Blackphone gets hacked Over-the-air hacks of BlackBerry, others fly under radar

Blackphone goes to Def Con and gets hacked?sort of | Ars Technica

taken from the article:
"Ask and you shall receive. Jon “Justin Case” Sawyer, the CTO of Applied Cybersecurity LLC, walked up to the Blackphone table at Def Con and told them he rooted the phone. And those who followed him on Twitter received an abbreviated play-by-play.

Further Reading
Exclusive: A review of the Blackphone, the Android for the paranoid

Custom-built with privacy in mind, this handset isn’t for (Google) Play.
What followed, however, was not what Sawyer or the Blackphone team counted on: a BlackBerry blogger at N4BB leapt on one of Sawyer’s tweets and wrote a story with the erroneous headline, “Blackphone Rooted Within 5 Minutes.” By the time Sawyer was presenting on Sunday at Def Con with Tim Strazzere, the story had been picked up by a number of blogs and websites—and nearly all of them didn’t bother getting further details from Sawyer or Blackphone.

BlackBerry partisans gloated over the hack. But the irony is that three days earlier, researchers from Accuvant showed in a presentation at Black Hat that they could remotely attack BlackBerry phones (as well as some Android and iOS devices) with a femtocell man-in-the-middle attack, getting root without even touching the phone. So the question is whether BlackBerry fans have any room to brag, or whether they're simply safer because they're not as big a target as Android. "

_______

One attack, demonstrated at Black Hat by Mathew Solnik and Marc Blanchou, used the embedded over-the-air management interfaces used by wireless carriers to perform carrier-pushed configuration updates. They were able to gain root access to BlackBerry phones, as well as some Android phones and the Sprint configuration of some iOS devices. The devices most vulnerable to the attack were the BlackBerry Z10 and the HTC One M7.



_______
End of article quoting

So I think it's fair to say all the talk that Android isn't secure because it can be rooted and BB can't is hogwash and refutable at this point. BB is secure through obscurity and BB10 has been rooted outside of the NSA. It's time we all come to terms with it, honestly I wish it were made public so that we may exploit it for ourselves.

Remotely attack, how? What can they do to my BlackBerry device? Wipe the device? Steal my details, access my notepad, browser history.
I'd like to know, as much as every other security conscious person would..

Originally Posted by Bilaal

Remotely attack, how? What can they do to my BlackBerry device? Wipe the device? Steal my details, access my notepad, browser history.
I'd like to know, as much as every other security conscious person would..

well root access was gained to z10 devices so, pretty much whatever the attacker wants to do.

Lol. That's two months old and its been patched right away. Close thread.

Posted via CB10

Originally Posted by notafanboy

Lol. That's two months old and its been patched right away. Close thread.

Posted via CB10

hmm... nope. this happened a few days ago, with root access having been gained. i haven't received a carrier update pushed out to patch it. so, again, nope.

It just didn't happen..... yet

Join my photography channel

The 'Carrier software' exploit/vulnerability was a subject of a previous thread. Basically, yes... Carrier software can manage/alter your device.

I heard software updates pushed by the manufacturer can ALSO modify my device.

So I guess the idea is that we trust the manufacturer and carrier to be responsible and maintain security. What else can we do, aside from making our own everything?

http://forums.crackberry.com/blackbe...phones-949685/

Two months old. Go look it up. yawn this rehashing old news and misleading is getting old.

Posted via CB10

Originally Posted by notafanboy

Two months old. Go look it up. yawn this rehashing old news and misleading is getting old.

Posted via CB10

The conference was just last week. So, again, nope.

http://nakedsecurity.sophos.com/2014...nes-and-ipads/

I would worry about this. It's the reason why China, Germany and other governments around the world are banning iphone and ipad.

Posted via CB10

We're talking about BlackBerry here and not Apple

Well, this is embarrassing...wonder what BlackBerry would do about this

Posted via CB10

Originally Posted by Aljean Thein

We're talking about BlackBerry here and not Apple

Well, this is embarrassing...wonder what BlackBerry would do about this

Posted via CB10

You are right. Talking about apple is a waste of time. BlackBerry already patched this up two months ago. You can kick, scream and hate all you want. No point in responding to those who hate BlackBerry on a BlackBerry fan site.

Posted via CB10

Originally Posted by notafanboy

You are right. Talking about apple is a waste of time. BlackBerry already patched this up two months ago. You can kick, scream and hate all you want. No point in responding to those who hate BlackBerry on a BlackBerry fan site.

Posted via CB10

please post a link showing that it's been patched, and who was hating on blackberry?

Originally Posted by AnimalPak200

The 'Carrier software' exploit/vulnerability was a subject of a previous thread. Basically, yes... Carrier software can manage/alter your device.

I heard software updates pushed by the manufacturer can ALSO modify my device.

So I guess the idea is that we trust the manufacturer and carrier to be responsible and maintain security. What else can we do, aside from making our own everything?

http://forums.crackberry.com/blackbe...phones-949685/

No need to open a new thread, that discussion still is ongoing.