[bbq10l]

Posted via CB10

[bbq10l]

Why does everyone say BlackBerry is more secure OUTSIDE of work enterprise system. What make it so? Are calls, email any more secure - why?

Posted via CB10

[anfidhlear]

Read this:
http://m.crackberry.com/history-qnx-...-blackberry-10

If that doesn't help, let me know.

I also have no idea what your tech background is, so if you have more questions please include a brief summary of your tech proficiency. No judgements will be made.


Posted via CB10

[anon5897078]

Nice article, loved it but i still cant understand is my Z10 password protected is more secure than Ipone or Android phone if im outside of an enterprise syst
Thanks in advance

[Jerale Hoard]

Why does everyone say BlackBerry is more secure OUTSIDE of work enterprise system. What make it so? Are calls, email any more secure - why?

Posted via CB10

Well BlackBerry uses AES-256 and ECC which are very secure. BES is just extra because it gives you the option of split screen to seperate your business and personal stuff from eachother through the servers set. Even the NSA thinks the BlackBerry is the best choice for security.

http://www.nsa.gov/business/programs...ic_curve.shtml

Posted via CB10

[bbq10l]

Read this:
http://m.crackberry.com/history-qnx-...-blackberry-10

If that doesn't help, let me know.

I also have no idea what your tech background is, so if you have more questions please include a brief summary of your tech proficiency. No judgements will be made.


Posted via CB10

Thank you very much for your response. I really enjoyed the article. I have no technical background and have always wondered why everyone says BlackBerry is so secure outside of BES.

Posted via CB10

[bbq10l]

Well BlackBerry uses AES-256 and ECC which are very secure. BES is just extra because it gives you the option of split screen to seperate your business and personal stuff from eachother through the servers set. Even the NSA thinks the BlackBerry is the best choice for security.

http://www.nsa.gov/business/programs...ic_curve.shtml

Posted via CB10

OK, but how does that make my email, calls and texts more secure? Or does it?

Posted via CB10

[JasW]

Sorry, unless you're on a BES10 server, your BB10 device (with the exception of BBM) is no more or less secure than any iPhone or Android device. BIS is gone, kiddies, if you're not on a legacy device. You connect to email just like everyone else now. Be grateful -- if BBRY tanks and the NOC is history, at least your email will still work. Isn't this common knowledge?

Sent from my Nexus 10 using Tapatalk 4

[djdragon]

BlackBerry. It's no Apple http://globalnews.ca/news/906407/ios...users-experts/

Z10 10.2.0.1767 via CB10

[BlackBerry Guy]

Well BlackBerry uses AES-256 and ECC which are very secure. BES is just extra because it gives you the option of split screen to seperate your business and personal stuff from eachother through the servers set. Even the NSA thinks the BlackBerry is the best choice for security.

The Case for Elliptic Curve Cryptography - NSA/CSS

Posted via CB10

What you're referring to with the split device personality is BlackBerry Balance, which requires BES10. But Balance is not the only reason for BES10's existence. It's BES itself that's providing the end to end encryption. If you're on a BB10 device and not on BES10, you are no more secure than the guy next to you on some other smartphone. You're phone is accessing data direct through your carrier, it's not being piped through a BES server and NOC. It's accessing its data the exact same way as everyone else.

It seems like a common misconception around here that all BlackBerries are equally secure. Security features that are specific to BES are often mistaken to be universal. The funny thing is, while guys are bragging about how their non-BES BlackBerries are secure, the NSA probably could if they wanted, get what they need. The false sense of security gives the NSA the last laugh in this case

[Jerale Hoard]

What you're referring to with the split device personality is BlackBerry Balance, which requires BES10. But Balance is not the only reason for BES10's existence. It's BES itself that's providing the end to end encryption. If you're on a BB10 device and not on BES10, you are no more secure than the guy next to you on some other smartphone. You're phone is accessing data direct through your carrier, it's not being piped through a BES server and NOC. It's accessing its data the exact same way as everyone else.

It seems like a common misconception around here that all BlackBerries are equally secure. Security features that are specific to BES are often mistaken to be universal. The funny thing is, while guys are bragging about how their non-BES BlackBerries are secure, the NSA probably could if they wanted, get what they need. The false sense of security gives the NSA the last laugh in this case

I know what's it called. Ok so what does AES and ECC do for BlackBerry. Why was it that the BlackBerry was the most challenging to hack then all the other mobile platforms. I've been doing a lot of research on the NSA and this ECC stuff and it seems the only way to hack it is to crack the answer to the elliptic curve mathematical equation which if found there's a reward of 1,0000 or so dollars.

EDIT: http://www.certicom.com/index.php/th...f-cryptography

http://www.cisco.com/web/about/secur...en_crypto.html

Posted via CB10

[BlackBerry Guy]

I know what's it called. Ok so what does AES and ECC do for BlackBerry. Why was it that the BlackBerry was the most challenging to hack then all the other mobile platforms. I've been doing a lot of research on the NSA and this ECC stuff and it seems the only way to hack it is to crack the answer to the elliptic curve mathematical equation which if found there's a reward of 1,0000 or so dollars.

EDIT: The Next Generation of Cryptography

Posted via CB10

I'm not disputing the encryption or the strength of the encryption used by BlackBerry. What I'm saying is you only benefit from this if your BB10 device is connected to a BES10 server. My Z10 isn't, and I'm pretty sure most of the BB10 users who don't have a company issued device are either. BES is optional, a BB10 device doesn't require it to run. I'll say again, it's BES10 and the NOC that provides the encryption and security, how do you get it if you're not connected to it???

[Jerry A]

Sorry, unless you're on a BES10 server, your BB10 device (with the exception of BBM) is no more or less secure than any iPhone or Android device. BIS is gone, kiddies, if you're not on a legacy device. You connect to email just like everyone else now. Be grateful -- if BBRY tanks and the NOC is history, at least your email will still work. Isn't this common knowledge?

Sent from my Nexus 10 using Tapatalk 4

Except BIS doesn't make anything all that more secure. It was a proxy server that handled fetching mail from servers because the devices weren't powerful enough.

If your mail server didn't support encryption, then BIS passed your credentials in the clear.

What BIS got right was setting up an encrypted pipe between itself and the phone. However, that doesn't matter if you're connecting to a mail server that doesn't support encryption. BIS was tossing your name/password in plain text for all the world to see.

Guess what? Same scenario as today's devices. Only difference is that you're not lulled into a false sense of security because you don't understand the technology.

[belfastdispatcher]

Except BIS doesn't make anything all that more secure. It was a proxy server that handled fetching mail from servers because the devices weren't powerful enough.

If your mail server didn't support encryption, then BIS passed your credentials in the clear.

What BIS got right was setting up an encrypted pipe between itself and the phone. However, that doesn't matter if you're connecting to a mail server that doesn't support encryption. BIS was tossing your name/password in plain text for all the world to see.

Guess what? Same scenario as today's devices. Only difference is that you're not lulled into a false sense of security because you don't understand the technology.

What we learned from the London riots is BlackBerry devices on BIS cannot be monitored in real time.

Posted via CB10

[sigint99]

What we learned from the London riots is BlackBerry devices on BIS cannot be monitored in real time.

Posted via CB10

False

Such monitoring proved ineffective.

[unbreakablej]

So when people talk about security, it is mostly referring to the data transfers?

For me my major concern is, if I lose my phone and has password locked it, how easy is it to access my personal stuff like password keeper and photos.

I remembered apple had some issue with being able to access the home screen or something?

Or do we currently have security due to obscurity? Nobody bothers to try hack bb10 as compared to popular apple?

Posted via CB10

[Jerale Hoard]

So when people talk about security, it is mostly referring to the data transfers?

For me my major concern is, if I lose my phone and has password locked it, how easy is it to access my personal stuff like password keeper and photos.

I remembered apple had some issue with being able to access the home screen or something?

Or do we currently have security due to obscurity? Nobody bothers to try hack bb10 as compared to popular apple?

Posted via CB10

Except the NSA but as far as I know they only hacked older BlackBerry's on BBOS 5,6, and 7 or at least that's what I read in an article. There wasn't much detail given in "Der Spiegel" on what model was hacked.

Posted via CB10

[bennelong]

Nice article, loved it but i still cant understand is my Z10 password protected is more secure than Ipone or Android phone if im outside of an enterprise syst
Thanks in advance

Your password protected and fully encrypted device will make your data extremely difficult to access physically according to the people at Forensicfocus.
Whether the information discussed on their forum is up to date is not for me to say, but they do provide some links to specialist companies who deal in providing software for the legal acquisition of information from devices in the aid of law enforcement.
That said, only end to end encryption (as previously mentioned) will protect your data in transit.

Z10 via CB10

[belfastdispatcher]

False

Such monitoring proved ineffective.

I don't think so, not false at all.

http://www.theguardian.com/media/201...ter-blackberry

"However, the most powerful and up-to-the-minute rallying appears to have taken place on a more covert social network: BlackBerry Messenger (BBM).

Using BlackBerry handsets ? the smartphone of choice for the majority (37%) of British teens, according to last week's Ofcom study ? BBM allows users to send one-to-many messages to their network of contacts, who are connected by "BBM PINs". For many teens armed with a BlackBerry, BBM has replaced text messaging because it is free, instant and more part of a much larger community than regular SMS.

And unlike Twitter or Facebook, many BBM messages are untraceable by the authorities (which is why, in large part, BBM is so favoured by Emirati teens to spread illicit gossip about officialdom)."


Posted via CB10

[belfastdispatcher]

Just want to make a point, just because the NSA can doesn't mean they're sharing that capability with everybody. I doubt local police will ever get access to it.

Posted via CB10

[canadainc]

A password protected BlackBerry device is extremely difficult to crack.

Compare this with an iPhone and/or Android devices which are password protected but you can still connect it via usb root into it (after jail breaking) and you will know how much easier it is to get around the password and still access your personal data.

In addition the SD card encryption on the BlackBerry device's is another point of protection so even if your device was stolen and someone tried to pop out your media card and use it, it would be useless to them unless they could decrypt it, which again would be an extremely difficult task.

Canada Inc (www.canadainc.org)

[drcrane]

Guess what? Same scenario as today's devices. Only difference is that you're not lulled into a false sense of security because you don't understand the technology.

Thank you! Really tired of the BIS pumping, it seems like many people have no idea how the Internet actually works.

I guess the only caveat is BIS does offer some extra protection when you're using untrusted wifi. But again majority of services I use (email for example) do encryption anyway so it's a moot point.

Posted via CB10

[MarsupilamiX]

What we learned from the London riots is BlackBerry devices on BIS cannot be monitored in real time.

Posted via CB10

Can you prove that?

I don't think so, not false at all.

http://www.theguardian.com/media/201...ter-blackberry

"However, the most powerful and up-to-the-minute rallying appears to have taken place on a more covert social network: BlackBerry Messenger (BBM).

Using BlackBerry handsets ? the smartphone of choice for the majority (37%) of British teens, according to last week's Ofcom study ? BBM allows users to send one-to-many messages to their network of contacts, who are connected by "BBM PINs". For many teens armed with a BlackBerry, BBM has replaced text messaging because it is free, instant and more part of a much larger community than regular SMS.

And unlike Twitter or Facebook, many BBM messages are untraceable by the authorities (which is why, in large part, BBM is so favoured by Emirati teens to spread illicit gossip about officialdom)."

Posted via CB10

That didn't prove anything, and it's good that you wrote: " I don't think so", as this is only your (rather useless) opinion.

The only thing that BIS did, was giving you a false feeling of security and privacy.

BES of course, is a completely different beast.

Posted via CB10

[belfastdispatcher]

Can you prove that?



That didn't prove anything, and it's good that you wrote: " I don't think so", as this is only your (rather useless) opinion.

The only thing that BIS did, was giving you a false feeling of security and privacy.

BES of course, is a completely different beast.

Posted via CB10

Dude, Stephen Bates, the UK MD at the time was pulled for questioning in front of a government panel because of it, don't believe me look it up before you call my opinion useless. As I said, just because NSA might have the capability doesn't mean they're sharing it. Local law enforcement can't do it.

http://www.theguardian.com/technolog...ps-riot-claims

One committee member who declined to be named said: "There was suggestions from police that BBM in particular was used to facilitate organised crime during the riots. The question is, does [Research in Motion] have a responsibility to monitor its network or should the authorities have the power to do that? That is one of the issues to tackle without equating us with an authoritarian state."

[MarsupilamiX]

Dude, Stephen Bates, the UK MD at the time was pulled for questioning in front of a government panel because of it, don't believe me look it up before you call my opinion useless. As I said, just because NSA might have the capability doesn't mean they're sharing it. Local law enforcement can't do it.

http://www.theguardian.com/technolog...ps-riot-claims

One committee member who declined to be named said: "There was suggestions from police that BBM in particular was used to facilitate organised crime during the riots. The question is, does [Research in Motion] have a responsibility to monitor its network or should the authorities have the power to do that? That is one of the issues to tackle without equating us with an authoritarian state."

http://www.theguardian.com/uk-news/2...-new-mi5-chief

http://www.theguardian.com/uk/2013/j...t-surveillance

http://www.wired.co.uk/news/archive/...hq-tempora-101

"They're taking data straight from the tubes?
That's right. Interceptors have been placed on around 200 fibre optic cables where they come ashore. This appears to have been done with the secret co-operation, voluntary or forced, of the companies that operate the cables, potentially giving GCHQ access to 10 gigabits of data a second, or 21 petabytes a day

That's a lot of bytes?
GCHQ wasn't exaggerating when it used the phrase "Mastering the Internet" in the documents."

http://www.spiegel.de/international/...-a-909852.html

Posted via CB10