[Paintman321]

I guess we forgot that he did say this regarding lawful access:

"We are going to be able to provide your location, who's called who, and all of the metadata around that," he said in a roundtable with reporters.

But he emphasized that BlackBerry wouldn't give authorities a user's specific texts or other communication.

"The data itself is safe because we never have it," he said. "We never save the content."

http://www.thecanadianpress.com/engl...5&languageid=1

From this I would say they can't open the device.

Posted via CB10

[bobshine]

You guys are mixing a whole bunch of stuff

Decrypt something can be perceived differently from one person to another.

I can say that what the FBI requested Apple to do is essentially decrypting that phone and any iOS phone.

So does apple have the ability to decrypt all their iPhone. YES they do. It takes according to cook, 4 to 8 engineer and about a month of work.

Can BlackBerry decrypt their devices? Change didn't answer but I would assume that it's a yes too.

Remember, These phones are encrypted and decrypted by the OS. And the main weakness is that the encryption key is stored on the phone itself.

It's like locking a car with the key inside. All you need to do is to find a way into the car.

You want a fully safe phone? You need one that you have to enter the encryption key each time you use it.

Posted via CB10

[byex]

"BlackBerry stated that they will always comply with lawful legal requests � and declined to comment on their potential involvement with the capture of BlackBerry-using Mexican drug kingpin Joaqu�n "El Chapo" Guzm�n. Additionally, Blackberry declined to comment on if they possess the capability to decrypt the internal storage of the BlackBerry Priv, which uses whole-device encryption. Apple's fight with the FBI has revolved partly around device encryption, which Apple claims is secure enough that they do not have the ability to break into their own devices."

The above is a quote from the Crackberry News article yesterday titled

"BlackBerry reiterates stance on encryption: lawful compliance and no backdoors"

By Derek Kessler

What the NSA does or does not is irrelevant to the question and to BlackBerry decrypting their own encrypted phones.
If the NSA breaks into a BlackBerry phone, they most likely do so without letting BlackBerry know about it...

So, let's stick to the topic at hand.

I still don't see where BlackBerry has said they have sold out our BB10 sd card and phone data as many are quick to point out.

Posted via CB10

[RubberChicken76]

You guys are mixing a whole bunch of stuff

Yeah - the comments in this thread are messed up, even by CrackBerry's standards. I wonder if the folks at BlackBerry are reading it, pondering how messed up some of the comments and assumptions in here are?

Security is not a straightforward topic - certainly not the way some people here think it is.

[MmmHmm]

Yeah - the comments in this thread are messed up, even by CrackBerry's standards. I wonder if the folks at BlackBerry are reading it, pondering how messed up some of the comments and assumptions in here are?

Security is not a straightforward topic - certainly not the way some people here think it is.

Folks at BlackBerry should be worried that Apple is very deliberately and publicly making iOS and iPhones difficult or impossible for even Apple itself to breach. And it is actively fighting the US government on these issues.

I worry for BlackBerry on this issue. People on CrackBerry have been saying forever that someday the public is going to wake up and realize that security is important and when they do, they'll come running back to BlackBerry. Well, these issues are now being thrust out into the mainstream media, and people are learning more and more about the security measures and privacy stance of... Apple, not BlackBerry.

If BlackBerry's security and privacy are better in some specific ways, then BlackBerry better start educating people on the specifics of that. If people are confused, Blackberry should explain it. Even here on CrackBerry, people know more about the privacy and security of iPhones than BlackBerrys - because Apple has been much more vocal about the specifics, not just marketing catchphrases like, "security is in our dna", or "built from the ground up with security in mind".

Whether it's deserved or not, I think iPhones are going to be the phones assumed to have security and privacy for many consumers going forward, not blackberry.

[bobshine]

So in conclusion, who is more secure?

Can Apple decrypt all iPhone today? Yes

Can BlackBerry decrypt all BlackBerry today? We don't know but seems like a yes from Chan

Posted via CB10

[Alain_A]

You want a fully safe phone? You need one that you have to enter the encryption key each time you use it.

I guess that is the only solution. create your own OS or learn to write encryption yourself

[xtremeled]

In light of current events and the FBI's demand that Apple create a backdoor in their phone or crack their encryption that the government hasn't been able to crack for 2 months now, Is it safe to say that the iPhone is the better choice for privacy and encryption? I simply use BlackBerry because I thought it was the most secure consumer smart phone available. Can BlackBerry currently gain access to any BlackBerry phone. Have I been sorely mistaking? Can someone who actually KNOWS what they are talking about give me a definitive answer of whether BlackBerry is as secure as I always have believed? Also please elaborate on BBM, I've heard BlackBerry can read and logs all BBM chats is that true? Please note that I'm a regular private consumer user of BlackBerry, I don't have BES or anything other than what the basic phone comes with when purchased in a store. Thanks in advance!

Forget about everyone's opinion. Here the BB is better at iMore the Apple is better and at Android Central the Android is better. It is safe to assume that those involved in any criminal activity are not just carrying the iPhone. Any news about the FBI fighting with BB and Android?

[TgeekB]

So in conclusion, who is more secure?

Can Apple decrypt all iPhone today? Yes

Can BlackBerry decrypt all BlackBerry today? We don't know but seems like a yes from Chan

Posted via CB10

The end user is the most secure piece of the equation.

[Frehley]

Just asking a question, so don't flame me, but it was my understanding that BB OS7 (prior to BB10) was more secure because it ran through BIS...through their NOC.

[sorinv]

You guys are mixing a whole bunch of stuff

Decrypt something can be perceived differently from one person to another.

I can say that what the FBI requested Apple to do is essentially decrypting that phone and any iOS phone.

So does apple have the ability to decrypt all their iPhone. YES they do. It takes according to cook, 4 to 8 engineer and about a month of work.

Can BlackBerry decrypt their devices? Change didn't answer but I would assume that it's a yes too.

Remember, These phones are encrypted and decrypted by the OS. And the main weakness is that the encryption key is stored on the phone itself.

It's like locking a car with the key inside. All you need to do is to find a way into the car.

You want a fully safe phone? You need one that you have to enter the encryption key each time you use it.

Posted via CB10

I agree. However, we need to further clarify that the phone has auto update turned off. So two questions remain:

1) Can BlackBerry force an OS update on a device that has automatic OS update turned off? If so isn't that a backdoor?

2) Does BlackBerry have access to the phone through one of the built in apps which has file access permissions? If so, they can definitely decrypt the file simply by sftp-ing or emailing the file from the device without having to know the user's password. That, too, is a backdoor because it automatically decrypts the file. I do that almost everyday from my phone simply by emailing or transferring files to remote computers using ghostcommander. I cannot do it by transferring files through Blend!

So, unless BlackBerry is spinning words, as some here, any access to encrypted files on a user's phone without his/her knowledge and permission is a BACKDOOR.
"A rose by any other name would smell as sweet."

[Elephant_Canyon]

So in conclusion, who is more secure?

Can Apple decrypt all iPhone today? Yes

No, Apple cannot do that today. Apple would need to build a specialized version of iOS which would remove features that prevent brute-force hacks of the iPhone's passcode. Apple is refusing to create this, which is what the FBI is attempting to make them do.

[early2bed]

Whether it's deserved or not, I think iPhones are going to be the phones assumed to have security and privacy for many consumers going forward, not blackberry.

Yup. It's the Apple CEO that will be giving testimony before the US lawmakers and going on major media outlets talking about why security is so important to privacy. They are going to ask him whether he's really planning to make the iPhone impenetrable under any circumstance. Win or lose, you simply can not buy that kind of publicity no matter how much you spend. It's literally priceless.

The technical details, whatever they are, simply don't matter. In the end, Apple is the company that goes all out to protect user privacy. Security is your DNA? Isn't that quaint.

[filanto]

This is why in a democracy law enforcement should need a warrant or court order to do this, the government or the people should choose a judiciary that is cognizant of and responsive to the will of the people, and the people should elect a government that is willing to ensure that this happens, by voting. This should never be left up to either a corporate CEO or a law enforcement agency to decide.

I usually don't like this argument, but if you are an eligible voter in the US and didn't vote and haven't made your views clear to your representative, then you are stuck with what ever you get until you do.

LeapSTR100-2/10.3.2.2876

Representative Republic is what you are looking for not democracy. A pure democracy has only the rights of the group and no actual individual rights.

Posted via CB10

[Alain_A]

Just asking a question, so don't flame me, but it was my understanding that BB OS7 (prior to BB10) was more secure because it ran through BIS...through their NOC.

yes

[filanto]

Just asking a question, so don't flame me, but it was my understanding that BB OS7 (prior to BB10) was more secure because it ran through BIS...through their NOC.

Now for $24 a year for BES Cloud my BlackBerry is even more secure

Posted via CB10

[Alain_A]

Now for $24 a year for BES Cloud my BlackBerry is even more secure

Posted via CB10

until you commit a crime than LEA would go to your cloud services with a warrant

[byex]

until you commit a crime than LEA would go to your cloud services with a warrant

Sure but they or BlackBerry would have to decrypt it.
Has anyone seen an example of where law enforcement has served BlackBerry with a warrant to decrypt and access BES server?

Posted via CB10

[Alain_A]

Sure but they or BlackBerry would have to decrypt it.
Has anyone seen an example of where law enforcement has served BlackBerry with a warrant to decrypt and access BES server?

Posted via CB10

if that had happened I wonder if we would have heard about it from LEA? or BB?.. The only thing I read is BB has co-operated with LEA.
They never really explain how into the details

The way to know would be to follow the court case

[bobshine]

I agree. However, we need to further clarify that the phone has auto update turned off. So two questions remain:

1) Can BlackBerry force an OS update on a device that has automatic OS update turned off? If so isn't that a backdoor?

2) Does BlackBerry have access to the phone through one of the built in apps which has file access permissions? If so, they can definitely decrypt the file simply by sftp-ing or emailing the file from the device without having to know the user's password. That, too, is a backdoor because it automatically decrypts the file. I do that almost everyday from my phone simply by emailing or transferring files to remote computers using ghostcommander. I cannot do it by transferring files through Blend!

So, unless BlackBerry is spinning words, as some here, any access to encrypted files on a user's phone without his/her knowledge and permission is a BACKDOOR.
"A rose by any other name would smell as sweet."

That's why device is 100% secure unless you hold the encryption key on a separate device

Posted via CB10

[comwave]

Here is what you need to know. Blackberry is more secure in just about every way. What this whole Apple thing is about is simply device encryption...but every one has that. What sets Blackberry apart is where your daily emails and data travels. Blackberry user data travels through a private digital network built by blackberry where they optimize and secure it. That's the Blackberry Network you keep hearing about and the same one the Department of National Defence uses (Obama included and just about every world leader). Apple and Android (Except Priv) uses public internet. So your data bounces around servers across the globe.

[sorinv]

I guess we forgot that he did say this regarding lawful access:

"We are going to be able to provide your location, who's called who, and all of the metadata around that," he said in a roundtable with reporters.

But he emphasized that BlackBerry wouldn't give authorities a user's specific texts or other communication.

"The data itself is safe because we never have it," he said. "We never save the content."

http://www.thecanadianpress.com/engl...5&languageid=1

From this I would say they can't open the device.

Posted via CB10

That is not really a conclusion that you can draw from that article.
All he said was that BlackBerry does not save the text of the message sent.
Here we are talking about files encrypted on the phone that may never be sent out through BBM, email, sftp, or whatever.

These can be files created on the phone, say a meeting minutes, an election strategy document, etc.. But for law-abiding citizens like us, it could also be the text of a patentable idea that you write on your phone when the idea strikes you, an article that you write, a book that you may write. These are the phone owner's IP, are encrypted, and never sent out of the phone by email or sftp or BBM for security reasons.


If BlackBerry or NSA, or CSICS, or GCHQ, or the FSB (Russian secret service) or Chinese Secret service or whatever secret service can get into the phone and decrypt and extract those files, it is definitely a backdoor.

This is the situation of the Iphone that is the object of the dispute between Apple and FBI.

BlackBerry has never discussed this scenario until it was asked this question a few days ago and, according to Crackberry, they declined to answer.

[sorinv]

That's why device is 100% secure unless you hold the encryption key on a separate device

Posted via CB10

That is what I thought until I read this article on Crackberry news two days ago where they report that BlackBerry declined to answer the question on whether they can decrypt an encrypted Priv.

That does not necessarily mean that they can decrypt an encrypted BB10 phone which has automatic OS updates turned off, but it sure raises doubts about how secure your data is on a BB10 phone.
It pretty much means that the data on the Priv is not secure.
If BlackBerry can do that on the Priv which Chen touted is secure and private, it is not far fetched to assume that a BB10 phone not on BES uses similar encryption.
And we already know that a phone on BES or backed up in the cloud can be de-encrypted.
It looks clear that if you want to keep your files private on the phone, you should not use BES and a company phone and you should not use the cloud.

This was obvious to some of us even 25 years ago...when there were no smartphones and "the cloud" was not called "the cloud" and apps were called programs.

Two or so years ago IEEE Spectrum reported that the NSA had corrupted the encryption algorithms, which upset the researchers at NIST (National Institute of standards) the guardian of encryption standards.
I posted that link in one of these threads a few weeks ago.

However, I would have thought that new encryption algorithms were introduced since. It looks like Apple took some steps to do it.

[TheAuthority]

Everything is going according to plan. The military/technology industrial complex's goal for some time has been to draw, lure, entice, con or otherwise scare users (the "masses" or the "sheeple") away from the more secure platforms (BlackBerry 7&10) to the less secure platforms (ios, windows, and android which also includes Priv by BlackBerry). This goal has been evident from the intense BlackBerry hatred spread endlessly by the media and by BlackBerry's near silence on the matter, its lack of willingness to refute that hatred, and its halfhearted attempts to push its own platforms and devices. The goal of the military/technology industrial complex has not been to completely kill off BlackBerry even for itself, but to draw as many users to the other platforms, and that has happened; the masses left first, and even much of the BlackBerry/cb faithful have defected to the other platforms including Priv. The next step in the script was, of course, to tout the other platforms as completely secure: "Apple and android are now encrypted by default!" To the gullible that translates into, "Apple is more secure than BlackBerry!" Really? Why? Because a clueless user who probably has no grasp of any opsec to begin with doesn't have to toggle a switch to turn it on? What about the hardware root of trust? But okay, now he has a false sense of security which, of course, is better than none! Now, at the culmination, BlackBerry says it follows lawful court orders leaving out the part, "to the best of our abilities" (something it has always done and that anyone would do), Chen refuses to elaborate, and Apple presents the appearance that it is battling for its users' rights to privacy in court. It's masterfully executed theater. I'm on a password locked BlackBerry 10, my device and media card files are encrypted, and I am still confident that no "law enforcement" up to state police levels (I'll even speculate to FBI level) will get meaningful access to those encrypted files even with BlackBerry's help.

[Elephant_Canyon]

Here is what you need to know. Blackberry is more secure in just about every way. What this whole Apple thing is about is simply device encryption...but every one has that. What sets Blackberry apart is where your daily emails and data travels. Blackberry user data travels through a private digital network built by blackberry where they optimize and secure it. That's the Blackberry Network you keep hearing about and the same one the Department of National Defence uses (Obama included and just about every world leader). Apple and Android (Except Priv) uses public internet. So your data bounces around servers across the globe.

None of that is true.