[jakeb1986]

Hi all. First post in a long time. I've searched around the forums and haven't really been able to find much info on this topic of late. There has been prior discussion regarding the level of interest of BBos10 users wanting to use GFE on their devices - myself included. I would love this ability on the Z and Q10. I understand that no one has been successful in side loading the GFE application as of yet. Does anyone out there have any further information on this and if it is even possible yet?

[qbnkelt]

Do you mean you want to be able to use your own device on a BES10 environment? You need to contact your admin.

[jakeb1986]

My organisation supports GFE on iOS and android. I want to be able to use my personal blackberry 10 device on GFE perhaps through side loading the android application. If that makes sense.

[Chaplain_Clancy]

If you have the leaked OS 10.2.1.1925, then you should be able to install GFE to your phone. Once you've installed the leaked OS, go to apk-dl.com in your BlackBerry Browser and search Good for Enterprise. Both versions will come up. Our organisation doesn't use GFE, but it's there for testing if you want to have a go.

[jakeb1986]

Thanks for those tips. I'll have to give it a go. Cheers.

[smertz]

Jake, my work has not decided to support BB10 yet. We do support GFE though. I am running leaked OS and GFE works fine. I have used on my Z and Q. I also used it previously by using a debug token to get it to work. If you need any help feel free to DM me for my PIN

Posted via CB10

[akafudge]

I have wanted GFE for ages, on my Q10, so on reading this thread, I loaded the latest OS leak and radio and then downloaded GFE from the BB10BARS site and it all worked really well. In fact, with the new OS and GFE loaded, my Q10 has been given a very welcome uplift in speed and functionality. Really impressed!!

[smertz]

I have wanted GFE for ages, on my Q10, so on reading this thread, I loaded the latest OS leak and radio and then downloaded GFE from the BB10BARS site and it all worked really well. In fact, with the new OS and GFE loaded, my Q10 has been given a very welcome uplift in speed and functionality. Really impressed!!

The latest leak is really solid. Very few issues on the Q10. Good works well. You might want to load something like 1mobile market and do direct installs of apk's. Then you can make sure you have the latest updates to apps.

Posted via CB10

[akafudge]

Hi Smertz, have done as you suggested. Working well!!

[toddgrich]

With the new release of 10.2.1, I installed the Amazon Appstore and there was Good For Enterprise! Do I need to tell IT and get a special setup to use this app, or can I simply tell them i want to use an android version without all the pesky running on Blackberry details?

[smertz]

With the new release of 10.2.1, I installed the Amazon Appstore and there was Good For Enterprise! Do I need to tell IT and get a special setup to use this app, or can I simply tell them i want to use an android version without all the pesky running on Blackberry details?

I just told my IT I was running it on android. Never asked about what device or anything. They emailed me the activation pin and was good to go!

Posted via CB10

[jakeb1986]

Does the app notifications work as they should and is there any integration into the HUB?


Posted via CB10

[Supa_Fly1]

I think you guys have found a serious security joke in Good Technology's support infrastructure.

For those that got this working I'm curious of:

If your IT has turned on disallow hacked IS or similar functionality?!

Ideally this shouldn't work at all.

BlackBerry Q10 ? & Full Metal CB10!

[smertz]

It's a valid OS running Android. Is it any less secure than any other android phone? I would say it is potentially more secure. I see what you are saying, buts it's not like it's a hacked OS. It's running android jelly bean.

Posted via CB10

[smertz]

Does the app notifications work as they should and is there any integration into the HUB?


Posted via CB10

They show up as notifications in the hub. It will just say you have one new message or two new messages etc. If you are still signed into a session that hasn't timed out yet you will get more detail in the notifications like sender, subject, etc.

Posted via CB10

[Supa_Fly1]

It's a valid OS running Android. Is it any less secure than any other android phone? I would say it is potentially more secure. I see what you are saying, buts it's not like it's a hacked OS. It's running android jelly bean.

Posted via CB10

It's a runtime, not a full OS, especially one that Good is tested and coded against the official Android OS. Due to it being an application that's probably why it works not relying on outside hooks/forks; not part of the native Android experience but self contained.

I was talking about the server detecting if the core.OS is reported as being hacked - since G service apps other than mapping doesn't work on BB10 would this allow.the client app to report to the Good server as being suspect. I was NOT arguing if BB10 was secure.or.not

BlackBerry Q10 ? & Full Metal CB10!

[JCyinzer]

Great to hear this is an option... here's my convo with IT today. Wonder what "other ways" he's referring to? Sounds to me like something outside of GFE/BES:

Sent: Wednesday, February 05, 2014 5:37 PM
To: Services, IT
Subject: RE: Blackberry Z10 - Email

Pass this along if you’d like

BlackBerry� Enterprise Service 10 (BES10) is the only solution you
need for secure on-premise device, application and content
management for iOS, Android™ and BlackBerry�. Deploy, manage
and control both corporate and BYOD device users through a simple
unified console. Perfectly balance end user and enterprise mobility
needs without compromise.

BlackBerry Enterprise Service 10 - BES 10 - Mobile Device Management - - US


Sent: Wednesday, February 05, 2014 5:23 PM
To: Services, IT
Subject: RE: Blackberry Z10 - Email

Cool – thank you


From: Services, IT
Sent: Wednesday, February 05, 2014 5:22 PM
Subject: RE: Blackberry Z10 - Email

Possibly. They are currently testing other ways of smartphones to get W***** emails.


Regards,
NA Service Desk, Group IT


Sent: Wednesday, February 05, 2014 4:20 PM
To: Services, IT
Subject: RE: Blackberry Z10 - Email

Chuck,

Thank you for your quick response – any chance this will change in your opinion?

Josh

From: Services, IT
Sent: Wednesday, February 05, 2014 5:18 PM
Subject: RE: Blackberry Z10 - Email

Hello Josh,

That type of Blackberry isn’t support for the Willis system at this time.


Regards,
NA Service Desk, Group IT


Sent: Wednesday, February 05, 2014 4:17 PM
To: Services, IT
Subject: Blackberry Z10 - Email

Hello,

I’m interested in setting up ****** email on my Blackberry Z10. Is this a possibility?

Thanks,

[Supa_Fly1]

I just told my IT I was running it on android. Never asked about what device or anything. They emailed me the activation pin and was good to go!

Posted via CB10

I wonder how long it'll take them to look at the AES Sync logs from Exchange and find it's not a real or valid Android device and either a) approach you (testing to send you an email directly while converging with you for proof) or b) stop all AES services and wait for you to approach them complaining or c) wipe your device entirely (would be surprised if it affects your personal data).

Too many ppl are doing this to circumvent corporate policy/security and when their used to doing so ... very curious who will blame BlackBerry, Good Technology, or their corporate IT department. hmm.

[smertz]

I wonder how long it'll take them to look at the AES Sync logs from Exchange and find it's not a real or valid Android device and either a) approach you (testing to send you an email directly while converging with you for proof) or b) stop all AES services and wait for you to approach them complaining or c) wipe your device entirely (would be surprised if it affects your personal data).

Too many ppl are doing this to circumvent corporate policy/security and when their used to doing so ... very curious who will blame BlackBerry, Good Technology, or their corporate IT department. hmm.

I'm no IT expert but I am unsure you have accurate information. Good does not require an AES implementation, we use a completely different email implementation for our email system. As well, the point of using Good is that it is a sandboxed solution. They do not have access to any data on my device and would be able to do nothing except disable my access within the Good app. They can not wipe a device. Stop trying to scare people.

Posted via CB10

[estuiber]

I'd like to insert myself in this thread and share my own experiences. My corporation is moving towards BYOD at this very moment. We have chosen GFE.
I have a q10 running 10.2.1.1259. The device has no SIM, I use it WiFi only to test leaked OSes.
I was able to install GFE via the Amazon app store.
I was able to enter my email address and PIN, but not able to activate the application without a valid SIM inserted. I received the first attached screen capture. I did some digging on Good's site and this was because the device has cellular connectivity. This check does not take place on a WiFi only tablet.
[see first image]
Once I inserted my AT&T SIM, I can type in my activation PIN that I received from our Good Admin and the software tries to activate. I received the next error. I can't get any further.
[see second image]
I worked with my Good admins who contacted our Good reps. Their response was, "we don't have the best relationship with BlackBerry." So there's that. I'm uncertain what was done to get past this for others or if others experienced it. I also reached out to AT&T to confirm that I don't need any special feature codes on my account. Help?!

[estuiber]

The GFE app does have some APIs available to it for iOS and Android. For example, "You can provision new devices; enforce security policies, and remote wipe enterprise data or the entire device from a single location."
Good for Enterprise

[estuiber]

They do not have access to any data on my device and would be able to do nothing except disable my access within the Good app. They can not wipe a device. Stop trying to scare people.

Posted via CB10

The GFE app does have some APIs available to it for iOS and Android. For example, "You can provision new devices; enforce security policies, and remote wipe enterprise data or the entire device from a single location."
http://media.www1.good.com/documents...enterprise.pdf

[stomko]

GFE worked on my Q10 just fine, until it got blocked by IT admin. As admin, anything can be controlled - device type, IMEI, operator, enforce whatever the policy is (lock device by password, define timeout for locking,...)
So unless your company does not care on what device do you run it and the policy does not block it, you are good. My company does not support using private phones and other than officially supported devices...my bad luck

Posted via CB10

[smertz]

The GFE app does have some APIs available to it for iOS and Android. For example, "You can provision new devices; enforce security policies, and remote wipe enterprise data or the entire device from a single location."
http://media.www1.good.com/documents...enterprise.pdf

You are correct. If the device is a managed device, i.e. given to you and provisioned by your employer they can wipe your device. I was speaking in BYOD terms where the devices are unmanaged and are just performing secure containerization of data. In this instance they have no control of the device.


Posted via CB10

[Supa_Fly1]

I'm no IT expert but I am unsure you have accurate information. Good does not require an AES implementation, we use a completely different email implementation for our email system. As well, the point of using Good is that it is a sandboxed solution. They do not have access to any data on my device and would be able to do nothing except disable my access within the Good app. They can not wipe a device. Stop trying to scare people.

Posted via CB10

First off don't accuse me of trying to "scare" people ... as you said you're not sure if I have the right information .... considering I began with "I wonder" means I don't! Can't scare anyone if I stated "I wonder" not 'I know'.

If AES was in place for GFE then I'm sure the Exchange Admin could detect the type of device connecting, quickly research and see something is amis. But as you've explained this is not what your organization uses a completely different implementation. Basically what my point of chiming in was is nobody had bothered to research to see if their workaround to getting their BB10 device on GFE could be detected and services disallowed. Has anyone specifically talked to their IT department to see if these methods could be seen as counter to policy and for what reasons? Offering a solution without considering this could open the thread up to a different direction; could not for sure ... I just figured pointing this out.

PS: There was specific information stated both on the main page at BB and on twitter for an admin or programmer (cannot recall which) found a specific leak that (a small minute list of) Android apps can get personal information from BB10 and BlackBerry has been made aware. I believe blackberry.com/btsc has an article specifically to this affect with no resolution but being worked on. That is not intentionally scaring anyone.

BlackBerry 10.2.1 Android Runtime BES Security Flaw Discovered | N4BB

Frank B�ttner from the ABS Team GmbH has found that even while having a BES policy in place to block his business contacts, his installed Android apps such as Skype and Go Launcher EX were able to pull his BES contacts.

You can toggle the availability of this information with the “Personal Apps Access to Work Contacts” policy. There are three options for allowing apps access to your BES contact info: All, Only BlackBerry Apps, or None.

Though, as found by B�ttner, no matter what policy is set in place the Android apps still have access to the work contacts. This is interesting in itself, as Android apps are not allowed on the work-side of BlackBerry 10, only native apps.

http://forums.crackberry.com/blackbe...kspace-901911/

"This policy failed in BlackBerry 10.2.1, precise 10.2.1.537. The person responsible for running the Android Apps runtime has access to this address, no matter what is set in the policy. And they inherited these rights manifest in all Android apps. This is particularly piquant, as BlackBerry does not allow Android apps in the secure environment for security reasons. There only run native apps.

UPDATE: However this apparently was fixed (just found this out after typing my last paragraph looking for the actual article).

continued quote ...

The vulnerability has been known for Blackberry and already fixed. The H Security today received the following official statement of the manufacturer: "We have Investigated at issue in the Android app player Involving specific permissions, and we have it in our Addressed latest software build We will work with our carrier partners to help Ensure the update is available. to customers. "According to BlackBerry, it is for now so the carriers, to close this gap."