1. Paraliotis3's Avatar
    Does Crackberry or Blackberry are aware about this???
    Priv is protected ?
    01-11-18 01:46 PM
  2. Dunt Dunt Dunt's Avatar
    Everyone is aware.... couple of threads on this already.

    Currently no the PRIV isn't protected from Specter, Meltdown doesn't apply. Have to see if the PRIV get's the January Patch and any future updates.
    01-11-18 02:04 PM
  3. glwerry's Avatar
    It's not Crackberry's responsibility - they are a forum.

    Blackberry is aware.

    PRIV is NOT protected - as far as I have heard, only Microsoft has released updates to partially address the Meltdown issue.
    I don't think that ANYONE has been able to patch Spectre yet - technically you would have to fix the actual hardware in both cases, but Meltdown is easier to address with a software patch.

    It would be a good idea to update the Chrome browser, as I believe that has had some fixes done.
    01-11-18 02:07 PM
  4. Matty's Avatar
    Does Crackberry or Blackberry are aware about this???
    Priv is protected ?
    As others have said. Blackberry is well aware of the issue and I'm sure they decided a couple months ago (when it was found) if they were going to patch it or not. All we can do is wait to hear from Blackberry. Don't think another thread is needed.

    Google says their Jan 5th security patch partially fixes the issue and it will be fully patched later on. . 😃
    01-11-18 04:03 PM
  5. gizmo21's Avatar
    Best thing beside not (sideloading) unknown apps is to use the newest Browserversion of one of the major devs like Google or Mozilla and perhaps use noscript add-ons.

    But that is common sense anyway if you are security aware.

    I guess we will also see bad mail/messaging-attachments in the future but to be aware of those is also a know vector anyway.
    01-11-18 05:50 PM
  6. thurask's Avatar
    The CPU is partially vulnerable, in that the two high power Cortex A57 cores use speculative execution, i.e. Spectre, while the four low power Cortex A53 cores do not. No ARM chip other than the Cortex A75 (which is too new to matter here) is vulnerable to Meltdown.

    In terms of OS-level mitigations, while Google claims Android isn't directly vulnerable to Meltdown or Spectre, they did introduce a tweak intended to make attacks like Meltdown/Spectre harder in the January 5, 2018 patch level. Since the Priv is officially EOL, and since precedent puts BB's promise to update the Priv at about the same trustworthiness as their promises for Nougat for the Priv and BB10 for the PlayBook, I doubt it'll get patched.

    And, yes, apps themselves can introduce mitigations, like the browser example above. So keep up to date.
    FF22 likes this.
    01-12-18 12:06 AM
  7. Rico4you's Avatar
    BlackBerry did announce when they talked about PRIV RE end of security updates that any security CRITICAL issues would be addressed for PRIV.
    01-13-18 06:35 AM
  8. Chuck Finley69's Avatar
    BlackBerry did announce when they talked about PRIV RE end of security updates that any security CRITICAL issues would be addressed for PRIV.
    Appears to be more talk, less action since device is EOL.
    misterabrasive likes this.
    01-13-18 07:35 AM
  9. Rico4you's Avatar
    Appears to be more talk, less action since device is EOL.
    Let's see if PRIV gets update Re Critical issue.
    EOL? My PRIV running better than ever and get app updates. Use alongside my KEYone.
    01-13-18 08:17 AM
  10. Chuck Finley69's Avatar
    Let's see if PRIV gets update Re Critical issue.
    EOL? My PRIV running better than ever and get app updates. Use alongside my KEYone.
    I'm referring to status from BB perspective regarding exiting hardware when I say EOL. I believe they've washed their hands of all hardware support not paid for by a current licensee. Meltdown and Sceptre will just push users to new devices sooner and BB will just let things bleed out till official EOL. So I'm saying a "practically EOL" situation, unfortunately.
    01-13-18 08:24 AM
  11. Rico4you's Avatar
    I'm referring to status from BB perspective regarding exiting hardware when I say EOL. I believe they've washed their hands of all hardware support not paid for by a current licensee. Meltdown and Sceptre will just push users to new devices sooner and BB will just let things bleed out till official EOL. So I'm saying a "practically EOL" situation, unfortunately.
    Respectful opinion.
    01-13-18 08:50 AM
  12. GiveMeAnthony's Avatar
    If you have Chrome or a Chromium based browser like Brave, then you can go to chrome://flags/#enable-site-per-process in the address bar and enable strict site isolation. According to Google, this should mitigate attacks by isolating sites into separate address spaces. Chrome 64 will include actual patches.
    01-15-18 06:51 AM

Similar Threads

  1. No BlackBerry data error
    By Vigneshd332 in forum General BBM Chat
    Replies: 2
    Last Post: 01-13-18, 03:00 AM
  2. Replies: 1
    Last Post: 01-12-18, 11:07 AM
  3. Have symbols appear in ABC keyboard and use by holding down key?
    By Mr_Kaffeine91 in forum BlackBerry DTEK60
    Replies: 1
    Last Post: 01-11-18, 05:09 PM
  4. BlackBerry Power Center update brings new notification options and stability fixes
    By CrackBerry News in forum CrackBerry.com News Discussion
    Replies: 0
    Last Post: 01-11-18, 11:40 AM
  5. Priv going nuts after last update. New battery or factory reset?
    By CrackBerry Question in forum Ask a Question
    Replies: 1
    Last Post: 01-11-18, 08:48 AM
LINK TO POST COPIED TO CLIPBOARD