-
So the real question from where I sit is how long Marshmallow will continue to be patched, since the Priv won't be updated to the new OS's.12-24-17 08:10 PMLike 0 - BBOS's decline in developed markets started in 2010 - that's when growth started to reverse in those markets (North America, Europe, and east Asia). Overall userbase continued to grow for a couple more years because used and entry/mid-level phones were being sold into emerging markets to individuals in large numbers (Africa, South Asia, South America) - but BB's earnings potential from these customers was going to be very limited - there wasn't going to be BES revenue or other ways to monetize beyond BIS fees (which were reduced in those countries compared to developed markets). It also meant that most of those markets wouldn't be able to move to BB10, which was going to be priced at the high end - out of reach for the emerging markets who could afford a used Pearl or Curve.
While emerging market users certainly were helpful for BB at the time (2008-2012), they were never going to be helpful for BB10 in any significant numbers (and that's exactly how things came to pass). But had those users not existed at all, the story would have been more obviously bad for BB starting in 2010, when sales in developed markets began to drop for the first time after 10 years of constant growth.
Am I wrong, but these vulnerabilities we keep talking about are against the Android OS and not the Priv itself? The Priv just so happen to run the Android OS. This is like saying I won't buy a Dell because Windows may get a virus.
So the real question from where I sit is how long Marshmallow will continue to be patched, since the Priv won't be updated to the new OS's.12-24-17 09:14 PMLike 0 -
Posted via CB10HughJarsse likes this.12-27-17 06:48 PMLike 1 - or one BB android mid range device with almost priced as flagship with 2-3 years of support and probably will get slower and bugs each time update comes..12-27-17 07:36 PMLike 0
-
The KEYᵒⁿᵉ is a bit more specialized with the pkb, so would obviously garner a premium. Not really comparable.
Software has been stable and excellent. Phone continues to be snappy after 6 months of use for me.12-27-17 07:42 PMLike 0 - 12-28-17 07:04 AMLike 0
- Your passive aggressiveness aside, a $449 Motion qualifies as almost half the price of an iPhone. Anything in the $350-$500 fits the bill.
The KEYᵒⁿᵉ is a bit more specialized with the pkb, so would obviously garner a premium. Not really comparable.
Software has been stable and excellent. Phone continues to be snappy after 6 months of use for me.
Those Samsung are 1000 $ tough.12-28-17 07:17 AMLike 0 -
Certainly some do include patches for critical vulnerabilities, so they are important, but a conservative Android implementation like BlackBerry's renders many vulnerabilities unexploitable because the features they try to exploit are not enabled in the first place.
For a metaphor, think about the difference between securing a penthouse in NYC with two high end steel doors and a private elevator vs. a large sprawling ranch with 5 exterior doors and 60 windows that open fully to let in fresh air. The ranch is inherently more difficult to secure, and many of its vulnerabilities are not a concern for the penthouse, even if use the same materials internally.
Obviously, that's an extreme metaphor. I'm just trying to explain that the whole point of "hardening" the Android kernel is to eliminate some of the vulnerabilities completely, like removing a window or sealing it permanently.
Posted with my trusty Z1012-28-17 07:28 AMLike 0 -
We're comparing 5 years of support from an $850 iPhone to buying two mid-range Android devices each with 2-3 years of support.12-28-17 07:36 AMLike 0 -
- The value of most patches in terms of security improvements are unproven. Many of the updates are bug fixes with no security implications. Others are security patches for relatively obscure components of Android that may not be implemented by most OEMs.
Certainly some do include patches for critical vulnerabilities, so they are important, but a conservative Android implementation like BlackBerry's renders many vulnerabilities unexploitable because the features they try to exploit are not enabled in the first place.
https://www.cvedetails.com/vulnerabi...e-Android.html
Your point probably applies more to BBOS and BB10 than BB Android, simply because BlackBerry can't rewrite entire libraries without risking compatibility issues which I assume would disqualify them from Google Play services.Dunt Dunt Dunt likes this.12-28-17 10:19 AMLike 1 - Looking at their changelogs BlackBerry patches almost every vulnerability in BB Android that Google patches in regular Android. The only confirmed vulnerabilities that BB Android provides some level of protection against are root based exploits but recent Android vulnerabilities seem to focus on other attack vectors,
https://www.cvedetails.com/vulnerabi...e-Android.html
Your point probably applies more to BBOS and BB10 than BB Android, simply because BlackBerry can't rewrite entire libraries without breaking compatibility which I assume would disqualify them from Google Play services.
I am not suggesting that patches lack value for BlackBerry's Android. I'm just explaining that it's not known HOW MUCH additional security any given patch would offer Priv, DTEK, and BlackBerry Mobile users. In the case of the Priv, it's a open question whether a fully patched generic Android on Marshmallow will be more or less secure than a Priv with its last 2017 patch at the end of 2018.
Most likely the Priv will be more secure against certain threats, while the generic Android will be more secure against others. Which one of is "better" depends on the needs of the user.
For bug fixes and features, having the most recent patch is certainly better.12-28-17 10:34 AMLike 0 - Yes, whether or not BlackBerry's version of Android is vulnerable to a specific exploit, there is no way they would want to selectively apply parts of a security patch, given the risks to overall compatibility.
I am not suggesting that patches lack value for BlackBerry's Android. I'm just explaining that it's not known HOW MUCH additional security any given patch would offer Priv, DTEK, and BlackBerry Mobile users. In the case of the Priv, it's a open question whether a fully patched generic Android on Marshmallow will be more or less secure than a Priv with its last 2017 patch at the end of 2018.
Most likely the Priv will be more secure against certain threats, while the generic Android will be more secure against others. Which one of is "better" depends on the needs of the user.
For bug fixes and features, having the most recent patch is certainly better.
Just going by past examples, if security is important to you then it's probably not recommended that you use unpatched BB Android devices (or any unpatched Android device for that matter).12-28-17 02:51 PMLike 0 - Sure but we can gauge from previous statements by BlackBerry on BB Android's vulnerability to specific threats (BlueBorne, KRACK, QuadRooter, etc) that it is equally vulnerable to "stock" Android exploits (unlike the BB10 runtime for example which is less vulnerable). You will get some protection against root based exploits but how much or how little will probably depend on the exploit.
Just going by past examples, if security is important to you then it's probably not recommended that you use unpatched BB Android devices (or any unpatched Android device for that matter).
So, if I had a team of employees with Privs and I was running UEM, but not Knox, I might not want them to upgrade until I had new controls in place, and I certainly would not allow them to upgrade to a generic Android device at any point.
Posted with my trusty Z1012-28-17 03:04 PMLike 0 - I understand what you're saying, but it really depends on the threat you're trying to protect against. For example, if your most likely threat is from Insiders (disgruntled employee, industrial espionage, foreign agent, etc.) then most of the patched exploits won't protect you as much as the protections against unauthorized changes to the bootloader/OS and other internal controls that are better supported by BlackBerry (or Samsung) than by any of the generic Androids.
So, if I had a team of employees with Privs and I was running UEM, but not Knox, I might not want them to upgrade until I had new controls in place, and I certainly would not allow them to upgrade to a generic Android device at any point.
Posted with my trusty Z10
To the best of my knowledge BB Android isn't really attempting to deal with the former (and I don't think BlackBerry has ever promoted that either).12-28-17 04:15 PMLike 0 - I don't disagree with you, except to say that EMM is more effective with phones that have protection against intentional rooting, which for Android is Samsung and BlackBerry. So, if compromised endpoints are a major threat, an Priv with its last patch might be preferable to a generic Android in my EMM environment.12-29-17 01:06 PMLike 0
-
- been hacked by Obama's private CIa for 6 years. they can hack into any phone and manipulate the people around you. need a phone they can't hack😑😫😭05-06-18 10:09 AMLike 0
-
-
- Blackberry has still pledged “major vulnerabilities " updates. I'm not sure what that entails, but so far no major android vulnerability has appeared since they stopped the monthly update schedule.
They patched BlueBorne and since then there hasn't been a major exploit.08-10-18 04:34 AMLike 0 - I've moved on now anyway.
I'm happy that the two KeyOnes in our household will continue to receive the updates though.
Blackberry has still pledged “major vulnerabilities " updates. I'm not sure what that entails, but so far no major android vulnerability has appeared since they stopped the monthly update schedule.
They patched BlueBorne and since then there hasn't been a major exploit.08-10-18 01:20 PMLike 0 -
- Forum
- Android BlackBerry Phones & OS
- BlackBerry Priv
Priv still secure without updates?
« Phone calls going straight to voicemail without ringing.
|
BlackBerry Priv stuck in Bootloader mode! »
Similar Threads
-
Why is my PRIV not compatible with Reliance Jio services?
By Pankaj Jaju in forum BlackBerry PrivReplies: 8Last Post: 05-03-18, 05:16 PM -
BB Link does not recognize BB10 after latest Windows update
By mturner53 in forum BlackBerry 10 OSReplies: 2Last Post: 01-08-18, 07:26 PM -
What is the disadvantage of security updates being stopped for blackberry by priv??
By CrackBerry Question in forum Ask a QuestionReplies: 5Last Post: 12-21-17, 05:23 PM -
Urgent help : Update download on priv - error
By ranojee1966 in forum BlackBerry PrivReplies: 2Last Post: 12-20-17, 06:05 PM -
Brand new DTEK60 won't update
By Mukade in forum BlackBerry DTEK60Replies: 3Last Post: 12-20-17, 04:49 AM
LINK TO POST COPIED TO CLIPBOARD