Would like serious discussion of security/privacy of BlackBerry phones OUTSIDE of an enterprise syst
- A refresher for everyone, this is from BlackBerry Knowledge Base KB03652 with respect to BIS vs BES security:
BIS
Email messages sent between the BlackBerry Internet Service and the BlackBerry Internet Service subscriber's BlackBerry smartphone are not encrypted. When transmitted over the wireless network, the email messages are subject to the existing or available network security model(s).
When you log in to the BlackBerry Internet Service, the data is transmitted over a Secure Sockets Layer (SSL) connection.
BES
Email messages sent between the BlackBerry smartphone and the BlackBerry Enterprise Server are encrypted using Triple Data Encryption Standard (Triple DES), Advanced Encryption Standard (AES).
Important: BlackBerry Enterprise Server for Novell GroupWise supports AES encryption only.
KB03652-Comparing BlackBerry Internet Service and BlackBerry Enterprise Server features
And from CrackBerry itself:
BES and BIS: What's the Difference? | CrackBerry.com
There's been a lot of chatter about the NSA and the security and privacy of info on peoples' smartphones. Judging by comments, most of that concern is over the interception and decryption of data, as opposed to the physical possession and breach of a device.app_Developer likes this.10-19-13 12:22 PMLike 1 - Sorry, unless you're on a BES10 server, your BB10 device (with the exception of BBM) is no more or less secure than any iPhone or Android device. BIS is gone, kiddies, if you're not on a legacy device. You connect to email just like everyone else now. Be grateful -- if BBRY tanks and the NOC is history, at least your email will still work. Isn't this common knowledge?
Sent from my Nexus 10 using Tapatalk 4
You're right of course, but now who cares?
:>)bbq10l likes this.10-19-13 12:23 PMLike 1 - http://www.theguardian.com/uk-news/2...-new-mi5-chief
http://www.theguardian.com/uk/2013/j...t-surveillance
http://www.wired.co.uk/news/archive/...hq-tempora-101
"They're taking data straight from the tubes?
That's right. Interceptors have been placed on around 200 fibre optic cables where they come ashore. This appears to have been done with the secret co-operation, voluntary or forced, of the companies that operate the cables, potentially giving GCHQ access to 10 gigabits of data a second, or 21 petabytes a day
That's a lot of bytes?
GCHQ wasn't exaggerating when it used the phrase "Mastering the Internet" in the documents."
http://www.spiegel.de/international/...-a-909852.html
Posted via CB1010-19-13 12:24 PMLike 0 -
Look at the post of BlackBerry guy, and try to understand why the links right now, are relevant:
http://www.theguardian.com/world/201...codes-security
http://www.extremetech.com/computing...yone-could-use
Real-time isn't the problem.
Courtesy of India:
http://mobile.bbc.co.uk/news/technology-23265091
http://www.techweekeurope.co.uk/news...tphones-121643
http://thehackernews.com/2013/07/Ind...ption.html?m=1
Courtesy of logic:
When they have direct access to the pipes, direct access to the ISP or Email providers, when they have broken parts of the standard encryption techniques and they have direct access to a part of the NOC, in which dreamland of yours, this doesn't mean as real-time as it gets, with these immense data samples?
Posted via CB1010-19-13 12:42 PMLike 0 - Encrypted is your emphasis.
Look at the post of BlackBerry guy, and try to understand why the links right now, are relevant:
http://www.theguardian.com/world/201...codes-security
http://www.extremetech.com/computing...yone-could-use
Real-time isn't the problem.
Courtesy of India:
http://mobile.bbc.co.uk/news/technology-23265091
http://www.techweekeurope.co.uk/news...tphones-121643
http://thehackernews.com/2013/07/Ind...ption.html?m=1
Courtesy of logic:
When they have direct access to the pipes, direct access to the ISP or Email providers and they have direct access to a part of the NOC, in which dreamland of yours, this doesn't mean as real-time as it gets, with these immense data samples?
Posted via CB10
So while there's evidence of the capability being available to some, it's absolutely clear at the time of the London riots at least, the uk police did not have this capability.10-19-13 12:49 PMLike 0 - Courtesy of logic, when the uk police complain they can't do it it doesn't matter who can, if they can. Again, just because NSA or gchq can do it it doesn't mean it's universally available to everybody, some might say the capability is completely illegal.
So while there's evidence of the capability being available to some, it's absolutely clear at the time of the London riots at least, the uk police did not have this capability.
You used the example of the riots to "prove" that.
And this is patently wrong, as the reality has shown us. Which you acknowledged in your post right now.
So make up your mind what you actually want to say.
In the meantime, you should also know that the GCHQ or MI5 are local authorities in the UK, opposed to the NSA, which definitely isn't one in the UK.
The Indian regime who can access BIS traffic, is also a local authority.
It's also nice of you, to ask about the legality, but this question is useless, when we are talking about the facts. If it is possible, and if it happens.
You'll get a compliment, for the sneaky change, of your goal post though.
Posted via CB1010-19-13 01:35 PMLike 0 - You said:
Which means that it isn't possible to monitor BIS traffic in real-time, at least that's what you said back then.
You used the example of the riots to "prove" that.
And this is patently wrong, as the reality has shown us. Which you acknowledged in your post right now.
So make up your mind what you actually want to say.
In the meantime, you should also know that the GCHQ or MI5 are local authorities in the UK, opposed to the NSA, which definitely isn't one in the UK.
The Indian regime who can access BIS traffic, is also a local authority.
It's also nice of you, to ask about the legality, but this question is useless, when we are talking about the facts. If it is possible, and if it happens.
You'll get a compliment, for the sneaky change, of your goal post though.
Posted via CB1010-19-13 02:48 PMLike 0 -
- Yup. In order to provide BES10 security, CB would become your "work" and would basically have access and control over your device. You could set up a personal partition via Balance, but anything on that side wouldn't have the additional security.
Posted via CB1010-20-13 10:58 AMLike 0 - And still your personal emails and anything you do that doesn't require you to switch to the work space isn't encrypted so it's pointless.10-20-13 01:04 PMLike 0
- So when people talk about security, it is mostly referring to the data transfers?
For me my major concern is, if I lose my phone and has password locked it, how easy is it to access my personal stuff like password keeper and photos.
I remembered apple had some issue with being able to access the home screen or something?
Or do we currently have security due to obscurity? Nobody bothers to try hack bb10 as compared to popular apple?
Posted via CB10
Anyway, you're basically worried if you lose your phone, like I said, unless whoever has physical possession of your phone has a serious jones to look at your data, you'll be fine as long as you password protect it. That goes the same for iPhone and Android.
Law enforcement though, is another matter entirely. Once they know some basic stuff about you, like your email address, it's a simple matter for them to access your email accounts. I believe they don't even need a warrant to access anything over 6 months old, all they need to do is ask. Even the highly praised BES system can be broken into if a group is motivated enough. Man in the middle attacks using brute force can't be stopped, it's all a matter of time.10-20-13 05:33 PMLike 0
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
Would like serious discussion of security/privacy of BlackBerry phones OUTSIDE of an enterprise syst
« BlackBerry 10.2 now available in Starhub Singapore
|
From BlackBerry BBM Channels:A letter to the Harper Govt. »
Similar Threads
-
Future of MVS
By RyanVdE in forum BlackBerry Secure UEM & Productivity SuitesReplies: 6Last Post: 10-16-15, 08:05 AM -
Leaving Blackberry
By Sikander H Khan in forum AndroidReplies: 39Last Post: 12-10-13, 11:49 AM -
Blackberry defines its �prosumer� target market
By dhutt in forum General BlackBerry News, Discussion & RumorsReplies: 117Last Post: 10-21-13, 03:42 PM -
BlackBerry finally outshines Apple
By Bold_until_Hybrid_Comes in forum General BlackBerry News, Discussion & RumorsReplies: 6Last Post: 10-18-13, 02:03 PM -
How do I get rid of this Lil screen?
By 36dbldz in forum BlackBerry OSReplies: 2Last Post: 10-18-13, 12:33 PM
LINK TO POST COPIED TO CLIPBOARD