06-04-14 09:18 AM
107 ... 345
tools
  1. Prem WatsApp's Avatar
    Let's wait and see.

    Zzzzwiped from a Zedevice....
    04-16-14 06:41 PM
  2. Joker14's Avatar
    What about the promised whitepaper?

    Posted via CB10
    05-16-14 02:31 PM
  3. Joker14's Avatar
    Thank you berryvic for this link...

    http://blogs.blackberry.com/2014/03/bbm-security/

    Posted via CB10
    05-22-14 12:10 PM
  4. lenlenvillanueva's Avatar
    2ACAAA34 add me guys!

    Posted via CB10
    05-22-14 08:31 PM
  5. Superdupont 2_0's Avatar
    Whitepaper is out there confirming that TLS is implemented on all platforms.

    And actually these gentlemen from the university of Amsterdam intercepted only the BlackBerry ID with a specific MITM attack on BBM on Android, while they failed to intercept anything else: https://os3.nl/_media/2013-2014/cour...bbm_report.pdf

    Since all that is somehow in contradiction to my personal understanding of "very critical", I wonder if that rating of the Stiftung Warentest is fair...and I wonder how they confirmed the content of encrypted text as they state " The Android version transmits encrypted user data, but in greater depth, e.g. username and password, D.O.B, first and last name, country of origin, email address and security question." .

    English version of their findings are here:
    https://www.bolehvpn.net/blog/2014/0...e-to-whatsapp/

    Users who desperately want end-to-end encryption for bbm can have a look at is app , although I don't know whether any pgp is available on iOS and Android.
    06-02-14 05:40 AM
  6. surgeon1919's Avatar
    Does this apply to BlackBerry to Blackberry when not on BES?

    Posted via CB10
    06-03-14 06:30 PM
  7. Superdupont 2_0's Avatar
    Does this apply to BlackBerry to Blackberry when not on BES?
    Yes, it does apply for BBM when not on BES.
    It's extremly important to understand that BBM is a consumer product on Android, iOS and BlackBerry platforms.

    However there are some minor differences between platforms:
    BBM on iOS and Android is using only TLS1.0 with certificate pinning.
    BBM on BlackBerry devices (OS 7 and OS 10) use TLS1.0 with certificate pinning and Triple DES 168-bit.
    So there is an additional layer of encryption for BlackBerry devices (even without BES).

    Since BMM is using certificate pinning on all platforms it seems to be even safer than iMessage from Apple, because

    POINT 1
    - iMessage doesn't use certificate pinning and is hence vulnerable to MITM attacks
    These gentlemen sniffed the apple ID and password: iMessage Privacy

    POINT 2
    - All other content of iMessage is encrypted, but Apple is controlling the encryption keys.
    Apple's iMessage encryption claims refuted (again) | ZDNet

    You have the same situation for the Triple DES 168-bit encryption keys on the BlackBerry devices, which are controlled by BlackBerry (unless you have BES, because BES admins can change the keys).

    IMHO, from a consumer point of view, bbm is the safer messenger for consumers and again, I don’t understand the rating “very critical”. How would they rate iMessage? A “total disaster”?
    Last edited by Superdupont 2_0; 06-04-14 at 10:38 AM.
    surgeon1919 likes this.
    06-04-14 09:18 AM
107 ... 345

Similar Threads

  1. BBM in q10 Unable to communicate with user on Android BBM
    By sailoreng in forum General BBM Chat
    Replies: 1
    Last Post: 02-27-14, 08:48 AM
  2. Screen won't rotate while in BBM
    By Mellfee in forum BlackBerry 10 OS
    Replies: 4
    Last Post: 02-26-14, 08:28 PM
  3. Average Selling Prices by Mobile Platform
    By cbvinh in forum General BlackBerry News, Discussion & Rumors
    Replies: 1
    Last Post: 02-26-14, 06:24 PM
  4. The CB10 app and the way posts by ignored users are "spoiled"
    By RyanGermann in forum Site and App Feedback & Help
    Replies: 3
    Last Post: 02-26-14, 04:58 PM
LINK TO POST COPIED TO CLIPBOARD