10-11-15 11:01 PM
28 12
tools
  1. The Big Picture's Avatar
    So which is technically more secure and private?

    Both these devices are targeted to privacy conscious consumers as well as enterprise.

    I believe this comparison is the most interesting debate to have this year with data being as precious as it is nowadays.

    Can Blackphone 2 replace the likes of Blackberry in privacy?

    Watch the video and let's discuss!

    P.S Does anyone know if one could disallow permission to google play services? And how would that affect your android device? Especially with android M having granular permissons.

    Posted via CB10
    10-02-15 05:52 AM
  2. tazcubed's Avatar
    Well, since Android is currently swiss cheese, I'd say neither.

    Every Android device is vulnerable to newly discovered bugs - CNET

    So far as I understand it, play services cannot be stopped without having some impact on things like contacts.

    Why do I need Google Play Services? - Android Forums at AndroidCentral.com
    extisis likes this.
    10-02-15 06:18 AM
  3. Omnitech's Avatar
    The main difference between the products from those 2 companies is one company is extremely dependent on the substantial business they do with large military/government/spy agencies and will not do anything to undermine their surveillance activities, and the other was founded by a guy who nearly went to jail for writing a famous free encryption program in wide use today, which was essentially designed to keep individuals free from having their data snooped on by those same agencies. (And others)

    I'll let you guess which is which.
    dusanvn and The Big Picture like this.
    10-02-15 06:52 AM
  4. AnimalPak200's Avatar
    The main difference between the products from those 2 companies is one company is extremely dependent on the substantial business they do with large military/government/spy agencies and will not do anything to undermine their surveillance activities, and the other was founded by a guy who nearly went to jail for writing a famous free encryption program in wide use today, which was essentially designed to keep individuals free from having their data snooped on by those same agencies. (And others)

    I'll let you guess which is which.
    Doesn't that imply that those agencies would not consider a device that they would know was vulnerable?

    Posted via CB10
    10-02-15 07:11 AM
  5. Omnitech's Avatar
    Doesn't that imply that those agencies would not consider a device that they would know was vulnerable?

    Not sure exactly what you're getting at there.

    First of all, there are publicly-known vulnerabilities, privately-known vulnerabilities, and backdoors. Something we may consider secure may not be as secure as we think it is. I think Mr. Snowden has disabused any who have been paying attention of such fairy tales.

    I'm not sure BlackBerry is specifically targeting the Priv at government agencies, such agencies generally don't care about whether or not they can download half a million game apps or not, whereas that is the primary goal (according to Chen) for the Priv... "solving the app problem". The "privacy" aspect is just an attempt at differentiation in a ridiculously-competitive sector.

    Though it will surely get pitched to gov agencies and companies, as it is basically their flagship device at this point. And if high-security agencies are dumb enough to be pushing for Android devices, I guess BlackBerry would like to have a chance to sell them some.
    10-02-15 07:23 AM
  6. The Big Picture's Avatar
    The main difference between the products from those 2 companies is one company is extremely dependent on the substantial business they do with large military/government/spy agencies and will not do anything to undermine their surveillance activities, and the other was founded by a guy who nearly went to jail for writing a famous free encryption program in wide use today, which was essentially designed to keep individuals free from having their data snooped on by those same agencies. (And others)

    I'll let you guess which is which.
    OMG omnitech is that you? Where have you been? You left me alone to deal with troy!

    Posted via CB10
    10-02-15 07:35 AM
  7. Omnitech's Avatar
    OMG omnitech is that you? Where have you been? You left me alone to deal with troy!

    Heh. Been very busy. Well, then there was that other little issue...

    And still not much time to spend here like I used to, I'm afraid. But I'll come in from time-to-time to wave my hands around most likely...
    10-02-15 07:40 AM
  8. The Big Picture's Avatar
    Heh. Been very busy. Well, then there was that other little issue...

    And still not much time to spend here like I used to, I'm afraid. But I'll come in from time-to-time to wave my hands around most likely...
    Welcome back anyways! Looking forward to your valuable and informative replies and posts.

    Posted via CB10
    10-02-15 07:52 AM
  9. sayf777's Avatar
    OMG omnitech is that you? Where have you been?

    Posted via CB10
    Lol my taughts exactly. What was that app that maybe disallows Internet access to apps? Think it was called disconnect me or something?

    Also if what they say is true about silent or secureOS it's not about being unrootable but just that they have no way if seeing what info gets transmitted on our phones.


    Posted via CB10
    Last edited by sayf777; 10-02-15 at 08:20 AM.
    10-02-15 08:06 AM
  10. AnimalPak200's Avatar
    Not sure exactly what you're getting at there.

    First of all, there are publicly-known vulnerabilities, privately-known vulnerabilities, and backdoors. Something we may consider secure may not be as secure as we think it is. I think Mr. Snowden has disabused any who have been paying attention of such fairy tales.

    I'm not sure BlackBerry is specifically targeting the Priv at government agencies, such agencies generally don't care about whether or not they can download half a million game apps or not, whereas that is the primary goal (according to Chen) for the Priv... "solving the app problem". The "privacy" aspect is just an attempt at differentiation in a ridiculously-competitive sector.

    Though it will surely get pitched to gov agencies and companies, as it is basically their flagship device at this point. And if high-security agencies are dumb enough to be pushing for Android devices, I guess BlackBerry would like to have a chance to sell them some.
    I guess what I'm saying is I would hope those agencies that have supposedly coerced BlackBerry into being 'cooperative', would be cynical and suspicious enough to assume other countries/agencies could do the same,.. and would therefore never trust it for their own use.

    Of course, they could just be dumb and somehow believe that 'they' are the only ones with the capability (really dumb).

    But my point is that your statement does not necessarily lead to the conclusion that "because BlackBerry depends on contracts with governments, they are necessarily cooperating with them to include back doors and vulnerabilities."

    One would hope that it actually is the opposite, since counterintelligence is as old as intelligence.

    Posted via CB10
    10-02-15 08:08 AM
  11. Omnitech's Avatar
    Lol my taughts exactly. What was that app that maybe disallows Internet access to apps? Think it was called disconnect me or something?

    Also if what they say is true about silent or secureOS it's not about being unrootable but just that they have no way if seeing what info gets transmitted on our phones.

    Can you share the name of the program you referring to omnitech? Edit: Ah never mind I think the creator's first name is Jacob right?

    Was I referring to an app somewhere?

    "Unrootable" is useful but any technology company with clueful management these days is not going to make such sweeping promises because almost inevitably it will eventually get compromised by someone and the fallout from that PR embarrassment is worse than the benefit that might be gained by claiming their product is invincible.

    In Blackphone's case, they are promising a 72-hour turnaround on verified vulns, in part because they are in complete control of their OS updates. (Something which has bitten Blackberry hard for a long time now. But since Blackphone doesn't have all the carrier relationships and only sells unlocked phones, they are in a better position to have that freedom.)
    thinkinfinity, sayf777 and dusanvn like this.
    10-02-15 08:24 AM
  12. Omnitech's Avatar
    I guess what I'm saying is I would hope those agencies that have supposedly coerced BlackBerry into being 'cooperative', would be cynical and suspicious enough to assume other countries/agencies could do the same,.. and would therefore never trust it for their own use.

    Of course, they could just be dumb and somehow believe that 'they' are the only ones with the capability (really dumb).

    But my point is that your statement does not necessarily lead to the conclusion that "because BlackBerry depends on contracts with governments, they are necessarily cooperating with them to include back doors and vulnerabilities."

    I'm not suggesting that they are building in backdoors, though that is not out of the question. We do know that they have granted access to customer data in the past for government agencies in certain countries which have taken them to task for making it difficult to snoop on their user's traffic.

    However what I'm primarily saying is that Blackberry is almost certainly not going to build a device that is so impenetrable that it regularly infuriates the same 3-letter agencies that are their best and most reliable customers. If you have observed the company as closely as I have for the past few years, it's fairly obvious that BlackBerry tries very hard not to step on those customers toes. And BlackBerry has specific departments these days whose sole function is to liase with and promote their products to law-enforcement agencies, for example.

    The other "Black" product does not have that kind of conflict-of-interest problem. (Though they are starting to shift their focus to the enterprise market, which I think is most likely because they are realizing how few individual people are willing to pay the kind of premium they are charging, and put up with the functionality limitations inherent in, their product.)
    thinkinfinity and dusanvn like this.
    10-02-15 08:33 AM
  13. kbz1960's Avatar
    So essentially the BlackPhone is android M before android M.
    10-02-15 08:45 AM
  14. The Big Picture's Avatar
    So essentially the BlackPhone is android M before android M.
    In a way of granular permission controls maybe but I think the main difference is the dependencies on google services and how even that can be controlled.

    Posted via CB10
    kbz1960 likes this.
    10-02-15 11:31 AM
  15. Omnitech's Avatar
    So essentially the BlackPhone is android M before android M.
    Not even close. Granular app permissions (which BTW were available in the BB10's Android player for a while now even before BlackBerry created a tool themselves, see my signature) are only a small part of what Blackphone is doing.

    The problem, seems to me, is securing a device without handicapping the functionality. Case in point: people complain about the lack of apps in BlackBerry World or Amazon App Store, right? Well Blackphone has their own app store, with apps they have vetted for security and privacy. Sounds good, right? Know how many apps it has? 23. Ahahahhaahaaa...
    thinkinfinity, dusanvn and kbz1960 like this.
    10-02-15 02:39 PM
  16. The Big Picture's Avatar
    Not even close. Granular app permissions (which BTW were available in the BB10's Android player for a while now even before BlackBerry created a tool themselves, see my signature) are only a small part of what Blackphone is doing.

    The problem, seems to me, is securing a device without handicapping the functionality. Case in point: people complain about the lack of apps in BlackBerry World or Amazon App Store, right? Well Blackphone has their own app store, with apps they have vetted for security and privacy. Sounds good, right? Know how many apps it has? 23. Ahahahhaahaaa...
    Do you think BlackBerry App World should be included with the Priv?

    Posted via CB10
    10-02-15 03:02 PM
  17. ToniCipriani's Avatar
    Well, since Android is currently swiss cheese, I'd say neither.

    Every Android device is vulnerable to newly discovered bugs - CNET

    So far as I understand it, play services cannot be stopped without having some impact on things like contacts.

    Why do I need Google Play Services? - Android Forums at AndroidCentral.com
    I don't understand the arguments that keep coming up about Android vulnerabilities. BlackBerry 10 has their own fair share of equally serious vulnerabilities, yet the diehards around here act like they don't exist:

    Security update for BlackBerry 10 OS fixes remote code execution vulnerability | PCWorld
    https://labs.mwrinfosecurity.com/adv...cve-2014-6611/

    Software is software. It's written by humans, and there are mistakes/bugs, it's just nature of software development. It happens. It's how you handle the exploit when it's uncovered that matters. Vulnerabilities get magnified on Android due to the volume of devices and OEMs that simply don't give a ****, because they want you to buy a new phone.

    Blackphone was amongst the first ones to patch the original Stagefright. If BlackBerry ventures down the road, given the track record on how often my Classic got updated, I expect BlackBerry to address these in a timely fashion as well. This is what matters the most.
    10-02-15 03:13 PM
  18. yhamaie's Avatar
    Software is software. It's written by humans, and there are mistakes/bugs, it's just nature of software development. It happens. It's how you handle the exploit when it's uncovered that matters. Vulnerabilities get magnified on Android due to the volume of devices and OEMs that simply don't give a ****, because they want you to buy a new phone.

    Blackphone was amongst the first ones to patch the original Stagefright. If BlackBerry ventures down the road, given the track record on how often my Classic got updated, I expect BlackBerry to address these in a timely fashion as well. This is what matters the most.

    I would agree . . . and I hope that PRIV would succeed by quickly resolving our concerns when security loopholes are discovered in Android OS devices as well as the other mobile devices.



    Posted via CB10
    thinkinfinity likes this.
    10-02-15 03:35 PM
  19. Omnitech's Avatar
    I don't understand the arguments that keep coming up about Android vulnerabilities. BlackBerry 10 has their own fair share of equally serious vulnerabilities, yet the diehards around here act like they don't exist:

    [snip]

    Software is software. It's written by humans, and there are mistakes/bugs, it's just nature of software development. It happens. It's how you handle the exploit when it's uncovered that matters. Vulnerabilities get magnified on Android due to the volume of devices and OEMs that simply don't give a ****, because they want you to buy a new phone.
    In a nutshell, it's just not simple.

    So first of all we have a lot of people who opine about matters they have no detailed knowledge of. This is exacerbated by the fact that today, products like these have strong cultural and personal-identity tie-ins including the fact that most people in developed countries own at least one of them, and they filter a large part of their lives through it. So we now have "holy wars"about mobile platforms that are driven more by ideology and cultural identification than simply technical merit.

    That said, the reason that so many people talk about Android security weaknesses and vulns and privacy issues is primarily because they are real, actual issues. It is not because for some bizarre reason, the fanboys of one platform are so much more vocal than the fanboys of a competing platform. If anything, one would expect more iOS criticism because there are a lot more Android users in the world today than there are iOS users.

    The issue with slow updates on BB10 is surely a historical problem, but many Android devices suffer the same issue with that for the same reason: carrier-gated OS updates. Blackphone gets around this as stated previously because they aren't bound by the carrier relationships that BlackBerry and many others are, which is no big surprise because their sales quantities are very small and they only sell unlocked devices. Apple also doesn't suffer this problem because they had the foresight to make control of the OS a pillar of their platform and negotiated this before carriers got hard-nosed about it and were willing to make concessions to get the hot new iphone at the time. They also addressed many carriers concerns by providing services that most other platforms never did - like operating a fully-equipped RF testing laboratory where they could do the same kind of internal functional testing that major carriers do. BlackBerry never to my knowledge had that to offer.

    If BlackBerry has found a solution to that logistical SW delivery issue, that will help quite a bit. Then we just have to worry about how much development resources they have to devote to vulnerability mitigation, and their perennial software quality issues.
    thinkinfinity likes this.
    10-02-15 03:51 PM
  20. texn884's Avatar
    A few months back When Sean Hannity was boasting about his Black Phone there was a a hacker group it might of been in Vegas and they cracked into the Black Phone in less that 15 mins blowing their statements how secure it was, i just laughed
    10-02-15 04:02 PM
  21. Omnitech's Avatar
    A few months back When Sean Hannity was boasting about his Black Phone there was a a hacker group it might of been in Vegas and they cracked into the Black Phone in less that 15 mins blowing their statements how secure it was, i just laughed
    Yeah I think they got smarter since then about making blanket statements about invulnerability, and now just emphasize their intention to patch any confirmed vulns within 72 hrs.
    10-02-15 04:08 PM
  22. texn884's Avatar
    BlackBerry for me with OS10 ONLY
    10-02-15 04:11 PM
  23. Omnitech's Avatar
    Do you think BlackBerry App World should be included with the Priv?
    Since BBW primarily applies to BB10 apps (as well as specially-packaged Android apps designed to run on the BB10 Android player), it's not really applicable.

    Making matters worse, BBW app vetting has always been terrible and around the end of last year they laid-off the whole division that did that vetting. So at this point BBW is not really one of BlackBerry's best features.

    The Amazon app store could have been a decent alternative if it weren't for Google's successful campaign to rope Android app developers into embedding Google framework dependencies into their apps such that they would have to be specifically re-designed to work on Amazon's app store. Which unfortunately (and exactly as Google intended), has crippled what Amazon can offer, turning their app store into a sort of ghetto, sorry to say.

    So the only viable option, if you want to be able to leverage those 1.6 million Gplay apps, is to go the route Blackphone took, and isolate insecure apps like Gplay into little jails where they have limited ability to overshare your personal details, but this is not bulletproof either, for a variety of reasons, and it entails various usability compromises.
    thinkinfinity and dusanvn like this.
    10-02-15 04:22 PM
  24. 6stringriffs's Avatar
    I don't understand the arguments that keep coming up about Android vulnerabilities. BlackBerry 10 has their own fair share of equally serious vulnerabilities, yet the diehards around here act like they don't exist:

    Security update for BlackBerry 10 OS fixes remote code execution vulnerability | PCWorld
    https://labs.mwrinfosecurity.com/adv...cve-2014-6611/

    Software is software. It's written by humans, and there are mistakes/bugs, it's just nature of software development. It happens. It's how you handle the exploit when it's uncovered that matters. Vulnerabilities get magnified on Android due to the volume of devices and OEMs that simply don't give a ****, because they want you to buy a new phone.

    Blackphone was amongst the first ones to patch the original Stagefright. If BlackBerry ventures down the road, given the track record on how often my Classic got updated, I expect BlackBerry to address these in a timely fashion as well. This is what matters the most.
    BB10 diehards are grasping at straws! If you really read about the Stagefright II, you'll also see that one can only be infected by downloading MP3's from questionable sources. Much like wondering an urban neighborhood with a history of violent crime, then getting assaulted, and then announcing to the world how dangerous & violent Chicago is. You don't have to visit the south or west side of the city to know this. Just read the Chicago Tribune. But still young people flock there for the excitement, fun, and plenty of jobs.

    This analogy is what these Android vulnerabilities are. Keep reading the articles on Stagefright II. No one has actually been really infected by the bug. It was found by a research group in a controlled lab.

    Contrast this with BB10.... as a Z30 owner, I've been victimized by native apps that have quit working cause it has not been updated by either BB, or native devs (hello Facebook). The native Map is not being updated, so the inaccuracy gets worse & worse everytday. Compare it to Google Maps. Look up 200 N. Columbus Dr, Chicago on both the native Map and Google Map. Zoom in equally to both apps real close. It's no contest. And the Android apps in 10.3.2. The run time is still based on Jellybean. They're already 3 versions behind. In addition, slowly I keep seeing my Andy apps stop working cause it needs G-Play. And the hassle of having to install that Cobalt G-Play and to keep updating it.... forget it. These are real world problems that I know every BB10 owner has faced in the last 6 months.Just look at the the other forums in CB.

    How many people have actually been infected by the Stagefright bug?

    Grasping at straws.
    MO3iusONE likes this.
    10-02-15 05:21 PM
  25. ToniCipriani's Avatar
    That said, the reason that so many people talk about Android security weaknesses and vulns and privacy issues is primarily because they are real, actual issues. It is not because for some bizarre reason, the fanboys of one platform are so much more vocal than the fanboys of a competing platform. If anything, one would expect more iOS criticism because there are a lot more Android users in the world today than there are iOS users.

    The issue with slow updates on BB10 is surely a historical problem, but many Android devices suffer the same issue with that for the same reason: carrier-gated OS updates. Blackphone gets around this as stated previously because they aren't bound by the carrier relationships that BlackBerry and many others are, which is no big surprise because their sales quantities are very small and they only sell unlocked devices. Apple also doesn't suffer this problem because they had the foresight to make control of the OS a pillar of their platform and negotiated this before carriers got hard-nosed about it and were willing to make concessions to get the hot new iphone at the time. They also addressed many carriers concerns by providing services that most other platforms never did - like operating a fully-equipped RF testing laboratory where they could do the same kind of internal functional testing that major carriers do. BlackBerry never to my knowledge had that to offer.

    If BlackBerry has found a solution to that logistical SW delivery issue, that will help quite a bit. Then we just have to worry about how much development resources they have to devote to vulnerability mitigation, and their perennial software quality issues.
    Well my point was not to downplay the seriousness of vulnerabilities on either side. I'm just questioning how many of those ranting about the issues actually understand the issue or just merely repeating what the media says (which usually omits important details as they only care about the headline) and then come up with their own TL;DR versions to rant around.

    And I do agree BlackBerry has a software delivery issue that they need to address for this secure Android thing to work. Why on earth is it that my unlocked phone that isn't even supported nor purchased by my carrier still being bound to the carrier's update schedule? This makes no sense. Only my Classic does this, all the others I've used, if they are unlocked and sold direct, they go by the manufacturer's schedule.
    anon(8063781) likes this.
    10-02-15 10:22 PM
28 12

Similar Threads

  1. Does Priv support China 4G TD-LTE?
    By weiberry in forum BlackBerry Priv
    Replies: 26
    Last Post: 03-21-16, 06:33 AM
  2. Can an Android BB (the PRIV) boast BB10 OS?
    By zlatno in forum BlackBerry 10 OS
    Replies: 49
    Last Post: 01-08-16, 02:48 AM
  3. Priv vs. Passport
    By dc2000 in forum BlackBerry Priv
    Replies: 19
    Last Post: 12-28-15, 07:57 AM
  4. Android's latest security failure - impact on the Priv?!
    By tazcubed in forum BlackBerry Priv
    Replies: 17
    Last Post: 10-06-15, 09:27 AM
  5. Why does my mobile data erase after every restart in 10.3.2 os of my Z10?
    By CrackBerry Question in forum BlackBerry Z10
    Replies: 1
    Last Post: 10-02-15, 01:16 AM
LINK TO POST COPIED TO CLIPBOARD