Android version is comprised and whether or not the device was being used correctly for maximum security, the headlines will read BlackBerry Hacked!

They're done.

Posted via CB10

[dejanh]

In the end I think since most people really don't know the difference between BB10 and the Priv, once the Android version is comprised and whether or not the device was being used correctly for maximum security, the headlines will read BlackBerry Hacked!

They're done.

It is a good thing then that 80% don't know about BlackBerry 10 and the other 20% think that BlackBerry died back in 2011. Joking aside, I do see your point. It is all about how they position this handset.

[early2bed]

The Stagefright vulnerability is going to be fixed, today, for a bunch of Nexus devices. For now, these are the only Android devices that aren't susceptible to this issue. If the Priv was on the market this month, one wonders how long it would be before the BlackBerry version of Android had the fix. As of today, the Nexus devices are the most secure and any Privs that are being beta tested out there are not secure.

Here's a BlackBerry security test - will the Priv be launched with or without this known vulnerability?

[ToniCipriani]

I don't understand why being rooted is associated with lack of security.
Rooting is something the owner of the phone can do deliberately. It's choosing to alter the entire OS.
So he/she is the one choosing to do it, knowing the risks.
If you want a "secure" device, wouldn't you just not root it in the first place?
How does being rootable make it the manufacturer's fault for having a less secure device out of the box?

Posted via CB10

Because by design the system is not supposed to provide root access. These rooting techniques usually rely on an exploit.

[anon(9353145)]

Which is why they are going to have to be somewhat careful on their marketing campaign, if they do one. I highly doubt that Google is going to allow them to market a device as "The Android phone that won't data mine you like all the others," simply because of what you said above. How much is Google really going to allow them to say in regards to "Android isn't private, so buy our private version of Android." Maybe in the corporate world that will be fine, but I don't think it will fly in the straight up personal phone consumer market.

I think their best shot for marketing is playing up the touch capacitive pkb and show it in action, the Hub, stereo speakers (if that's included), etc . The security / privacy thing is only relevant to pitch to an enterprise that is open to using Android and can be done through direct sales channels. Consumers overall just don't seem to care that much about it, imo.

Posted via CB10

[idhbar]

I don't understand why being rooted is associated with lack of security.
Rooting is something the owner of the phone can do deliberately. It's choosing to alter the entire OS.
So he/she is the one choosing to do it, knowing the risks.
If you want a "secure" device, wouldn't you just not root it in the first place?
How does being rootable make it the manufacturer's fault for having a less secure device out of the box?

Posted via CB10

If BlackBerry 10 os is rooted, then people first go to delete amazon apps .

[The Big Picture]

Has there ever been an "unrootable" android?

Posted via CB10

[lift]

With BB10 I don't think that a lot of people have put a whole lot of effort to attempt to crack a BB10 phone because of the low amount of people using them.

You don't know that. There are a lot of Government and big corporation employees that use BlackBerry phones. Those are high targets for hackers and I'm sure there have always been people out there trying to hack BlackBerry phones. Don't down play BB10 security. Whether on BES or not.
As far as android running on a BlackBerry. Let's just say that BlackBerry painted a giant target on it's back with the Priv and they better know what they are doing because if anyone hacks or roots it, BlackBerry is finished as a security company.

[lift]

I don't understand why being rooted is associated with lack of security.
Rooting is something the owner of the phone can do deliberately.

Are you kidding me? Typical mindset and knowledge of the android crowd. Do you realize that the only way to root is to take advantage of a security vulnerability (hole)? That means the operating system is NOT secure. Ever wonder why you can't root BB10? Think about that!