10-19-17 02:16 AM
42 12
tools
  1. moonflyer's Avatar
    Given the current history of security updates for DTEKs and Co, can Blackberry possibly consider to offer an option to migrate to their "BlackBerry Secure" Android?

    If the quality of their Android will be on par with OS10, I would definitely give it a shot with one of Samsung/LG/ASUS/... flagman devices.
    10-15-17 05:05 PM
  2. Bla1ze's Avatar
    Given the current history of security updates for DTEKs and Co, can Blackberry possibly consider to offer an option to migrate to their "BlackBerry Secure" Android?
    What on Earth are you talking about? What's loaded on Priv, DTEK, KEYone, etc IS 'BlackBerry Secure' Android. There's no different version of BlackBerry's Android out there. And that's without even getting into the fact that 'BlackBerry Secure' is all-encompassing term they use for most of their software / services.
    10-15-17 05:17 PM
  3. moonflyer's Avatar
    What on Earth are you talking about? What's loaded on Priv, DTEK, KEYone, etc IS 'BlackBerry Secure' Android. There's no different version of BlackBerry's Android out there. And that's without even getting into the fact that 'BlackBerry Secure' is all-encompassing term they use for most of their software / services.
    My point is that I would like to have indeed great Android software by BlackBerry on devices by ANYONE else than it is now.

    One of the real reasons is that licensing agreement will define clearly HOW LONG OS WILL BE UPDATED. I almost got Priv, and now I cannot be happier with my "almost" as it eventually did not get an update to Android "N". Kinda shame on, uhm, TCL?

    The situation with DTEKs is looks even more ridiculous. A device of the 2016, DTEK60, does not have a clear OS schedule, just security patches and some mumbling from TCL's top(s) in response to direct questions. Kinda "a bit" different from the BlackBerry approach known around OS10. Isn't the "bit" a bit too big this time?
    10-16-17 04:46 PM
  4. Bla1ze's Avatar
    I almost got Priv, and now I cannot be happier with my "almost" as it eventually did not get an update to Android "N". Kinda shame on, uhm, TCL?
    TCL had nothing to do with the Priv... at all. Priv falls solely on BlackBerry.

    My point is that I would like to have indeed great Android software by BlackBerry on devices by ANYONE else than it is now.
    A device of the 2016, DTEK60, does not have a clear OS schedule, just security patches and some mumbling from TCL's top(s) in response to direct questions. Kinda "a bit" different from the BlackBerry approach known around OS10. Isn't the "bit" a bit too big this time?
    What makes you think it would be any different from how TCL is running it? lol. BlackBerry still has a large hand in how the software is rolled out and TCL is still using BlackBerry's base, so unless this other company you are longing for, worked out better terms in their licensing agreement with BlackBerry for support, very little outside of the hardware side of it all would change. You would still run into the same software issues.
    10-16-17 04:48 PM
  5. Slash82's Avatar
    Today there are only 2 choices for Android-Berrys:
    1.) KeyONE
    2.) Motion

    The rest is EOL, just like OS10.

    Or you should go Google Pixel 2 which gets security patches fastest and runs encrypted pure stock-Android.
    (I'd also claim it's more secure than Android-Berry).



    Posted via CB10
    cribble2k likes this.
    10-16-17 04:55 PM
  6. Dunt Dunt Dunt's Avatar
    Given the current history of security updates for DTEKs and Co, can Blackberry possibly consider to offer an option to migrate to their "BlackBerry Secure" Android?

    If the quality of their Android will be on par with OS10, I would definitely give it a shot with one of Samsung/LG/ASUS/... flagman devices.
    Problem with BlackBerry Secure Android... is the same probable with Android in general. Each OEM has to provide the "drivers" and customization to work with their hardware. There is no one update to fit all.

    In your case the DTEKS were built by TCL and sold by BlackBerry... so BlackBerry is responsible. Now TCL has said they were taking on support of those devices.... but at this point I doubt that means any updates. If they were going to do that, they should have done it long ago. Just no money in it.

    It's what you get from buying from a company that said they were thinking about going out of the hardware business.
    10-16-17 04:58 PM
  7. conite's Avatar
    (I'd also claim it's more secure than Android-Berry).
    Posted via CB10
    And you'd be wrong.
    moonflyer and Zeratul57 like this.
    10-16-17 06:28 PM
  8. Invictus0's Avatar
    (I'd also claim it's more secure than Android-Berry).
    How so?
    10-16-17 06:30 PM
  9. zer0ten's Avatar
    Just get a flagship android and download the Hub. Android is as secure as you make it.
    10-16-17 06:31 PM
  10. Slash82's Avatar
    How so?
    Why?
    1.) You get all security patches out of first hand from Google and on the day they offer them monthly.
    Google always is and will be the first who pushes their fixes and patches on their own devices.
    After that BlackBerry will start to implement them.
    And history of Android-Berry has shown that BlackBerry isn't that reliable.
    Some Berrys are even on April patches and lots of them are stuck on July patches - which is months behind!

    2.) Both devices (Pixel & Android-Berry) run fully encrypted.

    3.) OS support. Google offers 3 years of full patches and 2 years of full OS updates. DTeks & Priv are already EOL and won't even be upgraded to Android 7. With every OS upgrade there are security fixes that Android-Berrys won't get. And it will be interesting to see how long KeyONE and Motion will be upgraded - I personally doubt they will go beyond Android Oreo.



    Posted via CB10
    joker333 likes this.
    10-17-17 02:54 AM
  11. conite's Avatar
    Why?
    1.) You get all security patches out of first hand from Google and on the day they offer them monthly.
    Google always is and will be the first who pushes their fixes and patches on their own devices.
    After that BlackBerry will start to implement them.
    And history of Android-Berry has shown that BlackBerry isn't that reliable.
    Some Berrys are even on April patches and lots of them are stuck on July patches - which is months behind!

    2.) Both devices (Pixel & Android-Berry) run fully encrypted.

    3.) OS support. Google offers 3 years of full patches and 2 years of full OS updates. DTeks & Priv are already EOL and won't even be upgraded to Android 7. With every OS upgrade there are security fixes that Android-Berrys won't get. And it will be interesting to see how long KeyONE and Motion will be upgraded - I personally doubt they will go beyond Android Oreo.



    Posted via CB10
    First, the record shows BlackBerry Android has been very good with patches.

    Second, getting patches is only one aspect to security - it plugs holes. But BlackBerry Android, and Samsung Knox to a slightly lesser degree, makes the OS more resilient in the first place with hardware root of trust and Integrity Detection.
    moonflyer likes this.
    10-17-17 07:27 AM
  12. Slash82's Avatar
    First, the record shows BlackBerry Android has been very good with patches.

    Second, getting patches is only one aspect to security - it plugs holes. But BlackBerry Android, and Samsung Knox to a slightly lesser degree, makes the OS more resilient in the first place with hardware root of trust and Integrity Detection.
    BlackBerry might be better with patches than other Android devices.
    But by far they don't deliver as promised and mostly they are about a month behind.
    For example: My dad owns a DTEK50 purchased at ShopBlackBerry itself and he still is on the August patch.
    This doesn't happen with the Pixel2.
    Even it's a small hole, they under-deliver what they promise.

    And 90% of the security risk is the user itself.

    Also you can read that article to that, which underlines my point of view.
    And I see the authors are AndroidCentral as good Android professionals:

    https://m.androidcentral.com/best-phone-security

    Posted via CB10
    10-17-17 07:40 AM
  13. conite's Avatar
    BlackBerry might be better with patches than other Android devices.
    But by far they don't deliver as promised and mostly they are about a month behind.
    For example: My dad owns a DTEK50 purchased at ShopBlackBerry itself and he still is on the August patch.
    This doesn't happen with the Pixel2.
    Even it's a small hole, they under-deliver what they promise.

    And 90% of the security risk is the user itself.

    Also you can read that article to that, which underlines my point of view.
    And I see the authors are AndroidCentral as good Android professionals:

    https://m.androidcentral.com/best-phone-security

    Posted via CB10
    Of course the user is key. But your original comment was that Pixel is unequivocally BETTER, and I took issue with that.
    10-17-17 07:49 AM
  14. Slash82's Avatar
    Of course the user is key. But your original comment was that Pixel is unequivocally BETTER, and I took issue with that.
    With (more) reliable security patches, Google scan & fastest delivery for OS update/pushing the latest OS on the device I still see it a step ahead.

    Both (Pixel & BlackBerry) offer 256 bit AES encryption.

    And if there is really a need for the DTEK software (if you think for yourself to set up apps right) or the need for "Hardware root of trust" is something to argue about.

    I (personally) see offering patches & latest OS as way more important for the overall security as what I mentioned to BlackBerry hardening.

    Posted via CB10
    joker333 likes this.
    10-17-17 07:56 AM
  15. conite's Avatar
    With (more) reliable security patches, Google scan & fastest delivery for OS update/pushing the latest OS on the device I still see it a step ahead.

    Both (Pixel & BlackBerry) offer 256 bit AES encryption.

    And if there is really a need for the DTEK software (if you think for yourself to set up apps right) or the need for "Hardware root of trust" is something to argue about.

    I (personally) see offering patches & latest OS as way more important for the overall security as what I mentioned to BlackBerry hardening.

    Posted via CB10
    We'll have to disagree then. While being a few days or weeks earlier on patches is an advantage, it's not worth giving up Integrity Detection IMO.
    moonflyer likes this.
    10-17-17 08:21 AM
  16. the_boon's Avatar
    OP, what better way to crush BlackBerry devices sales (and PKB) than to offer everything that's special about a DroidBerry to any other slab. Isn't the availability of Hub+ services and BB VKB enough already? Stuff like this gives people the argument that "oh, well if I can get it on my [insert slab name], then why buy KEYone/Motion etc..."

    That being said, if TCL suddenly started making PKB addons for other slabs, I certainly would NOT complain lol
    10-17-17 08:25 AM
  17. Dunt Dunt Dunt's Avatar
    We'll have to disagree then. While being a few days or weeks earlier on patches is an advantage, it's not worth giving up Integrity Detection IMO.
    Guess it depends on how long you plan to use a device. With the specs of the KEYone and Motion, long term probably isn't in the cards anyway. But with the higher-end specs of the Pixel 2, that extra year of security patches and full updates will come in handy. Maybe if BlackBerry Mobile is still around in 18 months, the KEYone security patches will be extended.... or maybe they'll end per their terms.

    I sure most power users here, aren't concerned with that...as few keep a device for 2+ years. But Enterprise who might want 4+ years or more out of a device, it is another matter. And it's a big reason iOS is so popular in Enterprise. I suspect at some point Samsung will have to offer longer update periods too.
    10-17-17 10:17 AM
  18. ray689's Avatar
    BlackBerry might be better with patches than other Android devices.
    But by far they don't deliver as promised and mostly they are about a month behind.
    For example: My dad owns a DTEK50 purchased at ShopBlackBerry itself and he still is on the August patch.
    This doesn't happen with the Pixel2.
    Even it's a small hole, they under-deliver what they promise.

    And 90% of the security risk is the user itself.

    Also you can read that article to that, which underlines my point of view.
    And I see the authors are AndroidCentral as good Android professionals:

    https://m.androidcentral.com/best-phone-security

    Posted via CB10
    Have you told or shown your dad how to check for updates (updates app in the app drawer? The DTEK50 isn't that far behind. In fact, the October patch has been pushed today according to many in the forums here who are receiving it.
    10-17-17 04:08 PM
  19. stlabrat's Avatar
    I must be stupid... why more patch (monthly) is a good thing? is it best OS suppose to be no need patch? of course, knowing droid like swiss cheese, you need to plug holes, aren't holes are getting minimized? I am running iMac G4... initially got a lot of patches, eventually, it got 1 or 2 per year (before it obsolete). droid heads must be programmed patch more holes (must be virus multiply hole generate) every month and consider as strong feature... please educate me...
    10-17-17 05:36 PM
  20. conite's Avatar
    I must be stupid... why more patch (monthly) is a good thing? is it best OS suppose to be no need patch? of course, knowing droid like swiss cheese, you need to plug holes, aren't holes are getting minimized? I am running iMac G4... initially got a lot of patches, eventually, it got 1 or 2 per year (before it obsolete). droid heads must be programmed patch more holes (must be virus multiply hole generate) every month and consider as strong feature... please educate me...
    There are many components to security.

    The user is paramount. You can't protect stupid.

    Patching holes BEFORE they become anything more than a conceptual thing, or a theoretical possibility is excellent prevention. Hence regular updates.

    Having an OS that is more resilient in the first place is also an important part of security, and that is where BlackBerry Android comes into play - denying persistent root, preventing booting into a compromised OS, and warning about potential tampering.
    10-17-17 05:47 PM
  21. joeldf's Avatar
    I must be stupid... why more patch (monthly) is a good thing? is it best OS suppose to be no need patch? of course, knowing droid like swiss cheese, you need to plug holes, aren't holes are getting minimized? I am running iMac G4... initially got a lot of patches, eventually, it got 1 or 2 per year (before it obsolete). droid heads must be programmed patch more holes (must be virus multiply hole generate) every month and consider as strong feature... please educate me...
    OSs are written by human beings.

    Guess what? We aren't perfect. Operating systems have millions of lines of code, and no one person can go through it all to verify total perfection.

    There are also protocols from various outside sources used within every OS. They can include open source and proprietary drivers to help make each OS interoperable with standard hardware and software requirements - like opening a jpeg, or logging into a network, or working with a keyboard. Someone had to write that and sometimes that can be the source of the vulnerability. This current KRACK thing appears to be a vulnerability of the WPA2 protocol and not specific to any one OS.

    Your iMac OS didn't just get all the patches it would ever need and suddenly become bulletproof. It just no longer gets fixed for any new issues that have come up since support for it ended. Apple is still patching current OSs as needed, they just don't advertise it as much.
    10-17-17 06:51 PM
  22. stlabrat's Avatar
    support ended? last patch I got is about 2 years ago... I still get software update if I wish for G4.. good apple. Thx Conit and Joe to answer my question... I see, to be open source, you must have something allow to tweek, that could be hole generator... if I am not mistaken... (saw article about chinese drone company has back door open called "spy.liu@dji.com" that allow alter software and remove control drone without owner's knowing... scary). the latest wifi stuff is different... all std .11 got same problem... another question, why red hat open source didn't have that much problem? more close than the droid? better software programmer? less allowable tweek?
    10-17-17 07:44 PM
  23. conite's Avatar
    why red hat open source didn't have that much problem? more close than the droid? better software programmer? less allowable tweek?
    Android has a billion users, and thousands of hackers combing over every line of code trying to find vulnerabilities.
    10-17-17 07:46 PM
  24. bb10adopter111's Avatar
    Android has a billion users, and thousands of hackers combing over every line of code trying to find vulnerabilities.
    More importantly, Red Hat has a single point of distribution and semi-automatic patch process for updates. Android has too many distribution points and gatekeepers for the patch process to work properly for its entire user base.

    Posted with my trusty Z10
    stlabrat likes this.
    10-17-17 07:59 PM
  25. moonflyer's Avatar
    OP, what better way to crush BlackBerry devices sales (and PKB) than to offer everything that's special about a DroidBerry to any other slab. Isn't the availability of Hub+ services and BB VKB enough already? Stuff like this gives people the argument that "oh, well if I can get it on my [insert slab name], then why buy KEYone/Motion etc..."

    That being said, if TCL suddenly started making PKB addons for other slabs, I certainly would NOT complain lol
    It is sad, but I don't care about the "BlackBerry" name itself anymore. I am just interested in proper implementation of the technologies developed by them so far, like Hardware Root of Trust, Integrity Detection and others. IMO, leaving no way to get ROOTed - its a promising approach to ensure that future Android 0day exploits will fail or at the very least will have strong difficulties working as they were designed.
    10-18-17 07:21 AM
42 12

Similar Threads

  1. October Security Update dreaming :) room
    By moonflyer in forum BlackBerry DTEK60
    Replies: 67
    Last Post: 11-14-17, 11:01 AM
  2. i cannot register my blackberry ddevice and use google playstore.
    By cosette63 in forum BB10 Android App Sideloading
    Replies: 14
    Last Post: 10-27-17, 06:55 PM
  3. BlackBerry officially stopped the support for BlackBerry 10?
    By chillekasper in forum BlackBerry 10 OS
    Replies: 47
    Last Post: 10-22-17, 04:16 AM
  4. Moving data from BlackBerry 9790 to KEYone
    By alimin in forum BlackBerry KEYone
    Replies: 7
    Last Post: 10-19-17, 07:41 PM
  5. Question about a refurbished Blackberry z30 battery.
    By patsyw in forum Ask a Question
    Replies: 2
    Last Post: 10-15-17, 07:21 PM
LINK TO POST COPIED TO CLIPBOARD