07-25-16 12:21 AM
28 12
tools
  1. K3_Cubed's Avatar
    @Fret Madden Ok. Thank You.

    @swiftex Yes I do think that I prefer how the general navigation and notification access through HUB. Blackberry definitely is a winner there for me too! I suppose other users would argue that OS customization or the like can be used to bring something similar, but I don't think it would get close in form because of legal issues etc. Only thing would be a whole new and independent notification/access system redesign.

    REGARDING THE SECURITY

    Doesn't seem like anyone has really answered it comprehensively. I've been searching online and in the forums and can't find anything succinct.... It's like a piece here and a piece there. I have attempted to place it into one place for feedback as I am writing this from a non-technical, non-security background . (Some of these are no-brainers like the apps, but for the sake of completeness it's there.) What I've found so far is this:

    User Security & Privacy in the phone market seems to be dependent on several things (For brevity, I am using OSM to mean Operating System Manufacturer):

    1) OS "hardness"
    2) App Specific Permissions/Encryptions
    3) OSM Communications Protocols
    4) OSM data collection/usage
    5) OSM Sever security



    OS HARDNESS

    I take this to mean how vulnerable the particular OS is to several attacks/hacks/exploits using malicious code. It affects both security and privacy. The OS's with closed or proprietary/unavailable source code is arguably more difficult to exploit because any OS programming structure/Coding/Update modifications will need to be searched out and understood before security loopholes can be exploited.

    Ironically an open source OS like Linux is said to have less security holes because there are more "eyes" out there to look at the code and improve it by finding and reporting or patching these holes. (which is a the reasoning Apple has ussed for removing encryption from their kernel in iOS 10). Android is supposed to be open source to a point: the kernel and general runtimes are open source, however Google Apps (read google services inclusive??), Firmware Specific Code and OEM apps are not (closed-source).

    Out of the four OS's, Android seems to have been featured more frequently in the news regarding security exploits. This could be due to the popularity of the target OS making it more desireable for hackers as well as it's open source nature coupled with the relatively young age of the OS in terms of having time to patch holes. The remaining OS's are closed source, but even if so, this does not mean exploits don't exist, it just may be harder to find because of the closed source nature... Further to this, exploits may be from how the OS interacts with third party software and services that are used in the OS (think of Flash and Java). Whilst installation of Antivirus and Firewall software can help with certain malware, they won't necessarily protect from exploits, and these need to be patched by OSM's.

    Further to an OS's source being open or closed, they may have integrated in it certain "checks and balances" on itself to prevent OS modifications as well as built in security encryptions to protect any user data. I don't know for sure the level to which each individual OSM implements encryption in their system. Arguably Blackberry would seem to be the best from the outside based on how they implement encryption and signed verification of their OS that is tied into a hardware-software combo and operates in conjunction with data encryption. However apple also LazyEvul for the info) and samsung is reported to also implement such measures, but no verification on this could be found.

    Based on the FBI case regarding apple (wow, has it been so long already), both the newer versions of android (latest) and iOS appear to implement encryption of local user data, however iOS actually went further with encrypting the kernel core for the OS. However the latest iOS 10 has no kernel encryption.

    From what I could find Android itself doesn't appear to have any encryption protocols in place for the actual kernel or OS as a whole. I don't know if there is a custom ROM out there with that capability. Maybe someone can indicate.

    Windows Phones also only has data encryption available on Windows Phone 10, but encryption doesn't seem available on earlier OS's.. Windows Phone 10 also doesn't appear to have any integrated encryption or checks in place on core OS files.

    OS Hardness is not something you really have control over. It is purely dependent on the OSM's implementation of their software. As mentioned earlier, you can probably mitigate SOME deficiencies in OS hardness through the use of programs like anti-virus apps and firewalls, and that approach will not necessarily protect from exploits. The relationship between covering up an exploit through the use of AV or FW's is synonymous with putting measures in place to catch the horse after it has bolted from the barn....It's better to bolt the barn...


    APP SPECIFIC PERMISSIONS/ENCRYPTIONS

    This should be pretty self explanatory. Every app you install requires certain permissions in order to operate and fulfill its intended purpose. So while your OS hardness may be excellent, in order to allow developers/companies/social media to run on the OS, it needs permission from the OS to access certain stuff to function properly. YOU basically instruct the OS on what permissions to give the app when you install it. HOWEVER, some developers may restrict what access you have control over. For example: you might decide to install a weather app, but when you install it, it asks for permission to your Location. This should be expected as the app needs to know where you are to provide you with appropriate weather info.

    However if that same app was to ask you for location information AS WELL AS Contacts and Shared Files access, that would be a bit dubious as it has no reason to access that information unless it has some advanced sharing features etc. Furthermore, some apps you just won't know for sure unless you read carefully through the app's privacy policy (if their is one) or have enough technical know how to monitor an apps communications. An example would be a messaging app that accesses your contacts, but then might be exporting all your contacts to some external server on the down low.. Ultimately I think all OS's have this issue and it is up to the USER to appropriately set permissions or just choose not to use an app.


    OSM DATA COLLECTION/USAGE

    An OSM may choose to collect, collate and store information about you based on your usage of their different services provided to you. They may choose to store it locally or on a server, encrypted or unencrypted, and may opt to share it with third parties... for money. The information they collect may be personally identifiable information or non-personally identifiable information. And the information they choose to share may be personally identifiable information, but in most cases it is not. By the definition of personally identifiable data, it would appear that the sharing of NPI information to third parties has no other tangible effect (right now) other than providing targeted advertisement data or sales pitches. But there would be concerns in the potential future with any changes in privacy policy and all that aggregation of data (correlated PI and NPI data): and I mean aggregation across all sites and several years in some instances. All OSM's collect this Data now in 2016. Android/Google is arguably the most intensive, followed by Apple/iOS, Microsoft/Windows Phone, and Blackberry/BB10 being last. This data collection is of particular concern when it comes to item 5 on this list, but we'll get to that.


    OSM COMMUNICATIONS PROTOCOLS

    OSM comm. protocols is nothing that intensive. It primarily refers to how information is sent to and from the OSM servers on the internet. Since the OSM collects data, it would be important to know that the data is transmitted securely to prevent interception. Things like sending e-mails, messaging are also affected. Usually security is in the form of using https/ssl sites. I think most OSM's autoset their mail clients to use servers using SSL. Indeed I believe most OSM's use SSL transmission for most of their services, but I just can't be sure as I haven't been able to dig up as much information.Someone more security savvy could probably elaborate on this. Regarding the local storage of data, once it is encrypted, the transmission of any collected data should not be a problem. I THINK most OSM's store PI and NPI information in an encrypted format (though not by default). Most OSM's here would probably be on similar ground here in terms of external communications


    OSM SERVER SECURITY

    Simply put, this aspect here is tied into a large portion of what most people are concerned about. With the Edward Snowden leaks of yester-year and what they reveal about the NSA's use of the PRISM program as a kind of backdoor into major tech companies' data, coupled with NSA going so far as to have their legal representatives saying (disturbingly so) in court that manufacturers knew full well about it, even though the tech companies vehemently deny; to the relatively newfound awareness of various Governments' usage of spyware to snoop on cellphone users or NSA on computer users through their Hard Drives; and even to worries that the rise of Google as tied in with the apparent CIA Venture Capital firm "In Q-Tel", the potential of what could happen to our data in the light of these revelations is what is of concern.

    Whether the data that is collected en masse is easily available to snooping from a higher authority with an agenda; whether it is distributed in such a way that could be used to by third parties to target us without our consent, whether we actually have any power to control the issuance and usage of whatever we consider to be private is the issue. Are the OSM's making every effort to encrypt and protect our data from unwanted access? Are they giving us the needed options to prevent data collection and preserve our privacy? Does it even matter or have we already lost out to that higher authority? Have the OSM's already given away the key to the higher authority?


    IN THE END

    (And my gawwwwwd was this a RABBIT HOLE!!!!). Coming back to my original concerns about where should I jump if I were to jump....for me in terms of privacy & security only, and this is just my view:

    • Android - Google is arguably putting a lot of effort into the encryption of all their data on their servers, providing options for encryption on their phone; and also trying to harden their kernel and give more control over app permissions with updated versions of Android (read "L" and "M") from what I can read (superficially) on the web. However their code is open source, and while this could lead to greater customization and better security down the pipleine, it also means there is a greater probability of potential exploits occurring. This may slow down over time as Android releases yearly updates with patches. Besides this, the massive collection and analysis of data by default is not desired. Google's Privacy Policy outlines how to opt out of certain data collection schemes though, however it's not certain whether any of the data aggregated so far will deleted off of their servers as opposed to "just not being used". Further to this, just the lingering worries about NSA's involvement with Google given the historical connection is still there and can only be erased with time and action.


    • iOS - Apple was in a good position pre iOS 10 with localised encrypted personal data and an encrypted kernel together with little data collation (even though there was a lot of data collection), although it has implemented hardware/software signing and verification in their OS similar to what Blackberry does. However with iOS 10, Apple seems to be going in the same direction as google, with the intent to collect and use all your user information for collation and to improve their services whilst storing it on their servers. While Apple lacks the offering of customisations that Android does, it is still a closed source, however the removal of the encrypted kernel makes it more vulnerable to exploits in the near (quite possible) future, though maybe not as easily as the open source android. The data collection and aggregation is still an issue as it still means data could potentially be hacked through an NSA backdoor. I don't have an apple account, so I can't do in depth checks, but from most hardened mobile OS at present (many thanks to Sairos for the feedback). Still, precautions would need to taken much as in Android where emphasis must be placed on making good user decisions and implementing supplementary security measures.


    • BB10 - Blackberry offers local data encryption as with all the other handsets. Blackberries on consumer plans (read BIS or standard 3/4G plans) offer no special encryption outside of the standard Https/SSL protocols that may be used in communicating with certain servers on the web. BB10 also offers integrated hardware signing and software checks to ensure the veracity of the OS. Based on personal experience and from reading the Blackberry Privacy Policy, BB10 appears to collect data similar to the other OSM's, but their doesn't seem to be the option to opt-out of the specific monitoring of third party apps on your phone; other monitoring like location can be turned off and the voice assistant doesn't have to be utilised. However (at least based on consumer side events), to this date blackberry hasn't offered any services that could have been theoretically offered such as ads and other services. The fact that this hasn't happened can be interpreted in several ways: either blackberry was inept at utilising that data; blackberry was just hording data for the purpose of selling anonymous information; or blackberry never held in retention any information past it's "immediate" usage. We may never know. However, we know that any data stored on the phone (through user input) and on their servers is encrypted and their servers have reportedly never been accessed without their consent for criminal investigations etc.

    Security & Privacy wise then I would have to say that BB10 would be the only way I would choose right now with apple being close second. This is primarily because of the potential that exists to access our collected data followed by the current lack of targeted services or third party offers that are provided. Given their specific higher level of OS Hardness compared to the other manufacturers with the hardware and software signing/encryption together with their server side data storage encryption; and the offering of local data encryption that is available across all OSM's. I believe it would be my preferred choice for privacy and security.
    Last edited by K3_Cubed; 07-19-16 at 07:29 PM. Reason: Article Update on hardware signing
    06-29-16 12:02 AM
  2. Thud Hardsmack's Avatar
    [info]Post moved to its own thread for more prominence.[/info]
    07-02-16 04:42 PM
  3. Sairos's Avatar
    Quite informative.. I also like the conclusion you came to, in the end xD.. Thanks for the thread..
    07-02-16 05:04 PM
  4. K3_Cubed's Avatar
    Thanks Fret.

    Just as a general background I was wondering a while back to go to a new phone and was contemplating the pros and cons.

    Privacy and Security is my primary concern, and will all the back and forth from users of different OSes (some genuinely helpful and informative and some just giving more surficial comments without any real explanation), I tried to do some digging to come up with my own answers based on the feedback other users gave.

    The first post is just what I could find in the amount of time I could. It's just a matter of whether what I found online was true based on the references.

    Some statements may be my own interpretation, and my conclusions in this are my own because of what I consider important. No one else has to have to same opinion.

    Just looking for technical feedback if anyone knows about details on those things or can give updated references etc.

    Posted via CB10
    07-02-16 05:07 PM
  5. K3_Cubed's Avatar
    Quite informative.. I also like the conclusion you came to, in the end xD.. Thanks for the thread..
    Thanks man, but bare in mind I'm a nobody and I don't have any authority on the subject, but it's what I could piece together together to satisfy questions I have had (and probably some may have had too. Glad you found it helpful, but it's still open to feedback.

    Posted via CB10
    07-02-16 05:10 PM
  6. Sairos's Avatar
    I personally think BB10 has the best security, There is also the popularity part.. An OS that's not very popular is not quite often targeted by malware, viruses, etc... They usually target the most popular OSs.. like Android & iOS.. if you've heard about the recent malware that remotely roots your android and installs APKs.. They talked about it in Android Central.. Its an added benefit that your OS is not mainstream.. Its something bad for the OS and BlackBerry but it definitely serves you as someone who is concerned about security..

    Also I've heard that the Priv can't be rooted, so definitely BlackBerry's take on android is as secure as it gets..
    K3_Cubed likes this.
    07-02-16 05:16 PM
  7. Thud Hardsmack's Avatar
    I personally think BB10 has the best security, There is also the popularity part.. An OS that's not very popular is not quite often targeted by malware, viruses, etc... They usually target the most popular OSs.. like Android & iOS.. if you've heard about the recent malware that remotely roots your android and installs APKs.. They talked about it in Android Central.. Its an added benefit that your OS is not mainstream.. Its something bad for the OS and BlackBerry but it definitely serves you as someone who is concerned about security..

    Also I've heard that the Priv can't be rooted, so definitely BlackBerry's take on android is as secure as it gets..
    BlackBerry is only worried about security if you're on BES, they still haven't fixed the browser holes. I'm not familiar with that android exploit as typed, do you have a link? And correct, the Priv is not able to be rooted.
    Laura Knotek likes this.
    07-02-16 05:36 PM
  8. Sairos's Avatar
    BlackBerry is only worried about security if you're on BES, they still haven't fixed the browser holes. I'm not familiar with that android exploit as typed, do you have a link? And correct, the Priv is not able to be rooted.
    Nothing is 100%, I just think that they offer the best security in comparison to Android & iOS.. It also depends heavily on how the user behaves, but we're talking about a good behaving user of course :P

    And yes of course, here is the link: http://www.androidcentral.com/malici...thats-about-it
    Thud Hardsmack likes this.
    07-02-16 05:53 PM
  9. Thud Hardsmack's Avatar
    Nothing is 100%, I just think that they offer the best security in comparison to Android & iOS.. It also depends heavily on how the user behaves, but we're talking about a good behaving user of course :P

    And yes of course, here is the link: The malicious 'Godless' exploit found in a few Google Play apps sounds scary, but that's about it | Android Central
    Oh that one. Yeah nothing to worry about there; Android wasn't the greatest in the past but has made some astounding leaps to keep users safe, with even Lollipop users are generally safe as long as they aren't doing dumb things like installing apps from outside the store. BlackBerry has actually made users UNsafe with adding the Android runtime, it's stuck on Jellybean and there was no warning to stay away from 3rd party stores that are riddled with malware. Cobalt should be showered with gifts and praise for making Google Play Store available to BB10 users so people stop going to places like 1mobile for altered apps (yes, personal gripe).
    TgeekB likes this.
    07-02-16 06:05 PM
  10. Sairos's Avatar
    Oh that one. Yeah nothing to worry about there; Android wasn't the greatest in the past but has made some astounding leaps to keep users safe, with even Lollipop users are generally safe as long as they aren't doing dumb things like installing apps from outside the store. BlackBerry has actually made users UNsafe with adding the Android runtime, it's stuck on Jellybean and there was no warning to stay away from 3rd party stores that are riddled with malware. Cobalt should be showered with gifts and praise for making Google Play Store available to BB10 users so people stop going to places like 1mobile for altered apps (yes, personal gripe).
    Yes its just my personal opinion, I've no experience regarding security.. I generally believe it depends on how the user conducts himself and the popularity of the OS.. Say if someone is running Linux in a PC, he is much safer than anyone with Windows.. as people who develop malware, ransomware, etc.. they usually want to target a LOT of people.. More infected devices = More money.. With android now having 82.8% of the market (2015 Q2).. its everyone's wet dream xD..

    I'll post a few pics from an interview done by What mobile magazine (Dec/15).. They interviewed Steve Lord, a white hat hacker and a security expert... The interview was about Data security and they really had some good questions.. I think everyone should read it, Excellent info there. Under Attack: An interview with a hacker - What Mobile

    Feedback Desired-00.png Feedback Desired-untitled.png
    Thud Hardsmack and K3_Cubed like this.
    07-02-16 06:25 PM
  11. Thud Hardsmack's Avatar
    Yes its just my personal opinion, I've no experience regarding security.. I generally believe it depends on how the user conducts himself and the popularity of the OS.. Say if someone is running Linux in a PC, he is much safer than anyone with Windows.. as people who develop malware, ransomware, etc.. they usually want to target a LOT of people.. More infected devices = More money.. With android now having 82.8% of the market (2015 Q2).. its everyone's wet dream xD..

    I'll post a few pics from an interview done by What mobile magazine (Dec/15).. They interviewed Steve Lord, a white hat hacker and a security expert... The interview was about Data security and they really had some good questions.. I think everyone should read it, Excellent info there. Under Attack: An interview with a hacker - What Mobile

    Click image for larger version. 

Name:	00.png 
Views:	1031 
Size:	161.3 KB 
ID:	403335 Click image for larger version. 

Name:	Untitled.png 
Views:	1027 
Size:	77.7 KB 
ID:	403336
    Someone asked me if Windows was the most vulnerable now because of writing one OS to run on desktop to phone, and I couldn't answer because I've no experience with Windows outside of desktops and laptops. It's interesting to see that it's apparently very difficult to break. And while Android might be the softest target Google is working on getting around carriers to update as much as they can independently, as well as shaming the manufacturers and carriers who are slow to push updates. I'm waiting to see how Android N mitigates risks because of the dual partitions for updates - one partition will be active while the offline partition gets updated in the background.
    Sairos and K3_Cubed like this.
    07-02-16 08:31 PM
  12. K3_Cubed's Avatar
    BlackBerry is only worried about security if you're on BES, they still haven't fixed the browser holes. I'm not familiar with that android exploit as typed, do you have a link? And correct, the Priv is not able to be rooted.
    No... they've only been interested about COMPLETE SECURITY when you have BES LOLOL. Everything is about money man.... That's what they had to sell and make money on with big enterprise... You're gonna have to buy the whole cow... one udder for regular milk, the other for chocolate milk... chocolate millk was the BES security and all integrated administrative tools and control....

    Sure, they'll give you some milk (read hardware signing with software key checks; local encryption, remote wipe)... Most companies do not care about you or what they could potentially offer you unless they think they can monetise it...

    Having said that, the main security benefit of BES is the end to end encryption of communications. Outside of enterprise solutions however, I think no one OS has the end to end encryption communication. If anyone knows otherwise please clarify.
    07-04-16 07:24 AM
  13. K3_Cubed's Avatar
    Someone asked me if Windows was the most vulnerable now because of writing one OS to run on desktop to phone, and I couldn't answer because I've no experience with Windows outside of desktops and laptops. It's interesting to see that it's apparently very difficult to break. And while Android might be the softest target Google is working on getting around carriers to update as much as they can independently, as well as shaming the manufacturers and carriers who are slow to push updates. I'm waiting to see how Android N mitigates risks because of the dual partitions for updates - one partition will be active while the offline partition gets updated in the background.
    I myself.... never saw this coming.. I am a gamer so you KNOW I have windows and I try my best to lock it down etc. And I knew microsoft's catch phrase when Windows 10 was coming out was "the most secure windows ever". I didn't really take it on that much in all honesty... You kind of learn over the years to give the typical:

    Feedback Desired-69237579.jpg

    I am so skeptical I am tempted to ask if he's a legit white hat LOLOLOL. I don't know what tweaks they made to the Windows Phone OS, but they have had to have been really good tweaks to warrant that critique.. Hope he's not a Microsoft Shill.... or worse yet... a black hat shill.... Because that would be exemplary social hacking at play....
    Last edited by K3_Cubed; 07-04-16 at 08:08 AM.
    07-04-16 07:34 AM
  14. K3_Cubed's Avatar
    .....The interview was about Data security and they really had some good questions.. I think everyone should read it, Excellent info there. Under Attack: An interview with a hacker - What Mobile
    That was a very nice and informative post... When I reached the part where Lord says "We don’t know exactly what GCHQ can and can’t do. But every time there’s a leak, the details are often both impressive and scary from a hacker’s perspective.", I was thinking OMG.... for someone who was able to hack into the Pentagon meeting room and hack all the TV's and get to stream all media rooms to their servers.... how scary were the levels of the hacks that were released???

    Then I also thought, wait a minute... he hacked into the Pentagon... he basically beat NSA's own security.... how the hell was the Pentagon so porous......He was impressed by methods of hacking that allowed NSA to break into systems potentially on the same level as the pentagon (which he himself was able to do.... )Cyclic Redundancy Error .... I dunno, maybe it's just because of "different branch" measures..... who knows...
    07-04-16 08:03 AM
  15. Sairos's Avatar
    Then I also thought, wait a minute... he hacked into the Pentagon... he basically beat NSA's own security.... how the hell was the Pentagon so porous......He was impressed by methods of hacking that allowed NSA to break into systems potentially on the same level as the pentagon (which he himself was able to do.... )Cyclic Redundancy Error .... I dunno, maybe it's just because of "different branch" measures..... who knows...
    I think he broke into a system that's identical to the one used in the pentagon, but he didn't go for the pentagon.. Otherwise I don't think he would be free to speak about finding such vulnerability in the pentagon.

    "I’ll be given a target by a customer, it could be a website, a mobile phone or in one case last week a meeting room. You might think meeting rooms are strange things to attack. But within an hour or so we had full control of the TV screens, climate control and were able to stream audio from every meeting room in the building to us. And this is a system that the US Department of Defense uses it at the Pentagon. I write reports on how to fix problems. Often the most serious vulnerabilities are those that affect the underlying business, and they’re usually the ones that need the most support."
    07-04-16 12:31 PM
  16. K3_Cubed's Avatar
    Yes, I think that is the correct interpretation, the seemingly erroneous grammatical structure led me (my brain) to auto interpret the statement in a simplified manner. When you do include those three or two words then you do get the impression that it was an outside system.

    Posted via CB10
    07-07-16 11:20 PM
  17. Soulstream's Avatar
    The problem is that companies must find the best balance between security and usability. If Google really wanted to make Android more difficult to exploit, they would just disable sideloading apps altogether and only allow apps to be downloaded from Google Play. Most malware is spreaded through 3rd party store or cracked premium apps.

    But the enthusiast community would riot over this. And that's the problem. Most of the enthusiast community have at least some common sense and and most of the time what they are doing. Their tinkering with Android goes up to rooting their device and I doubt many of them actually got malware out of it. The security for the average user, show doesn't tinker that much (or at all) would definitly improve by restrincting certain things in Android, but then Android would lose part of its identity and appeal.
    LazyEvul likes this.
    07-08-16 12:20 PM
  18. LazyEvul's Avatar
    There's a lot of errors and misconceptions going on here, but I'll try to keep this short:

    -Open-source is not a drawback to security. It just makes researchers' lives easier, and they're the people you want to be helping if you want to build a secure platform. It also makes backdoors much harder to hide.

    -Google does indeed collect a lot of data, but to their credit they also put a lot of effort into protecting it. Their business model relies on you trusting them with that data, and on keeping that data away from advertisers so that they can continue getting paid to be the middle man. They can't do much about the NSA and the like, but if your threat model includes the NSA, none of these platforms is going to help you.

    -iOS 10's data collection is still very minimal, and it's also anonymized. It uses differential privacy to prevent deanonymization of the data - effective in theory, though we need to know more about Apple's implementation to draw some serious conclusions. There are definitely opt-out options in the settings that you can tweak to your liking as well.

    -Keeping the kernel unencrypted has no negative effect on security. It's the same principle as open-source - make life easier for researchers. Your personal data is still encrypted on iOS 10.

    -Hardware signing & integrity checks are not unique to BlackBerry. Samsung & Apple both do it as well - others probably do too, but those are the ones I'm certain about.

    -It's 2016. None of these companies are dumb enough to store your data unencrypted on their servers. Microsoft, Google and Apple all employ top talent in security, and they're typically willing to listen to third-party researchers.

    -Yes, Windows 10 is the most secure Windows yet. That shouldn't be shocking at all, it's the natural progression of technology. iOS 10 is more secure than 9, BB10.3 is more secure than 10.2, etc. Regressions are rare in this respect, and this is why keeping your software up-to-date is one of the most common security recommendations you'll hear.

    I'll also mention that in the security community in general, 64-bit iPhones (5S and later) are seen as the most secure mobile devices. This may vary for specific threat models, but for the average consumer, that is the recommendation I see from experts time and time again. iOS 10 has not changed that. Windows Mobile and BlackBerry 10 have a decent rep, but not enough research has been done for them to really prove themselves - and that'll likely never change because they just aren't that popular. Android is seen as a disaster on anything that isn't a Nexus, but it's definitely gotten a lot better in the last couple of major updates.
    07-08-16 04:15 PM
  19. K3_Cubed's Avatar
    There's a lot of errors and misconceptions going on here, but I'll try to keep this short:
    I appreciate the feedback, and as I said I am not a security expert, but I attempted to correlate across different snippets of information that people give in order to provide a more complete picture. No one has provided links to any one article that substantially deals with all of the issues involved in privacy and security in a single place. While I can't discuss everything detail, the post could serve to thoroughly flesh out and educate anyone on the reality of any situation.

    -Open-source is not a drawback to security. It just makes researchers' lives easier, and they're the people you want to be helping if you want to build a secure platform. It also makes backdoors much harder to hide.

    -Keeping the kernel unencrypted has no negative effect on security. It's the same principle as open-source - make life easier for researchers. Your personal data is still encrypted on iOS 10.
    I am going to have to respectfully disagree with your position. I mentioned that the open-source nature is a double edged sword with the potential for exploitation whilst at the same time allowing discovery of things that need to be patched or can be done better, and I made reference to Linux as an example..... But you are implying it's only one edged....The best similitude I can put forward is that a safe-cracker arguably has a easier time getting to the safe to crack it using a bank's blueprint that without using it. By "researchers" I take it you mean those independent security firms/companies who produce reports on any potentially new dangers that need to be fixed. I agree that this is valuable and helpful. But at the same time the numerous eyes that are out there who may see an exploit and choose use it rather than report it is also valid. Remember the Open SSL Heartbleed incident? Here are two 1 ;2 on it. From what I remember as well, the primary German Coder on the standard allegedly knowingly introduced that hole since inception. I really do have to find that link to the story: Hrrrrrmmmm, can't find the original article, but found one that references accusations made that he did do it deliberately and one that says it was an oversight. It was MIND BLOWING for me at that time.... Imagine all the eyes of the open source community and that managed to slip!!! And yes, I suppose if it wasn't for "research firms" we may never have known about it. But the question is, was the fact that it was open source and freely available to other eyes make it exploitable long before researchers could have found it? So again, I can't agree to the single edged sword argument.

    -Google does indeed collect a lot of data, but to their credit they also put a lot of effort into protecting it. Their business model relies on you trusting them with that data, and on keeping that data away from advertisers so that they can continue getting paid to be the middle man. They can't do much about the NSA and the like, but if your threat model includes the NSA, none of these platforms is going to help you.

    -It's 2016. None of these companies are dumb enough to store your data unencrypted on their servers. Microsoft, Google and Apple all employ top talent in security, and they're typically willing to listen to third-party researchers.
    Yes I did say that google has implemented measures by way of encryption etc. to prevent data access, both locally and on servers. I seem to recall an article talking about the only fairly recent attempts by all of the major manufacturers to actually encrypt data stored on their servers. The data was never actually encrypted in the earlier days apparently, it was just scrambled but not truly encrypted, not 100% sure. I'll have to search for that article again. (Sheesh, can't find it, all I can find is a reference to the start of encrypting traffic from data center to data center starting around 2014)

    My only real comparison between the different companies here was the level of encryption on their servers with the potential ability of third parties (inclusive of the NSA) to crack the encryption. I know there was an article a while back about NSA demanding that RIM reduce the level of encryption on their servers (I think it was servers specifically, not communication) because they could access the data within their territories. That was a while back, and I know other phone manufactures may have had chance to catch up. Whether they did or not is a different story.

    I've read about the FIPS 140-2 certifications across the board, but I'm still reading into it. Having dealt with standards before in an engineering sense. Claiming you satisfy a certain specification does not mean it is the best, nor does it mean that you have implemented more than the minimum required. I also don't know if blackberry did reduce their level of encryption to facilitate the NSA/US Government. Guess I'll have to find links to these too. (Can't find it yet and I'm feeling a bit lazy today, sorry, so my primary concern of NSA accessing server data through UNOFFICIAL requests is up in the air. All companies across the board have it stated in their privacy policy that they disclose data through lawful requests, so that's a given, the other concern is unlawful snooping and decryption efforts. There was an article I read where someone was interviewing Sergey Brin and mentioned a potential law that could come into effect where tech companies could be required to hand over data to the NSA/Government, but they could not make public any such acquisitions. I don't know if that law ever came into effect.... if it did then we have other friggin' big problems in terms of privacy and security).

    -iOS 10's data collection is still very minimal, and it's also anonymized. It uses differential privacy to prevent deanonymization of the data - effective in theory, though we need to know more about Apple's implementation to draw some serious conclusions. There are definitely opt-out options in the settings that you can tweak to your liking as well.
    I would expect that apple's data aggregation is still "minimal" as you put it when compared to others (however 12 years of data collection on location data alone based on the article I linked is still a bit much in my opinion). The implementation of differential privacy by apple was not known to me and it is definitely a welcome feature. And I agree we cannot make any conclusive statements on whether it is successful and it is reported attempts to implement ad-hoc approaches can be overcome. I will have to take your word on the opt-out options as I am not a current owner and I don't really know anyone personally who does have an iPhone. You also have not stated what options you can opt out of... Some programs prevent you from changing any access options etc.

    -Hardware signing & integrity checks are not unique to BlackBerry. Samsung & Apple both do it as well - others probably do too, but those are the ones I'm certain about.
    I can only find here and here, they seem to confirm what I thought as well as mention that the implementation of security algorithms can usually be done on any platform regardless of whether x32 or x64. They've even said that most advanced algorithms still need to broken down into several separate instructions to feed to a x64 processor. HOWEVER, having said this, I do appreciate the potential speed increase that can be had from reducing instructions even by one (trust me... I know coming from a Tandy Portable Keyboard Computer and having to optimise BASIC code, LMAO), and the benefits of x64 being able to allow implementation of more complex and more secure encryption techniques..
    Last edited by K3_Cubed; 07-19-16 at 07:08 PM. Reason: Response updated
    07-15-16 06:43 AM
  20. lord_hibiskus's Avatar
    Hah sorry for off topic, but thread name reminded me of a song called "Freed from desire" from band called Gala.

    Feedback desired, mind and senses purified!



    Posted via CB10
    07-16-16 12:40 AM
  21. K3_Cubed's Avatar
    Hah sorry for off topic, but thread name reminded me of a song called "Freed from desire" from band called Gala.

    Feedback desired, mind and senses purified!



    Posted via CB10
    LMAO..... you must REALLY like that song. Checked it out, not my genre per se, but to each his own.
    07-19-16 07:31 PM
  22. K3_Cubed's Avatar
    Okay, finished the post response. Seems nobody really is interested in the nitty gritty behind the security and privacy aspects. I suggest the thread be closed after a week if no substantial beneficial responses are garnered.
    07-19-16 07:38 PM
  23. LazyEvul's Avatar
    Lots of stuff to respond to, so a very large post is incoming

    I appreciate the feedback, and as I said I am not a security expert, but I attempted to correlate across different snippets of information that people give in order to provide a more complete picture. No one has provided links to any one article that substantially deals with all of the issues involved in privacy and security in a single place. While I can't discuss everything detail, the post could serve to thoroughly flesh out and educate anyone on the reality of any situation.
    Absolutely. I'll try to link to some good sources when I have time, but what I've said thus far comes from a few years of reading expert accounts of exploits, new OS versions, new devices, and general issues within security and technology. It's an area of great interest for me.


    I am going to have to respectfully disagree with your position. I mentioned that the open-source nature is a double edged sword with the potential for exploitation whilst at the same time allowing discovery of things that need to be patched or can be done better, and I made reference to Linux as an example..... But you are implying it's only one edged....The best similitude I can put forward is that a safe-cracker arguably has a easier time getting to the safe to crack it using a bank's blueprint that without using it. By "researchers" I take it you mean those independent security firms/companies who produce reports on any potentially new dangers that need to be fixed. I agree that this is valuable and helpful. But at the same time the numerous eyes that are out there who may see an exploit and choose use it rather than report it is also valid. Remember the Open SSL Heartbleed incident? Here are two 1 ;2 on it. From what I remember as well, the primary German Coder on the standard allegedly knowingly introduced that hole since inception. I really do have to find that link to the story: Hrrrrrmmmm, can't find the original article, but found one that references accusations made that he did do it deliberately and one that says it was an oversight. It was MIND BLOWING for me at that time.... Imagine all the eyes of the open source community and that managed to slip!!! And yes, I suppose if it wasn't for "research firms" we may never have known about it. But the question is, was the fact that it was open source and freely available to other eyes make it exploitable long before researchers could have found it? So again, I can't agree to the single edged sword argument.
    That's not really the argument I was making, what I'm trying to say is that one "edge" outweighs the other. Here's a good quote from back when people were worried about the publication of methods of breaking locks. It comes from an excellent book on security engineering, which you can find here: https://www.cl.cam.ac.uk/~rja14/book.html.

    Despite its pre-computing origins, I think it sums up my position, and the position of most security experts I've observed, best:

    Rogues are very keen in their profession, and already know much more than we can teach them respecting their several kinds of roguery. Rogues knew a good deal about lockpicking long before locksmiths discussed it among themselves ... if there be harm, it will be much more than counterbalanced by good.
    In short: the "bad guys" are already good at their job. We gain more from helping the good guys, even if we make the bad guys' lives slightly easier. Systems that aren't widely used, like the POTUS' phone, may be an exception to this because of how few people are given access to knowledge about the system. But when you have hundreds of millions of devices worldwide, there's already an abundance of knowledge out there for attackers to work with - some of which probably isn't publicly known.

    As for OpenSSL in specific, the trouble with that project was that it was neglected by the companies that used it. This is certainly a risk with certain open-source projects, but the risk is much lower with products like Android and iOS, because those codebases are much more directly tied to the company's success than something like OpenSSL.

    Yes I did say that google has implemented measures by way of encryption etc. to prevent data access, both locally and on servers. I seem to recall an article talking about the only fairly recent attempts by all of the major manufacturers to actually encrypt data stored on their servers. The data was never actually encrypted in the earlier days apparently, it was just scrambled but not truly encrypted, not 100% sure. I'll have to search for that article again. (Sheesh, can't find it, all I can find is a reference to the start of encrypting traffic from data center to data center starting around 2014)
    All I remember hearing is the story you linked to as well, though there was certainly a time when encryption was avoided (even on the server side) for performance reasons - but we've long since passed that point.

    I've read about the FIPS 140-2 certifications across the board, but I'm still reading into it. Having dealt with standards before in an engineering sense. Claiming you satisfy a certain specification does not mean it is the best, nor does it mean that you have implemented more than the minimum required. I also don't know if blackberry did reduce their level of encryption to facilitate the NSA/US Government. Guess I'll have to find links to these too. (Can't find it yet and I'm feeling a bit lazy today, sorry, so my primary concern of NSA accessing server data through UNOFFICIAL requests is up in the air. All companies across the board have it stated in their privacy policy that they disclose data through lawful requests, so that's a given, the other concern is unlawful snooping and decryption efforts. There was an article I read where someone was interviewing Sergey Brin and mentioned a potential law that could come into effect where tech companies could be required to hand over data to the NSA/Government, but they could not make public any such acquisitions. I don't know if that law ever came into effect.... if it did then we have other friggin' big problems in terms of privacy and security).
    FIPS140-2 is actually seen as detrimental to security in many circles. I'll try to find some good sources on that when I can, but the general gist is that it's slow to adapt to changes and encourages certain bad practices.

    As far as the NSA potentially weakening encryption goes, that's a very murky subject for obvious reasons, but most commercial encryption is probably safe, based on a combination of what I've heard from cryptographers and public statements from the NSA director in support of encryption.

    Companies can already be forced to hand over data and keep quiet about it through the use of National Security Letters with a gag order, however. This is why some companies like to keep warrant canaries in their transparency reports. If the canary disappears, it's a subtle and legal way to indicate that the company has received such a letter. It's useless for large companies like Google, Facebook and Apple though - it's almost certain all of them have received NSLs with a gag order at some point in their history.

    Having said that, the type of data that can be requested through an NSL is limited - usually metadata rather than content, from what I gather.

    I would expect that apple's data aggregation is still "minimal" as you put it when compared to others (however 12 years of data collection on location data alone based on the article I linked is still a bit much in my opinion).
    The location data is still anonymized, however. It may be possible to link it back to you for an adversary like the NSA, for sure, but it'll take more work than a simple subpoena.

    The implementation of differential privacy by apple was not known to me and it is definitely a welcome feature. And I agree we cannot make any conclusive statements on whether it is successful and it is reported attempts to implement ad-hoc approaches can be overcome. I will have to take your word on the opt-out options as I am not a current owner and I don't really know anyone personally who does have an iPhone. You also have not stated what options you can opt out of... Some programs prevent you from changing any access options etc.
    There's a lot of options to opt out of. As an example, here are the system services alone that I can flat-out refuse to provide location data for on my iPhone:

    • Cell Network Search
    • Compass Calibration
    • Find My iPhone
    • HomeKit
    • Location-Based Alerts
    • Location-Based iAds
    • Motion Calibration & Distance
    • Safari & Spotlight Suggestions
    • Setting Time Zone
    • Share My Location
    • Wi-Fi Networking
    • Frequent Locations
    • Diagnostics & Usage
    • Popular Near Me
    • Routing & Traffic
    • Improve Maps


    And, of course, an app always has to ask for your permission to use location - this includes built-in apps like Weather or the App Store. iOS also offers a bit of granularity to the location permission - there is a "While Using the App" permission and an "Always" permission. Most apps only use the former in my experience, which means they can only use your location while the app is open. This might be because Apple is stricter about apps that request "Always" access (since it means the app will access your location while it runs in the background as well), but I can't find a hard and fast developer rule to confirm this - only a guideline in the API documentation.

    Having said that, you can still kill an app's background access to location data - even if it only offers the "Always" option - by disabling the Background App Refresh permission. Since the app won't have permission to run in the background, it also won't have permission to gather location data if it's not active. The API documentation confirms this.

    Anyway, the point is I never implied that it was shocking for Windows 10 to be more secure based on progression...
    Not sure what I was trying to respond to there anyways, but since we seem to agree on Windows 10, I'll leave it alone

    When it comes to the implementation of specific chipsets / SOC's and their properties I am not as knowledgeable so I will yield to it there. Haven't really followed up on the mobile front with regards to ARM architecture and whether they are x32 or x64 implementations. From what I basically understand, the primary difference between x32 and x64 is that one (the x64) can handle a lot more data at a time than the other. It's more about being able to process more data faster. From two online sources here and here, they seem to confirm what I thought as well as mention that the implementation of security algorithms can usually be done on any platform regardless of whether x32 or x64. They've even said that most advanced algorithms still need to broken down into several separate instructions to feed to a x64 processor. HOWEVER, having said this, I do appreciate the potential speed increase that can be had from reducing instructions even by one (trust me... I know coming from a Tandy Portable Keyboard Computer and having to optimise BASIC code, LMAO), and the benefits of x64 being able to allow implementation of more complex and more secure encryption techniques..
    The 64-bit iPhones are really preferred because they happen to include the Secure Enclave in their processor - which deals with the storage of the device encryption key and fingerprint data. It makes full device encryption more effective and helps stall brute-force attacks against the password as well, by hard-wiring an 80 millisecond delay between password attempts. Touch ID also offers the security benefit of protecting against shoulder-surfers picking up your password, though of course, it has drawbacks for certain threat models as well.

    Having said that, 64-bit does have at least one security benefit. Because of the larger address space, Address Space Layout Randomization (ASLR) becomes a more effective defense against malware. Pretty much all modern operating systems make use of ASLR - though it's known to be more or less broken on Android.
    Last edited by LazyEvul; 07-20-16 at 10:54 PM.
    MikeX74 likes this.
    07-20-16 10:27 PM
  24. K3_Cubed's Avatar
    Ok, think I need to trim down on quoting now as the posts can get too long (BTW, I do appreciate the time you took to answer properly. Not many people clarify in their responses and it only leads to ambiguity and lack of clarity, so the wording is appreciated).

    Regarding the link, thank you very much, I will try to take a look at it as soon as I can. It looks fairly detailed based on the table of contents alone. I skimmed through the page and it seems to be only in an HTML format, not that it's a problem, but do you know of any PDF by chance? I'll search for it regardless, but just asking in case you already know of one.

    With regards to the "Rogues" already being good at what they do, I think I can understand this... But damn... is it really so easy to be bad and so hard to be good? I suppose you are referring to a "rogue's" ability to find holes in assembly level "footprints" rather than having to need to know the code, whereas a white hat will not really find the assembly level useful in terms of patching, maybe only in reporting. Dunno, think that's a topic that could swell into a whole other post.

    All the other points, I take where you are coming from. Yes we don't REALLY know the capability of the NSA to break or weaken encryption for certain, and the gag orders you refer to are already there as such, as you mention, to prevent anyone from knowing if summons is made for info. But I believe those gag orders are more "after the deed legality cards".... if they had a specific law in place I think that would be more unrestricted and without the knowledge of any third party, but again, a topic for another thread, or maybe even forum...

    With the examples you give for the iPhone in relation to the location data specifically, are you able to prevent things like contacts/email/photo sharing for some of those settings? Like advertising etc. I agree that what you have mentioned is very detailed for controlling the location information sharing, but what about those other things? Also, does apple allow you to remove the permissions requested by an app for accessing data? Or are some data not controllable...

    Gosh dangit... seems time has run out... got to go.. will continue later.,
    Last edited by K3_Cubed; 07-24-16 at 09:44 PM. Reason: Bad english
    07-22-16 06:25 AM
  25. LazyEvul's Avatar
    Regarding the link, thank you very much, I will try to take a look at it as soon as I can. It looks fairly based on the table of contents alone. I skimmed through the page and it seems to be only in an HTML format, not that it's a problem, but do you know of any PDF by chance? I'll search for it regardless, but just asking in case you already know of one.
    There is indeed a PDF! The link is kind of buried at the bottom of the webpage I gave you, but here's a direct link to it: https://www.cl.cam.ac.uk/~rja14/musi...ripts/SEv1.pdf

    It's a rather old book by now, so the examples are outdated (you'll see lots of mentions of Windows 2000) - but the principles still hold true. Very long read though, expect to take a while to finish it, but it's an excellent primer on a wide variety of topics in security engineering.

    With regards to the "Rogues" already being good at what they do, I think I can understand this... But damn... is it really so easy to be bad and so hard to be good? I supposed you are referring to a "rogues" ability to find holes in assembly level "footprints" rather than having to need to know the code, whereas a white hat will not really find the assembly level useful in terms of patching, maybe only in reporting. Dunno, think that's a topic that could swell into a whole other post.
    It's a complicated and somewhat uncertain discussion, but I'll say this: I know a lot of security researchers who got their start by contributing to open-source projects. It's an easy point of entry that's a lot less daunting than figuring out how to reverse-engineer things, and some projects (like Android) offer bug bounties for your work too.

    With the examples you give for the iPhone in relation to the location data specifically, are you able to prevent things like contacts/email/photo sharing for some of those settings? Like advertising etc. I agree that what you have mentioned is very detailed for controlling the location information sharing, but what about those other things? Also, does apple allow you to remove the permissions requested by an app for accessing data? Or are some data not controlable...
    There are plenty of other permissions to control, yes - specifically Contacts, Calendars, Reminders, Photos, Bluetooth Sharing, Microphone, Camera, data from the Health app, HomeKit, your media library, and motion & fitness data gathered by the built-in motion coprocessor. You can disable fitness tracking altogether as well if you'd prefer.

    The app must ask before gaining access to these permissions, and any of them can be disabled after the fact. Some apps may not work without certain permissions - or at the very least some functionality will break - but this is to be expected. Pokemon Go simply wouldn't work without location data, as an easy example.

    There's also an option to opt-out of targeted advertising (this must be respected by all apps and their advertisers, per Apple's rules), reset your advertising identifier (this is done automatically when you opt-out from targeted ads), and choose whether or not to send diagnostics & usage data to Apple (separate from the ability to withhold location data from diagnostics & usage data, in case you want to provide this data sans location).

    If there isn't a permission for it, an app shouldn't be able to access it - you mentioned email, for instance, but there's no API to access accounts in the built-in Mail app. You'd have to enter your email account separately into another app if you wanted it to have access.
    Last edited by LazyEvul; 07-22-16 at 06:37 PM.
    07-22-16 06:17 PM
28 12

Similar Threads

  1. Positive feedback for DocFreed
    By glidewells in forum Buy, Sell, Trade - Feedback
    Replies: 4
    Last Post: 02-14-17, 12:25 PM
  2. Positive feedback for Lefty724
    By bunky1971 in forum Buy, Sell, Trade - Feedback
    Replies: 1
    Last Post: 07-01-16, 07:02 AM
  3. Positive feedback for Gloommerchant
    By Jamie Wooten in forum Buy, Sell, Trade - Feedback
    Replies: 0
    Last Post: 06-17-16, 07:28 PM
  4. Priv Questions and Feedback Needed
    By nvsfg in forum BlackBerry Priv
    Replies: 22
    Last Post: 06-04-16, 05:54 PM
  5. FEEDBACK for Boltz82
    By docfreed in forum Buy, Sell, Trade - Feedback
    Replies: 0
    Last Post: 05-24-16, 08:18 AM
LINK TO POST COPIED TO CLIPBOARD