[shaleem]

This is an issue that I am not clear on. I'd appreciate it if someone could give me an answer. I was going to post it in the Questions Forum, but I noticed that most of the questions there don't get answered. I keep hearing that BlackBerry is more secure than Android or iPhone. However, I also keep hearing that only BES users have real security. Is this true? I use both a Z10 and a Samsung Galaxy Note 3.

[Dunt Dunt Dunt]

Yes..... But you need to understand in what ways it is more secure.

For the average users that doesn't password lock their phones... it's not much different.
For the BlackBerry users that is willing to download an APK from 1Mobile or some unverified site... it's not much different.

[john_v]

This is something I'd be interested in seeing some hard facts on as well (as opposed to opinions from fanboys on both sides)

[THBW]

The answer is yes and there have been at least 10 past threads on this topic. Just go search them and all the details and links are there.

[Shadowyugi]

From what I've heard, seen, read and experienced.

BES is more of an advanced dedicated security service for the users underneath it's dome. They are usually the enterprise users and government officials, of whom their security is foremost.

That said, the average might not have the extra defences that the above users have but we still have a secure phone. This is evidenced by the lack of news regarding any hacking of blackberry phones or the general non-existence of malware and viruses on the phones we use.

Can we say these about the same average consumer iPhone and Android? Not really.

As someone from a different thread most aptly put, for a security company to not build it's consumer's phones with security as a common base, they are setting themselves up for a downfall. BlackBerry's rep is at stake here because they capitalise on security.

For that reason, that is why I believe BlackBerry phones are secure. Not impossible to crack but secure enough for the average user to be comfortable in.

[Doggerz]

This is an issue that I am not clear on. I'd appreciate it if someone could give me an answer. I was going to post it in the Questions Forum, but I noticed that most of the questions there don't get answered. I keep hearing that BlackBerry is more secure than Android or iPhone. However, I also keep hearing that only BES users have real security. Is this true? I use both a Z10 and a Samsung Galaxy Note 3.

BlackBerry says it hasn't compromised security/privacy for BES users. Don't know that I trust that statement since they pretty much threw non BES consumers to the wolves, giving encryption keys to any country who asks. So if you're talking about secure communication is say I'd trust Blackphone more at this point.

If you mean security of your information on your phone that isn't transmitted - use a good password and encrypt your phone. It's pretty secure.

A few years ago BlackBerry had my total confidence. But now they are hypocrites when it comes to talking about security.

But there are back doors to other OS's too. I doubt you're any less secure on BlackBerry. I just don't think you're more secure.

For BlackBerry's sake they better hope no one ever discovers BES isn't secure. They will lose any advantage they had in business.

But if I were a CEO I would look at what they did with BIS and would think twice before trusting any important email on BES.

I'd seriously look at Blackphone. At least they haven't been caught giving away their security. They may not be secure. But until they are found to be in kahoots with different agencies they get the benefit of the doubt.

Posted via CB10

[Shadowyugi]

BlackBerry says it hasn't compromised security/privacy for BES users. Don't know that I trust that statement since they pretty much threw non BES consumers to the wolves, giving encryption keys to any country who asks. So if you're talking about secure communication is say I'd trust Blackphone more at this point.
Posted via CB10

Secure key only goes to the country IF there is sufficient reason for why the country wants the key.

Besides, It's a company versus a country. WHo do you think will win?

On a different note, Blackphone is built off the android os. How certain can you be that it is secure?

[kevets]

I think a lot of people don't understand how BES12 and eBBM protected stuff will offer greater security. Emails being sent are not expected to be encrypted and can be monitored. In my understanding, that's all just ActiveSync at this point for emails and BES is really just a manager, saying what accounts can be set up and managing access. Just saying "you give blackphone benefit of the doubt" is ludicrous. You can use Blackphone in an insecure way. Just because your connection runs through a VPN doesn't mean a whole heck of a lot if you are just using it to access a gmail account, lol.

U.S. and U.K. spies crack BlackBerry BES encryption, report says - Computerworld

After reading stuff like this, I wonder how governments feel about BB once again being able to offer fully encrypted capabilities with BBM Protected and the secusmart calling. I'm sure Germany is happy about it... I wonder, does the US Government / NSA have a vested interest in a trivialized BlackBerry? They have all but been taken out of the market in lieu of Android and iPhones, which are fantastic for spying on.

[BlackBerry Guy]

I've seen the word security thrown around here like an all encompassing blanket.

There's security from an OS perspective. This would include such things as resistance to "hacking" (from both online and someone in physical possession of the device) and ability to contain malware.

Then there's security for the transmission of messages and communications from the device. This refers to privacy and the ability to not be intercepted of read by a 3rd party.

For the sake of discussion, it may be useful to address both aspects.

[1magine]

Yes..... But you need to understand in what ways it is more secure.

For the average users that doesn't password lock their phones... it's not much different.
For the BlackBerry users that is willing to download an APK from 1Mobile or some unverified site... it's not much different.

Not entirely true about 1mobile. 1st - 10.3 and above run a malware/virus check on sideloaded apps. 2nd and far more important - All android apps run in a sandbox on ALL BB10 devices.

[1magine]

I've seen the word security thrown around here like an all encompassing blanket.

There's security from an OS perspective. This would include such things as resistance to "hacking" (from both online and someone in physical possession of the device) and ability to contain malware.

Then there's security for the transmission of messages and communications from the device. This refers to privacy and the ability to not be intercepted of read by a 3rd party.

For the sake of discussion, it may be useful to address both aspects.

Well said. But seriously, if anyone thinks that their communication is secure without running an end to end 128 bit encryption while running an external scrambler on both themselves and their recipient, they are fooling themselves.

[Dunt Dunt Dunt]

Not entirely true about 1mobile. 1st - 10.3 and above run a malware/virus check on sideloaded apps. 2nd and far more important - All android apps run in a sandbox on ALL BB10 devices.

Does 10.3 allow you to turn permission for Android Apps on and off? Wasn't sure if that option made it into later builds.

Malware is sometimes a tricky thing to catch... adding a few lines of code that tells the app to send your whole contact list to them, might show up as malware once someone discovers it and reports it. Then again it might show up as just part of the process, and as the "sandbox" allows such actions... what's to stop it.

No a virus or malware can not access the boot rom and takeover your device like they can on Android. But there is a lot of data that it will have access to, if you give it permission to access it.

[kevets]

Secure for what? Need to know how you are using it...

[1magine]

Does 10.3 allow you to turn permission for Android Apps on and off? Wasn't sure if that option made it into later builds.

Malware is sometimes a tricky thing to catch... adding a few lines of code that tells the app to send your whole contact list to them, might show up as malware once someone discovers it and reports it. Then again it might show up as just part of the process, and as the "sandbox" allows such actions... what's to stop it.

No a virus or malware can not access the boot rom and takeover your device like they can on Android. But there is a lot of data that it will have access to, if you give it permission to access it.

Well, that's not really a security flaw per se. The first thing that you learn in Intelligence Class holds true forever and throughout all secured systems - - human behavior is always the weakest link in any system. I can run a BES system and push down a security protocol that requires a lengthy password that requires you unlock the device every 90 seconds regardless of apps running. But if the end user writes their password down and tapes it to the battery compartment....

Now if you want to install Instagram or Netflix and they require you to give them permission to access your address book - you have 3 choices, install and hope that your contacts or private photos are not pushed out to an external server. Refuse to install the application. Or yes, install some form of BES, so that your contacts, e-mails and important pics reside on your work space and install Instagram or Netflix on your personal space without any access to your important information.

But the choice to install an application is a human choice. To say that the goal of security is to remove all possible human error by removing choice would be wrong in my estimate. For me, I would never want to have to live with a device as locked down as my work space is. I honestly don't think most would.

There is no guaranty at all that any application in BB World that asks for and is given a wide range of permissions, could not accomplish the same as any Android application given the same permissions. Yes, BBW apps give you far more options to deny specific permissions. But you still have to say no and Android apps provide a similar, just not as finite a choice. If security is really your top concern than you say no. If apps are more important you say yes.

[1magine]

With regard to communications interception, I want to quickly and without too much detail go over how silly it is to think that you can avoid this from anyone who really wants information. You are smart and use a secure Sat phone. Your parties enter and do not speak until both are in secure rooms swept for bugging devices. The door, ceiling and walls are sealed and sound proof. There is only one window which is sealed and you are on the 50th floor, but you close the blinds anyway - don't want someone reading lips. How much will it take to know what is being said in the room? $20 to hear most of it. For about $100 likely hear both sides of the conversation. http://www.instructables.com/id/Laser-Surveillance-System-for-under-$20/ Now if I am with a government agency, engaged in high price corporate espionage, or just a low level scammer looking to get some credit card or other information I guaranty you I have more resources and nothing you want to keep private can be kept so.

[raino]

Does 10.3 allow you to turn permission for Android Apps on and off? Wasn't sure if that option made it into later builds.

Somewhat. http://forums.crackberry.com/android...ssions-932484/

Ironically--or perhaps not--this makes 10.3 more user friendly (vis a vis Android app permissions) than Android >4.4

And as I said in a separate thread--and this goes with what BlackBerry Guy was talking about in different types of security--on the OS level, I have a feeling BB is more secure. You just don't hear about backdoors, Gotofail, lockscreen flaws, etc. that often.

[MarsupilamiX]

Not entirely true about 1mobile. 1st - 10.3 and above run a malware/virus check on sideloaded apps. 2nd and far more important - All android apps run in a sandbox on ALL BB10 devices.

Can I edit Android app permissions?
I can't ? Hmmmm....

Well, in my limited understanding, it means that I grant an Android app every permission it wants, when I download it.
So how useful can the anti-virus be, if I give an app the permission to access my microphone, my contacts, to send sms and to connect with the Internet?

To be honest, every damn Android app looks like maleware to me, going by the permissions they want. So I really doubt the the BlackBerry maleware check will be of great use.

Another thing that I do have to say with that context in mind, is that I do think that BlackBerry is INCREDIBLY hypocritical if they market their devices with security and privacy in mind, but at the same time don't allow to edit Android app permissions.
This is completely ridiculous for me.

Edit: I can edit the permissions on native BB10 apps and on iOS though.

Posted via CB10

[Dgree03]

The biggest risk in security is the user.

Android security is no different than BB10 security if you have a knowledgeable user of either platform.

[senel]

Can I edit Android app permissions?
I can't ? Hmmmm....

Well, in my limited understanding, it means that I grant an Android app every permission it wants, when I download it.
So how useful can the anti-virus be, if I give an app the permission to access my microphone, my contacts, to send sms and to connect with the Internet?

To be honest, every damn Android app looks like maleware to me, going by the permissions they want. So I really doubt the the BlackBerry maleware check will be of great use.

Another thing that I do have to say with that context in mind, is that I do think that BlackBerry is INCREDIBLY hypocritical if they market their devices with security and privacy in mind, but at the same time don't allow to edit Android app permissions.
This is completely ridiculous for me.

Edit: I can edit the permissions on native BB10 apps and on iOS though.

Posted via CB10

You can edit Android app permissions on 10.3... Just google for "App Ops".

Posted via CB10

[raino]

The biggest risk in security is the user.

Android security is no different than BB10 security if you have a knowledgeable user of either platform.

Again, not necessarily. Read BlackBerry Guy's post. And then please explain to us how a knowledgeable user is supposed to guard against such risks (before they're publicly revealed: ) Your Android phone may be telling strangers where you've been - The Times of India

[shaleem]

Secure for what? Need to know how you are using it...

I just use my phones for calls, texting, emails, calendar, BBM. I do use my phones to view Excel and Word documents too. I was just curious about the general security of these things. I thank you all for your input.

[MarsupilamiX]

I kinda forgot the details and don't have time to research this currently, but there was an Android ROM, that basically created a second partition on your device with totally bogus entries in terms of contacts, calendar, location etc.

And when an app wants to have access to some strange permissions, the OS redirects the app to the bogus entries.
So even if you install only maleware on your device, the infos it sends "back home" are actually totally worthless.

Since BlackBerry uses some strange Android runtime anyhow, I don't get why they didn't try to go down that road as well.

(I hope I didn't sound too confused, it has been quite some time since I read about it)

You can edit Android app permissions on 10.3... Just google for "App Ops".

Posted via CB10

And that is easily user accessible, not hidden and works flawlessly?
I saw the thread on CB about 1-2 months ago when Raino redirected me there.

I say the same thing I said back then: it's not a real solution.
And I know about App Ops in general. I was pretty excited when I first read about them, to then see that Google scrapped it instantly.

(oh, and my knowledge isn't as inexistant as I proclaimed before )

Posted via CB10

[Dunt Dunt Dunt]

Well, that's not really a security flaw per se. The first thing that you learn in Intelligence Class holds true forever and throughout all secured systems - - human behavior is always the weakest link in any system. I can run a BES system and push down a security protocol that requires a lengthy password that requires you unlock the device every 90 seconds regardless of apps running. But if the end user writes their password down and tapes it to the battery compartment....

Now if you want to install Instagram or Netflix and they require you to give them permission to access your address book - you have 3 choices, install and hope that your contacts or private photos are not pushed out to an external server. Refuse to install the application. Or yes, install some form of BES, so that your contacts, e-mails and important pics reside on your work space and install Instagram or Netflix on your personal space without any access to your important information.

But the choice to install an application is a human choice. To say that the goal of security is to remove all possible human error by removing choice would be wrong in my estimate. For me, I would never want to have to live with a device as locked down as my work space is. I honestly don't think most would.

There is no guaranty at all that any application in BB World that asks for and is given a wide range of permissions, could not accomplish the same as any Android application given the same permissions. Yes, BBW apps give you far more options to deny specific permissions. But you still have to say no and Android apps provide a similar, just not as finite a choice. If security is really your top concern than you say no. If apps are more important you say yes.

I was just saying you are better off getting those apps from a source that was more reliable that 1Mobile, and pointing out there really isn't a "sandbox".

Security is a major Battle cry for BlackBerry users, but I think it's one that really only BES users can take advantage of anymore.

[raino]

And that is easily user accessible, not hidden and works flawlessly?

I don't know how it will be on BB10, but at least on Android, it was buried. You had to download apps from the Play Store to access App Ops (AO.) Luckily, at least some of these apps themselves didn't need any permissions, so in essence, they were just shortcuts.

As far as working flawlessly, that's a bit loaded in the general context of AO. First off, on Android, AO does not allow you to toggle every permission that's asked for, only a certain set. So while that's better than nothing, it's not everything. Then, these types of features (like AO, or App Manager in the old BBOS) may break apps, so the user must know what they're doing, and if something goes wrong--like an app stops working--how to fix it.

[Dunt Dunt Dunt]

Somewhat. http://forums.crackberry.com/android...ssions-932484/

Ironically--or perhaps not--this makes 10.3 more user friendly (vis a vis Android app permissions) than Android >4.4

And as I said in a separate thread--and this goes with what BlackBerry Guy was talking about in different types of security--on the OS level, I have a feeling BB is more secure. You just don't hear about backdoors, Gotofail, lockscreen flaws, etc. that often.

So are app permissions going to be controlled by BB10 or by some App you have to find and download using an App store that isn't official either? Not sure how many average users are going to go through that process.

What we need is the same pop up we get with native apps.

But more importantly when will most of us get an official version of 10.3.1 (as 10.3 is only for the Passport)...... Nov?, Dec?