[Rustybronco]

Nothing more than a case of semantic's. It's still the device's password whether on the physical device it's self,or on an account where it's information is backed up.

[Elephant_Canyon]

Nothing more than a case of semantic's [sic]. It's still the device's password whether on the physical device it's self [sic],or on an account where it's [sic] information is backed up.

It is very much not a case of semantics. It is an actual distinction with real-world implications.

[Rustybronco]

We agree to disagree...

[Rustybronco]

To be specific, this isn't correct either.

Someone at the FBI requested that the San Bernardino County Health Department change the iCloud password.

I bid you well.

[blakeperez]

I don't think there's any actual strong evidence to back this up, mostly it's anecdotal evidence. First of all, no mobile platform has suffered a major widespread security issue. Second of all, the primary BlackBerry claim to security was control that was lacking on iOS/Android, however both now support a fair amount of ActiveSync policy. The claims can persist today since many companies have a BES install and provision BlackBerry hardware while iPhone/Android is often rogue, owned by employees and not setup to be under corporate control. That's not a fault of the platform, but of the company for not supporting it 100%. Again, there's no real evidence to suggest one platform is more secure than the other. It is just the corporate standard and nobody really wants to support multiple platforms/vendors. That's why Outlook is considered more "secure" (despite all the security bugs) than other clients, or going web based in "the cloud" (gmail and others). Corporate control and implementation.

[southlander]

No it doesn't.
The phone must be designed in good faith to be secure and only the user, not the government or Apple or BlackBerry or Google can choose to change its security settings to make it less secure if he/she so desires.
It's as simple as accepting cookies in the browser or not. The user decides. Some websites might not work, but it is up to the user if that is acceptable or not.

Then we agree. Not everyone needs top security. And the user should decide.

You do realize Apple has tried to do this. That was the whole reason for the design change in the OS. The oversight they made was that the OS can be modified to bypass certain measures. So now Apple has to build hardware that will never allow the OS to be modified in that way. Sounds very hard to me.

You also probably know that BlackBerry can likely at this point do the same thing Apple is being asked to do. If they couldn't I would expect they'd be shouting it from the rooftops. Or maybe not because they are kind of dense when it comes to understanding seizing a marketing PR opportunity.

[Elephant_Canyon]

We agree to disagree...

I don't agree to that. Your facts are wrong.

To be specific, this isn't correct either.

Someone at the FBI requested that the San Bernardino County Health Department change the iCloud password.

Apple: We tried to help FBI terror probe, but someone changed iCloud password | Ars Technica

What are your sources?

[Alain_A]

we are getting lazy is the problem.

Or maybe not... What about to let a few things like that to happen in order to create the stricter laws. (pretext)

[sorinv]

Agree. But that's exactly my point. There are crappy, horrific use-cases no matter what happens here. Which is why i hate the topic. Perhaps you view this as black and white, but I don't. All i know is I hate the outcomes either way because they really do get into some of the ugliest aspects of humanity.


I'm bowing out of this now.

I don't view the issue as black and white, although this particular case seems to be a joke. However, neither the FBI, nor the NSA, nor Apple nor BlackBerry are perfect organizations. They have employees, like Snowden for example, who can use that information for their own interests and gains, especially laid off or disgruntled employees who can act on their own... and not only as whistleblowers.
Then there is Watergate and many other cases in history (Praetorian guard in ancient Rome), that prove that such organizations can also act for their own political gain and control.

[deadcowboy]

That's your opinion. Tell the people who were hit by shrapnel during the Boston Marathon. Ask them how they feel about terrorists coordinating attacks on a phone having to accept cookies on whether the government can survey those phones!


Or how about the parent who discovered some whack job was storing naked pictures of their five year old on a phone and sharing them with others?

Note: I'm not agreeing or disagreeing with Apple or the government. As I said in my first post, I hate this issue because I find there is room for this to be horribly abused no matter what happens.

the us government had been warned about the boston bombers before. the bombers had left a huge breadcrumb trail for intelligence to follow. we are getting lazy is the problem. encryption is NOT the reason why the boston bombings, or any other terrorist attack, were/was not foiled.

this kind of thought process will lead to a police state that will pursue the innocent. fbi having temper tantrums is embarrassing. and yes, the nsa has the capability to spy on us already, just don't make the general public complicit with all this propaganda.

this is reminiscent of the "just say no" anti drug campaigns that brainwashed people

Posted via CB10

[Rustybronco]

Obviously no one changed the icloud password. They may have changed the password for the devices? or the county's icloud account but one would think the first isn't possible.

Posted from my X00 Z30

[Elephant_Canyon]

Obviously no one changed the icloud password. They may have changed the password for the devices?

This is directly contradicted by the linked article. Here's the link again, in case you missed it:
Apple: We tried to help FBI terror probe, but someone changed iCloud password | Ars Technica

[Rustybronco]

Oi...

Posted from my X00 Z30

[Verminator]

I too had always held the belief that BBM and Blackberry were the world's most secure messaging device.

All one has to do is read THIS article and it's pretty clear BBM has and probably will continue to roll over on its customers when it comes to privacy. Blackberry had an opportunity during this investigation to do what Apple is doing now. It didn't, and it refused to comment on it at the time. Read the article and decide for yourself how easy Blackberry gave up the privacy they claim to hold most dear! I've owned a Blackberry since 1989 and I'm sad to say next month I finally leave them behind. Thanks for selling us out Blackberry!!

More than 30 arrested after police intercept one million organized crime BlackBerry messages - The Globe and Mail

[sorinv]

Well, we knew that BBM was no longer secure for public messaging after the London riots of 2011.

What we found out this week for the first time is that BlackBerry also sold out on encryption of the files stored on our device and SD card.
Encrypting a BlackBerry phone is pointless because, by Chen's refusal to answer the question, BlackBerry acknowledges that they can de-encrypt all BlackBerry phones.

So, we can safely say that since Chen (this was not the case while Lazaridis was CEO) there is no security and no privacy on BlackBerry smartphones.
Not for the public and not for business, because the latter can be asked by the NSA, FBI, RCMP, or whatever security agency is named in a particular country, to open all files stored on a work phone.

[Doggerz]

Well, we knew that BBM was no longer secure for public messaging after the London riots of 2011.

What we found out this week for the first time is that BlackBerry also sold out on encryption of the files stored on our device and SD card.
Encrypting a BlackBerry phone is pointless because, by Chen's refusal to answer the question, BlackBerry acknoledges that they can de-encrypt all BlackBerry phones.

So, we can safely say that since Chen (this was not the case while Lazaridis was CEO) there is no security and no privacy on BlackBerry smartphones.
Not for the public and not for business, because the latter can be asked by the NSA, FBI, RCMP, or whatever security agency is named in a particular country, to open all files stored on a work phone.

Thanks for summing it up.
I was going to say that maybe OS versions dated prior to Chen's takeover might be safer. But I doubt it.

I definitely wouldn't trust any update for OS10 from 2876 or above. There is still no clear answer as to why this update was so forcefully rammed down our throats and why it took 3 months to do anything about it. No logical reason as to why they didn't pull 2876 from the servers and push 2813 was ever given. It took @Conite extensive research to give an analysis of what was happening. Since its not open source code there is no way to trust the software once you've lost the trust of BB. Trust was the one thing BB had before Chen. A good name. All that is gone now.

Wouldn't surprise me if 10.3.3 is furnished with a backdoor to make things easier on 3 letter agencies. Maybe even local police agencies.

To tell to you the truth these agencies were worried about BB in the 2000's and it wouldn't surprise me if Chen was put in place by and/or taking orders from the CIA. BB was an embarrassment to them all the publicity of Obama`s BB in 2008. What a better way to take down a security threat? It would explain so much. Everyone saw it looked like Chen was purposely screwing everything up. But why? If his loyalties were to a spy agency and not to BB it would explain everything.

BB is worse than a phone with no security. Its a company with negative security that is actively working as a branch of international spy agencies.

Xperia Z5P / Android 5.1.1 / T-Mobile USA

[conite]

by Chen's refusal to answer the question, BlackBerry acknowledges that they can de-encrypt all BlackBerry phones.

Again, this is completely unsubstantiated. It does not even logically follow.

[sorinv]

BlackBerry was asked the question if they could decrypt an encrypted Priv. They declined to answer.
The normal answer should have been a direct and simple No!
The logic is flawless. Rather than insult, you should just say that you disagree, or better still, show us an answer from BlackBerry that contradicts what I wrote.
This is posted on crackberry news by crackberry staff. I did not invent it.

"Blackberry declined to comment on if they possess the capability to decrypt the internal storage of the BlackBerry Priv, which uses whole-device encryption. Apple's fight with the FBI has revolved partly around device encryption, which Apple claims is secure enough that they do not have the ability to break into their own devices."

[conite]

BlackBerry was asked the question if they could decrypt an encrypted Priv. They declined to answer.
The normal answer should have been a direct and simple No!

There are other reasons why they may wish to stay out of the conversation right now.

The lack of an answer is inconclusive.

The question itself may appear simple, but it requires a rather lengthy explanation and response. By "decrypt" are we talking about the ram being removed from the device and subsequently analysed in a lab? Are we talking about bypassing the device unlock to gain access? Are we talking about loading a custom bootloader? Chen never promised the Priv could absolutely never be rooted - only that updates would quickly patch any vulnerabilities. Even though BlackBerry may not be able to unlock a device at the moment, does that mean no one (including BlackBerry) ever will, even for a brief window? A NO today may not mean a NO tomorrow or next week - if even for a brief moment. BlackBerry may rather stay out of it than risk being caught with their pants down 3 months from now.

[sorinv]

No. The question was very clear: can BlackBerry de-encrypt the files on the encrypted device and SD -card, if they were faced with the same request that Apple was faced with for the iphone of the terrorist?

We all understood very well what this is about and so do you.
You are just playing a bill clinton -monica lewinsky defence on us here.

[MmmHmm]

There are other reasons why they may wish to stay out of the conversation right now.

The lack of an answer is inconclusive.

The question itself may appear simple, but it requires a rather lengthy explanation and response. By "decrypt" are we talking about the ram being removed from the device and subsequently analysed in a lab? Are we talking about bypassing the device unlock to gain access? Are we talking about loading a custom bootloader? Chen never promised the Priv could absolutely never be rooted - only that updates would quickly patch any vulnerabilities. Even though BlackBerry may not be able to unlock a device at the moment, does that mean no one (including BlackBerry) ever will, even for a brief window? A NO today may not mean a NO tomorrow or next week - if even for a brief moment. BlackBerry may rather stay out of it than risk being caught with their pants down 3 months from now.

They can stay out of the conversation if they want, but it seems to me that BlackBerry has been marketing itself for a long time now as the smartphone company whose products provide the most security and privacy. For as much as people on CrackBerry say BlackBerry doesn't market, I'd say BB has been pretty successful at getting that marketing message out there. Most in here seem to to take it as a given that BB is more secure and private and the mass media usually makes reference to that, even in overall negative articles.

So... If any company in this industry has a reason to develop a clear, well thought out, and well spoken position on all things security and privacy related, it is BlackBerry. Instead, they're going to sit back and do nothing while Apple publicly takes a strong principled stance and once again take away what used to be dominated by BlackBerry.

[byex]

Well, we knew that BBM was no longer secure for public messaging after the London riots of 2011.

What we found out this week for the first time is that BlackBerry also sold out on encryption of the files stored on our device and SD card.
Encrypting a BlackBerry phone is pointless because, by Chen's refusal to answer the question, BlackBerry acknowledges that they can de-encrypt all BlackBerry phones.

So, we can safely say that since Chen (this was not the case while Lazaridis was CEO) there is no security and no privacy on BlackBerry smartphones.
Not for the public and not for business, because the latter can be asked by the NSA, FBI, RCMP, or whatever security agency is named in a particular country, to open all files stored on a work phone.

Please link to where BlackBerry stated they "sold out on encryption of the files stored on our device and SD card".

Most people are delusional to think that the NSA doesn't already have or can brute force access your phone. This includes all smartphone manufacturers.

Posted via CB10

[conite]

They can stay out of the conversation if they want, but it seems to me that BlackBerry has been marketing itself for a long time now as the smartphone company whose products provide the most security and privacy. For as much as people on CrackBerry say BlackBerry doesn't market, I'd say BB has been pretty successful at getting that marketing message out there. Most in here seem to to take it as a given that BB is more secure and private and the mass media usually makes reference to that, even in overall negative articles.

So... If any company in this industry has a reason to develop a clear, well thought out, and well spoken position on all things security and privacy related, it is BlackBerry. Instead, they're going to sit back and do nothing while Apple publicly takes a strong principled stance and once again take away what used to be dominated by BlackBerry.

The question we are talking about here is whether or not BlackBerry can access data on a phone, and how they should answer that specific question. This is a technical issue. I'm not referring to the larger issues at this moment.

Like I said, they could answer NO, and be rooted tomorrow. That would be worse than saying nothing. That goes the same for every manufacturer and every platform.

[sorinv]

Please link to where BlackBerry stated they "sold out on encryption of the files stored on our device and SD card".

Most people are delusional to think that the NSA doesn't already have or can brute force access your phone. This includes all smartphone manufacturers.

Posted via CB10

"BlackBerry stated that they will always comply with lawful legal requests � and declined to comment on their potential involvement with the capture of BlackBerry-using Mexican drug kingpin Joaqu�n "El Chapo" Guzm�n. Additionally, Blackberry declined to comment on if they possess the capability to decrypt the internal storage of the BlackBerry Priv, which uses whole-device encryption. Apple's fight with the FBI has revolved partly around device encryption, which Apple claims is secure enough that they do not have the ability to break into their own devices."

The above is a quote from the Crackberry News article yesterday titled

"BlackBerry reiterates stance on encryption: lawful compliance and no backdoors"

By Derek Kessler

What the NSA does or does not is irrelevant to the question and to BlackBerry decrypting their own encrypted phones.
If the NSA breaks into a BlackBerry phone, they most likely do so without letting BlackBerry know about it...

So, let's stick to the topic at hand.

[sorinv]

The question we are talking about here is whether or not BlackBerry can access data on a phone, and how they should answer that specific question. This is a technical issue. I'm not referring to the larger issues at this moment.

Like I said, they could answer NO, and be rooted tomorrow. That would be worse than saying nothing. That goes the same for every manufacturer and every platform.

Really? Another Clinton-Lewinski reply?
The question was about BlackBerry decrypting their own encrypted phones today, not about whether the phone is secure or could be rooted in the foreseeable future.