BBM one of the least secure messaging platforms, based on this EFF report
- ^ THIS ^ is a very good article on this issue. Good solutions are available, and it's nice to see which companies are stepping up. I'll wait for BlackBerry to respond, but EFF is awesome.
I completely agree with the superiority of open source when it comes to security. At least with open source measures, there is room for public expert debate and flaws can be discovered. True, we need good people to disclose problems they find, but that's still better than being forced to trust closed source methods on faith. Since the Snowden revelations, you're a fool to trust any government or company, except those that can verify their methodologies in the full light of day.
Z-30 / STA100-5 / 10.3.0.1418 / T-Mobile USA11-05-14 12:17 PMLike 0 - Instead of plotting conspiracy theories we should strive to improve the products of the company we support.
This EFF report is a welcome start on a debate that needs to happen. We can't just take the word of companies.
There needs to be audits and checks on the products that companies advertise.
Open source code and truly independent reviews are the best way to catch bugs.
Even if sometimes organisations with more manpower and resources use the open flaws to their advantage before others catch on. It's still better than having the code locked down without knowledge of its flaws.
Posted via CB10
"EFF, in collaboration with Julia Angwin at ProPublica and Joseph Bonneau at the Princeton Center for Information Technology Policy, are joining forces to launch a campaign for secure and usable crypto. We are championing technologies that are strongly secure and also simple to use."11-05-14 12:19 PMLike 0 - Why should Blackberry care about other features of security, when they have the best encryption.
http://forums.crackberry.com/general.../#post1104976611-05-14 12:42 PMLike 0 -
Also this was early on when BBM was pretty much the top used messaging client on mobile. The alternative was SMS which the governments can all easily get to via the carriers.
I expect the recent trend towards encryption by Apple, Google, etc. will get a great many governments similarly upset.11-05-14 12:52 PMLike 0 - Tre LawrenceBetween RealitiesWhy should Blackberry care about other features of security, when they have the best encryption.
http://forums.crackberry.com/general.../#post1104976611-05-14 01:44 PMLike 0 - Of course the TIME BBM channel finally decide to post something about BlackBerry...
Now it's going to spread like wildfire through the main stream media outlets,.. Pretty much game over for BBM,.. even if they come out with a convincing explanation (which the vast majority will never see).
Posted via CB1011-05-14 03:21 PMLike 0 - The EFF did not perform vulnerability assessments or in-depth technical analyses of the encryption implementations in the reviewed products. Instead it judged them based on principles and features it felt are necessary to protect communications from widespread Internet surveillance by governments, which includes data collection in transit or from online service providers.
Posted from my BlackBerry Passport with OS 10.3.1.101611-05-14 03:34 PMLike 4 - The EFF did not perform vulnerability assessments or in-depth technical analyses of the encryption implementations in the reviewed products. Instead it judged them based on principles and features it felt are necessary to protect communications from widespread Internet surveillance by governments, which includes data collection in transit or from online service providers.
Posted from my BlackBerry Passport with OS 10.3.1.1016
And this is it in the nutshell. They didn't actually test anything.11-05-14 03:45 PMLike 0 - what about those celebrities nude pictures leaks from iCloud/iMessage? how did they receive higher points than BBM from the EFF?
what about those apps which needs Google Play Services installed? how can a 3rd party app become secure when they rely on Google's services?
lots of questions though about this EFF's scorecard
Posted via CB10Bluenoser63 and Dave Bourque like this.11-05-14 08:27 PMLike 2 - Some people's blind faith in BlackBerry without any other support for their position is comical.
Everyone is entitled to believe what they want to believe. But to try and rebut known facts about BlackBerrys security protocol (which is widely known and not even disputed by BB) with a simple "BlackBerry is the best" won't cut it. At least with anyone who knows about proper security encryption and protocols.
I admire your loyalty and trust in BlackBerry, they make great products. But to blindly accept the notion that they use the best, most secure methodologies without any doubt, then to rant about how corrupt, wrong, and conspiritory good organizations, EFF, Mac World, ect, attempt to point out known holes in not only BBM but many other messenger platforms security is a bit childish and naive.
Any smart company should welcome constructive criticism in an effort to constantly improve. If your product can't stand up to a bit of criticism and tough questioning, then it's not for me.
Security means different things to different people, I agree. Most of us, me included, probably will never need NSA proof security measures nor be a victim of cyber crime. This is all academic talk and argument. But there are people out there who's jobs and lives depend upon rock solid security and encryption. I hope for those people anyway, this argument will lead to a clearer picture of who they can trust and who they cant.
Sent from my awesome BlackBerry Z3 running BlackBerry 10 - 2BBEAACF11-05-14 10:16 PMLike 4 - Some people's blind faith in BlackBerry without any other support for their position is comical.
Everyone is entitled to believe what they want to believe. But to try and rebut known facts about BlackBerrys security protocol (which is widely known and not even disputed by BB) with a simple "BlackBerry is the best" won't cut it. At least with anyone who knows about proper security encryption and protocols.
I admire your loyalty and trust in BlackBerry, they make great products. But to blindly accept the notion that they use the best, most secure methodologies without any doubt, then to rant about how corrupt, wrong, and conspiritory good organizations, EFF, Mac World, ect, attempt to point out known holes in not only BBM but many other messenger platforms security is a bit childish and naive.
Any smart company should welcome constructive criticism in an effort to constantly improve. If your product can't stand up to a bit of criticism and tough questioning, then it's not for me.
Security means different things to different people, I agree. Most of us, me included, probably will never need NSA proof security measures nor be a victim of cyber crime. This is all academic talk and argument. But there are people out there who's jobs and lives depend upon rock solid security and encryption. I hope for those people anyway, this argument will lead to a clearer picture of who they can trust and who they cant.
Sent from my awesome BlackBerry Z3 running BlackBerry 10 - 2BBEAACF11-05-14 10:23 PMLike 0 - Please show where EFF actually did any testing of the platforms other than reading about them? Did they actually try and do any lab testing to attempt to hack into those messaging apps? The answer is NO. So this is a paper tiger and has nothing to do with actual testing.
Testing doesn't have anything to do with it. The encryption protocols of each platform are not in question.
EFF has a set of standards and requirements that they believe make up good security. They simply compared their standards to each platforms and rated them accordingly . It's not a hard concept to grasp.
Now, if you want to debate whether what EFF considers solid security to what other reputable security experts believe is good security, then that's a legitimate discussion.
I can tell you though, if you want to debate whether using a Global shared encryption key like BBM does is best-practices encryption , you will lose.
Sent from my awesome BlackBerry Z3 running BlackBerry 10 - 2BBEAACF11-05-14 10:34 PMLike 0 -
-
Posted via CB1011-05-14 10:40 PMLike 3 -
BES was what made everything secure, since there is no BES or BIS requirement, everything is transmitted directly over data, and it can be intercepted, it is not %100 encrypted.11-05-14 10:43 PMLike 0 - I'm deeply suspicious that the lack of end-to-end encryption opens the possibility for data mining, even in BBM. Why not just encrypt end-to-end?
We need a straight up answer as to whether BlackBerry data mines. If BlackBerry doesn't, then they should use that as a positive differentiator!
Z-30 / STA100-5 / 10.3.0.1418 / T-Mobile USAjefbeard911 likes this.11-05-14 10:44 PMLike 1 -
Sent from my awesome BlackBerry Z3 running BlackBerry 10 - 2BBEAACF11-05-14 10:50 PMLike 0 - I'm deeply suspicious that the lack of end-to-end encryption opens the possibility for data mining, even in BBM. Why not just encrypt end-to-end?
We need a straight up answer as to whether BlackBerry data mines. If BlackBerry doesn't, then they should use that as a positive differentiator!
Z-30 / STA100-5 / 10.3.0.1418 / T-Mobile USA
BlackBerry Protected offers end to end encryption.
Makes you wonder then, why would BlackBerry need to offer another version of BBM if the original was so secure? hmmmmm...note the sarcasm.
Sent from my awesome BlackBerry Z3 running BlackBerry 10 - 2BBEAACFeyesopen1111 likes this.11-05-14 10:54 PMLike 1 - Why should Blackberry care about other features of security, when they have the best encryption.
http://forums.crackberry.com/general.../#post11049766
Sent from my awesome BlackBerry Z3 running BlackBerry 10 - 2BBEAACF11-05-14 11:04 PMLike 0 - Good point.
BlackBerry Protected offers end to end encryption.
Makes you wonder then, why would BlackBerry need to offer another version of BBM if the original was so secure? hmmmmm...note the sarcasm.
Sent from my awesome BlackBerry Z3 running BlackBerry 10 - 2BBEAACF
Of course pro-Chen die-hards would immediately defend the move!
Z-30 / STA100-5 / 10.3.0.1418 / T-Mobile USAjefbeard911 likes this.11-05-14 11:45 PMLike 1 - Some people's blind faith in BlackBerry without any other support for their position is comical.
Everyone is entitled to believe what they want to believe. But to try and rebut known facts about BlackBerrys security protocol (which is widely known and not even disputed by BB) with a simple "BlackBerry is the best" won't cut it. At least with anyone who knows about proper security encryption and protocols.
I admire your loyalty and trust in BlackBerry, they make great products. But to blindly accept the notion that they use the best, most secure methodologies without any doubt, then to rant about how corrupt, wrong, and conspiritory good organizations, EFF, Mac World, ect, attempt to point out known holes in not only BBM but many other messenger platforms security is a bit childish and naive.
Any smart company should welcome constructive criticism in an effort to constantly improve. If your product can't stand up to a bit of criticism and tough questioning, then it's not for me.
Security means different things to different people, I agree. Most of us, me included, probably will never need NSA proof security measures nor be a victim of cyber crime. This is all academic talk and argument. But there are people out there who's jobs and lives depend upon rock solid security and encryption. I hope for those people anyway, this argument will lead to a clearer picture of who they can trust and who they cant.
Sent from my awesome BlackBerry Z3 running BlackBerry 10 - 2BBEAACF
Posted via CB1011-06-14 12:21 AMLike 0
- Forum
- BBM Central
- General BBM Chat
BBM one of the least secure messaging platforms, based on this EFF report
Similar Threads
-
Why won't my BB Bold 9900 turn on?
By CrackBerry Question in forum Ask a QuestionReplies: 1Last Post: 12-05-14, 03:15 PM -
Financial Post Article on Chen's one year at BlackBerry
By Grafic111 in forum General BlackBerry News, Discussion & RumorsReplies: 13Last Post: 11-08-14, 12:35 AM -
New bbm force close
By Hendri kusliawan in forum General BBM ChatReplies: 3Last Post: 11-04-14, 09:02 PM -
My blackberry internet service is not connected how to connect on bold 9700?
By CrackBerry Question in forum Ask a QuestionReplies: 2Last Post: 11-04-14, 12:04 PM
LINK TO POST COPIED TO CLIPBOARD