Blackphone gets hacked Over-the-air hacks of BlackBerry, others fly under radar
Blackphone goes to Def Con and gets hacked?sort of | Ars Technica
taken from the article:
"Ask and you shall receive. Jon “Justin Case” Sawyer, the CTO of Applied Cybersecurity LLC, walked up to the Blackphone table at Def Con and told them he rooted the phone. And those who followed him on Twitter received an abbreviated play-by-play.
Further Reading
Exclusive: A review of the Blackphone, the Android for the paranoid
Custom-built with privacy in mind, this handset isn’t for (Google) Play.
What followed, however, was not what Sawyer or the Blackphone team counted on: a BlackBerry blogger at N4BB leapt on one of Sawyer’s tweets and wrote a story with the erroneous headline, “Blackphone Rooted Within 5 Minutes.” By the time Sawyer was presenting on Sunday at Def Con with Tim Strazzere, the story had been picked up by a number of blogs and websites—and nearly all of them didn’t bother getting further details from Sawyer or Blackphone.
BlackBerry partisans gloated over the hack. But the irony is that three days earlier, researchers from Accuvant showed in a presentation at Black Hat that they could remotely attack BlackBerry phones (as well as some Android and iOS devices) with a femtocell man-in-the-middle attack, getting root without even touching the phone. So the question is whether BlackBerry fans have any room to brag, or whether they're simply safer because they're not as big a target as Android. "
_______
One attack, demonstrated at Black Hat by Mathew Solnik and Marc Blanchou, used the embedded over-the-air management interfaces used by wireless carriers to perform carrier-pushed configuration updates. They were able to gain root access to BlackBerry phones, as well as some Android phones and the Sprint configuration of some iOS devices. The devices most vulnerable to the attack were the BlackBerry Z10 and the HTC One M7.
_______
End of article quoting
So I think it's fair to say all the talk that Android isn't secure because it can be rooted and BB can't is hogwash and refutable at this point. BB is secure through obscurity and BB10 has been rooted outside of the NSA. It's time we all come to terms with it, honestly I wish it were made public so that we may exploit it for ourselves.