BBM not as secure as Apple?
-
- Yeah, I saw this report. I hope BlackBerry responds to this report. It undermines everything we thought of in terms of security.
If it's true, I think we've been sold a lot of BS from BlackBerry and the company has a lot of explaining to do. If this is false, BlackBerry needs to be extremely aggressive with its reply.
In either case, we need to hear from BlackBerry. And soon.
Posted via the CrackBerry App for AndroidNAA1 likes this.10-20-16 09:46 PMLike 1 - You have to pay for BBM Protected or BES to get end to end encryption.
iMessage includes this for free.10-20-16 09:56 PMLike 7 - https://help.blackberry.com/en/bbm-s...0397548-en.pdf
read all about it... security note on non enterprise bbm10-20-16 10:05 PMLike 0 - It is, and it uses hardware keys in the secure element on iPhone 6 and above.
Last edited by app_Developer; 10-20-16 at 10:32 PM.
JeepBB and StephanieMaks like this.10-20-16 10:16 PMLike 2 - My interest in this is for phone banking, apps and or calling the automated banking system to pay bills. What are everyone's thoughts on security for this?10-20-16 11:05 PMLike 0
- http://blogs.blackberry.com/2016/09/...source=twitter
So the DOD and others know less? Read the article. BBM enterprise is encrypted
In regards banking you are no less secure on ios as blackberry. The dtek software is great in that it tells you your risks. IOS to my knowledge does not have an app that Is monitoring risks.
Posted via CB10anon(9721108) likes this.10-20-16 11:11 PMLike 1 - Why the U.S. Government is One of Many to Choose BlackBerry Software | Inside BlackBerry
So the DOD and others know less? Read the article. BBM enterprise is encrypted10-20-16 11:27 PMLike 0 - Other messaging apps offer encryption as default, but BBM doesn't.
You need to pay for BBM Protected in order to get 'end-to-end' encryption, which is what all the human rights organizations say should be used by those living under oppressive regimes.
It's never that simple though.
Passport filter-evading the NSA Make BlackBerry Great Again!Last edited by jope28; 10-21-16 at 01:33 AM.
10-20-16 11:29 PMLike 0 - Imessage? Secure? I don't think so......
http://mashable.com/2016/10/19/apple...k#9cPZ7RII4iqz
Posted via CB10gugomat likes this.10-21-16 12:23 AMLike 1 -
For all we know, the person whose account was "hacked" was using a password of "password" or "1234." Users will almost always be the weakest link with any "security."10-21-16 01:47 AMLike 6 -
The credit card fraud investigator had the gall to ask "I wonder how they got ahold of your cash advance checks?" I don't know, Perhaps the fact that you've sent hundreds of these blank checks to my house that I never asked for has something to do with it? Now I have a shredder for all of that unopened junk mail.
The apps are not the security problem when someone can just walk up to your mailbox or go through your recycling and get cash advance checks in your name. The apps, like Mint, show you every charge that goes through any of your accounts and flags the big ones. I don't even have to read my credit card statements, now.10-21-16 02:08 AMLike 0 -
If you use our apps, including any text or voice chat in the app itself, then that conversation is end to end encrypted from you to us and back.
If you have SMS notifications from your account (or for multifactor authentication), then the content of that message (SMS) is not encrypted.10-21-16 10:14 AMLike 3 -
- You are free to do that.... actually hope most of the criminal element keeps using BBM. But in countries where you are a criminal if you show you face in public or where you think a woman should have rights... you better be using something other than BBB to discuss that.
If BBM was secure.... what is the point of BBM Protected?10-21-16 10:36 AMLike 6 - Which part is BS? Do you think that permuting every single message from every single user using the same key for years is privacy preserving?
Or are you agreeing with Chen that privacy preservation is not a good goal (except for people willing to pay extra for cryptographic privacy)?JeepBB likes this.10-21-16 10:43 AMLike 1 - If you call us on the phone, including the automated voice system, you are on an unencrypted voice call. It doesn't matter what phone you are using to call us, the result is exactly the same.
If you use our apps, including any text or voice chat in the app itself, then that conversation is end to end encrypted from you to us and back.
If you have SMS notifications from your account (or for multifactor authentication), then the content of that message (SMS) is not encrypted.10-21-16 10:52 AMLike 0 - Strictly speaking, encryption can be done for voice calls and SMS as well, but that's up to the carrier and only covers the link between your phone and the carrier. If the interception occurs further on in the chain then you're out of luck, but you're no worse off than using any other phone (cellular or landline)
But with chat in the apps, we know that secure channel terminates here and so we can (and will be able to) do much more in the apps. The risk is much lower.10-21-16 11:19 AMLike 0 -
-
My own family, colleagues and most of my close friends use iPhones. That has to be a minority case, though.
Others would have to use whatsapp for free e2e encryption.10-21-16 07:15 PMLike 0 - It's my understanding that nothing is secure as a landline, if it's wireless I suppose it could be intercepted. But I also thought that all phone calls with a BlackBerry went through the BlackBerry computers at Waterloo and I thought that this was somehow safer?10-21-16 07:31 PMLike 0
-
Landline calls can be just as easily intercepted. Landlines are not secure unless you buy appropriate devices to secure the call.chain13 and Elephant_Canyon like this.10-21-16 07:37 PMLike 2 -
And that's all assuming the NOC has ultimate trust.10-21-16 10:25 PMLike 0 - The report appears to give equal marks in 5 sections:
1) Recognises online threats to human rights. This is useless when it comes to evaluating the technical qualities of a messaging app
2) Deploys end-to-end encryption as a default. It's a good metric, but really, you get full marks for having it on as a default, but does it matter if you have weak end-to-end encryption??? Not on this scorecard in this category
3) Informs users of risks and encryption used. Also I think useless. Most users wouldn't know what you're talking about nor do they even care (if they did, how come they aren't using end-to-end encryption in their email, which has been available for years? Why didn't they care about BBM when they were the only one with relatively secure messaging?)
4) Discloses government requests for user data. Also usless as a metric for evaluating the messaging app itself, never mind that the US government sometimes seems to prohibit companies from even disclosing their requests.
5) Publishes technical details of encryption. Good or bad? I'm not sure, most people wouldn't understand the technical details and the ones that do ... well, that's a small community and I bet most can guess what everyone else is using. It doesn't directly make your messaging app safer. It indirectly helps by getting more eyeballs to spot flaws in the algorithm, but I'm betting that small community are pretty up to speed on the technical strengths & weaknesses of each approach anyways. They're no dummies.
And the end of the day, I think Blackberry gets big marks off for 2), default end-to-end encryption, especially since they like to brag about their security. But that's about it.
Now about the issue of end-to-end security. Let's get it straight, it only solves one aspect of security & privacy and that has to do with man-in-the-middle type of attacks. That's pretty much it. If somebody physically has your phone, if they can unlock it (which has nothing to do with the messaging app), they can read your messages. If the phone hardware has a flaw or backdoor, they can read your messages. If the phone has malware or backdoor built in, they can read your messages. Even on a phone with built-in unique hardware key, I believe there is a point where the messages can be captured on the phone prior to encryption. (If you can read it on the screen, so can something else).
So who is going to intercept your messages in transit? Who has the capacity to do this? One is the carriers and another are government agencies. Neither of them have any business reading my messages nor do I trust any of them to behave ethically. BUT, I'm willing to bet the governments can already get whatever information they want about me anyways, even if I do use iMessage, Telegram or whatever. AND I trust those companies even less (Facebook, Line, Viber, etc) who do not have any obvious business plan to make money other than stealing my personal data. At least Apple & Blackberry are offering this (outwardly anyways) as a bonus in order to sell their other services or hardware.NAA1 likes this.10-22-16 12:49 AMLike 1
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
BBM not as secure as Apple?
Similar Threads
-
bbm fails to get HD picture
By wg7 in forum General BBM ChatReplies: 14Last Post: 04-09-17, 11:33 AM -
priv wont turn on, shows charging but not charging
By CrackBerry Question in forum Ask a QuestionReplies: 10Last Post: 12-30-16, 04:08 PM -
Hangouts not working after follwoing Cobalts steps
By CrackBerry Question in forum Ask a QuestionReplies: 2Last Post: 12-22-16, 10:11 AM -
Smart Lock facial recognition does not apper to be doing anything?
By F2 in forum BlackBerry PrivReplies: 16Last Post: 10-23-16, 04:46 PM -
So will Chen pull plug on BBM at some point?
By prplhze2000 in forum General BlackBerry News, Discussion & RumorsReplies: 11Last Post: 10-21-16, 04:16 PM
LINK TO POST COPIED TO CLIPBOARD