03-22-16 09:01 AM
46 12
tools
  1. bh7171's Avatar
    It seems like every time I read articles on smartphones and Android in particular another critical patch or security update is being released. So damn thankful to be using BlackBerry 10 on QNX. It has to chap BlackBerry faithful and those that adopted the Priv does it not?

    The White Knight-BlackBerry Passport
    03-19-16 12:16 AM
  2. John Vieira's Avatar
    Not really.

    I'd rather have software that's supported.

    Posted via \_(ツ)_/
    03-19-16 01:52 AM
  3. thurask's Avatar
    So damn thankful to be using BlackBerry 10 on QNX.
    Yeah, if you had a vulnerability like that it'd take half a year to trickle down...
    03-19-16 03:21 AM
  4. JeepBB's Avatar
    It seems like every time I read articles on smartphones and Android in particular another critical patch or security update is being released. So damn thankful to be using BlackBerry 10 on QNX. It has to chap BlackBerry faithful and those that adopted the Priv does it not?
    My take-away from your post is that Android seem to take security really seriously and are actively striving to be on top of vulnerabilities as quickly as possible.

    Meanwhile, BB10 waits for the 10.3.3 security updates patch.

    Oh sorry, I've realised that wasn't what you wanted me to take away from your post...
    FF22, TgeekB, Ronindan and 1 others like this.
    03-19-16 04:47 AM
  5. Uzi's Avatar
    Yep remember browser vulnerability in BlackBerry 10 ,took how long they patch it?? Lmao
    03-19-16 04:49 AM
  6. sorinv's Avatar
    Yep remember browser vulnerability in BlackBerry 10 ,took how long they patch it?? Lmao
    Less than a week. They did not wait for a month to patch as with android Priv.
    03-19-16 08:10 AM
  7. Uzi's Avatar
    Less than a week. They did not wait for a month to patch as with android Priv.
    Nope more than that FREAK vulnerability if I recall correctly
    03-19-16 08:36 AM
  8. Dunt Dunt Dunt's Avatar
    How many vulnerabilities did we find out BBOS have, that we didn't find out till
    later.... And that are still there.

    The way I see it, if the BB10 development team has so many issues with the Contact App and other minor annoyances... I have to wonder if BB10 received the attention from these security testers, how it would hold up. Especially the browser and the runtime... Which is Android.
    03-19-16 08:42 AM
  9. Uzi's Avatar
    How many vulnerabilities did we find out BBOS have, that we didn't find out till
    later.... And that are still there.

    The way I see it, if the BB10 development team has so many issues with the Contact App and other minor annoyances... I have to wonder if BB10 received the attention from these security testers, how it would hold up. Especially the browser and the runtime... Which is Android.
    Heck they haven't fix upload to YouTube issue on bb10 ,almost a year now
    03-19-16 08:44 AM
  10. TgeekB's Avatar
    It seems like every time I read articles on smartphones and Android in particular another critical patch or security update is being released. So damn thankful to be using BlackBerry 10 on QNX. It has to chap BlackBerry faithful and those that adopted the Priv does it not?

    The White Knight-BlackBerry Passport
    You're trying way too hard to knock Android. It looks desperate.
    03-19-16 11:03 AM
  11. bh7171's Avatar
    I am not trying to knock Android too hard. Check out Android Central and Jerry Hildenbrand's thoughts on these matters and the deplorable job most OEM's do with applying these patches and or even updating the Software. Head to Android Central and read his take about Microsoft's recent Win 10 update. It's insightful. (especially his comments in posts) I have 4, read 4, Samsung Tab Pro tablets that I spent a lot of money on that remain unsecure and not updated thanks to Samsung. It seems to me reading so many articles here that many think BlackBerry is on an island in making mistakes and that's just not true. I have a '13 Z10 that is more up to date than my Android tablets.

    The White Knight-BlackBerry Passport
    03-19-16 12:21 PM
  12. bh7171's Avatar
    You're trying way too hard to knock Android. It looks desperate.
    You bought a Nexus 6, which market wise does not have that great a share but gets updates due to affiliation with Google. If you had bought a Note 4, G3, S5, G4 or even S6 would you even remotely be of the same thought?

    The White Knight-BlackBerry Passport
    03-19-16 12:27 PM
  13. bh7171's Avatar
    I do give BlackBerry props in regards to their timely updates on the Priv. That they have to make and send these updates so frequently with the Android OS is unfortunate.

    The White Knight-BlackBerry Passport
    03-19-16 12:37 PM
  14. Invictus0's Avatar
    I am not trying to knock Android too hard. Check out Android Central and Jerry Hildenbrand's thoughts on these matters and the deplorable job most OEM's do with applying these patches and or even updating the Software. Head to Android Central and read his take about Microsoft's recent Win 10 update. It's insightful. (especially his comments in posts) I have 4, read 4, Samsung Tab Pro tablets that I spent a lot of money on that remain unsecure and not updated thanks to Samsung. It seems to me reading so many articles here that many think BlackBerry is on an island in making mistakes and that's just not true. I have a '13 Z10 that is more up to date than my Android tablets.

    The White Knight-BlackBerry Passport
    The best thing you can do is vote with your wallet and buy from OEM's that provide regular updates. BlackBerry has been pretty good with updates on BB10, they seem to be doing just as good with security updates on Android. This applies to all platforms to be honest.
    TgeekB likes this.
    03-19-16 12:45 PM
  15. TgeekB's Avatar
    You bought a Nexus 6, which market wise does not have that great a share but gets updates due to affiliation with Google. If you had bought a Note 4, G3, S5, G4 or even S6 would you even remotely be of the same thought?

    The White Knight-BlackBerry Passport
    That's not Android's fault, it's Samsung's. I also don't download stuff from unknown sites, leave settings on my device open to attacks, open email links from someone I dont know, etc. Are these threats real? Yes they are, but they haven't caused damage to anyone I've known because most people aren't stupid. The smartest part is not the device but the user.

    Just my two cents though.
    03-19-16 02:02 PM
  16. bh7171's Avatar
    It is an inherent weakness in the Linux kernal and Android OS overall due to the sheer number of OEM's and models that remain in use and unsecure. I am not saying Android cannot and does not work as we all know it does. It just has so many inherent weaknesses and there is no easy fix, especially for those leased carrier branded devices. (read what the editors and contributors at Android Central are saying)

    This article although not AC was just a couple of weeks ago. Many of these users are probably not even aware.

    New Malware, Accessibility Clickjacking, affects 65% of Android devices
    http://n.mynews.ly/!EB.DiyTZ



    The newest member....Cobalt Classic
    03-19-16 03:20 PM
  17. bh7171's Avatar
    Here is another supporting article related

    http://www.digitaltrends.com/mobile/...e-ever-fix-it/

    The newest member....Cobalt Classic
    03-19-16 03:28 PM
  18. Ronindan's Avatar
    It is an inherent weakness in the Linux kernal and Android OS overall due to the sheer number of OEM's and models that remain in use and unsecure. I am not saying Android cannot and does not work as we all know it does. It just has so many inherent weaknesses and there is no easy fix, especially for those leased carrier branded devices. (read what the editors and contributors at Android Central are saying)

    This article although not AC was just a couple of weeks ago. Many of these users are probably not even aware.

    New Malware, Accessibility Clickjacking, affects 65% of Android devices
    New Malware, Accessibility Clickjacking, affects 65% of Android devices



    The newest member....Cobalt Classic
    The article that you linked is one of those click bait articles about android malwares. These articles always have the same pattern, they make bold claims that billions of potential android users exposed to a new malware.... etc. But later in the article it always state the user has to download the malware app from a 3rd party app store. And more importantly change the setting on their phones to allow downloaded apps from an 3rd party app store to be installed on their device.

    And that setting is on all android phones regardless of who the OHA OEM is. The UI might change but that setting and more importantly that step is always there.

    Here is the original source of the article.

    https://www.skycure.com/blog/accessi...-clickjacking/

    The article pretty much said that in order for your phone to be infected you have to:


    • Run kitkat (which was released in 2013)
    • Change your security settings in order to allow for downloads from 3rd party apps store. And ignore all warnings/prompts telling the user if they wish to change the setting.
    • Actually head to malicious websites sites and download corrupted content or in this case a "game" and ignore the warnings generated by that action as well


    And here is symantec's writeup of the malware that was linked on the article you posted.

    https://www.symantec.com/security_re...209-99&tabid=2

    It even state that for the malware to work:

    "Functionality
    The malicious app must be installed manually by the user before the Trojan can perform any activities."





    Last edited by Ronindan; 03-20-16 at 08:03 AM.
    03-19-16 05:30 PM
  19. Dunt Dunt Dunt's Avatar
    In other words you would lay all your valuables on the coffee table, open the front door, invite strangers in, and then leave for a few hours expecting it all to still be there.
    JeepBB, TgeekB and Ronindan like this.
    03-19-16 05:55 PM
  20. Ronindan's Avatar
    In other words you would lay all your valuables on the coffee table, open the front door, invite strangers in, and then leave for a few hours expecting it all to still be there.
    or using passwords such as 12345 or 0000 or 9999.....lol
    JeepBB and TgeekB like this.
    03-19-16 06:03 PM
  21. TgeekB's Avatar
    It is an inherent weakness in the Linux kernal and Android OS overall due to the sheer number of OEM's and models that remain in use and unsecure. I am not saying Android cannot and does not work as we all know it does. It just has so many inherent weaknesses and there is no easy fix, especially for those leased carrier branded devices. (read what the editors and contributors at Android Central are saying)

    This article although not AC was just a couple of weeks ago. Many of these users are probably not even aware.

    New Malware, Accessibility Clickjacking, affects 65% of Android devices
    http://n.mynews.ly/!EB.DiyTZ



    The newest member....Cobalt Classic
    It doesn't "affect" 65% of Android devices. That would mean they all have been affected, which they have not. Even "vulnerable" is a stretch.

    Yes, Android is open source, which means it is not as tightly wrapped as other os's. It also means it creates innovation through third party devs. Many people on here want to believe that Android is a "mess", but what it is is the leading smartphone OS because of what it can do.
    03-19-16 08:00 PM
  22. sorinv's Avatar
    You bought a Nexus 6, which market wise does not have that great a share but gets updates due to affiliation with Google. If you had bought a Note 4, G3, S5, G4 or even S6 would you even remotely be of the same thought?

    The White Knight-BlackBerry Passport
    And it's a Chinese phone by a company whose CEO is a former Chinese army general. How secure is that?
    bh7171 likes this.
    03-19-16 08:08 PM
  23. bh7171's Avatar
    The article that you linked is one of those click bait articles about android malwares. These articles and always have the same pattern, they make bold claims that billions of potential android users exposed to a new malware.... etc. But later in the article it always state the user has to download the malware app from a 3rd party app store. And more importantly change the setting on their phones to allow downloaded apps from an 3rd party app store to be installed on their device.

    And that setting is on all android phones regardless of who the OHA OEM is. The UI might change but that setting and more importantly that step is always there.

    Here is the original source of the article.

    https://www.skycure.com/blog/accessi...-clickjacking/

    The article pretty much said that in order for your phone to be infected you have to:


    • Run kitkat (which was released in 2013)
    • Change your security settings in order to allow for downloads from 3rd party apps store. And ignore all warnings/prompts telling the user if they wish to change the setting.
    • Actually head to malicious websites sites and download corrupted content or in this case a "game" and ignore the warnings generated by that action as well


    And here is symantec's writeup of the malware that was linked on the article you posted.

    https://www.symantec.com/security_re...209-99&tabid=2

    It even state that for the malware to work:

    "Functionality
    The malicious app must be installed manually by the user before the Trojan can perform any activities."





    And how many Android devices are still on KitKat never to be updated but are in fact in use? The article is not misleading. Fragmentation is real in Android. There is no refuting this factual information.

    The White Knight-BlackBerry Passport
    03-19-16 09:04 PM
  24. Ronindan's Avatar
    And how many of these users were actually affected by these malwares? Not "potentially", "might be" or "could be" but actually affected?* The reason that you won't find articles that actually provide that information is that there actual measures that prevent android users from downloading malicious apps. One of them is that users actually have to change a very important setting - which is to allow their phone to download and install apps from 3rd party sites. And if the user decided not download the app or even install it then they don't get the malware. And as I posted before this setting and prompts are in kitkat as well.

    Also the article that you posted only offered one solution to the problem while neglecting to mention the rest of the solutions listed from their source article which were:

    "The following is a list of user behavior recommendations to better protect end users from mobile threats:

    • Update the operating system to the latest as soon as an update becomes available
    • Do not click on any dialogue boxes popping up on your phone unless and until you are sure about the action that caused them to appear
    • Do not install applications from third-party app stores if you do not trust them (while in many cases this is not a realistic option, try to switch off the setting that allows third-party app installation)

    (a) Step 1 – Open “Settings” app.
    (b) Step 2 – Navigate to “Security” settings
    (c) Step 3 – Uncheck “Unknown sources”

    • Check for apps that utilize accessibility permissions on your device and turn this option off if you don’t recall turning it on or if you do not require that functionality.

    (a) Open “Settings” app.
    (b) Navigate to “Accessibility” settings
    (c) Make sure there is either no there is no group named “Services”, or the group has no enabled entries."
    TgeekB likes this.
    03-19-16 11:42 PM
  25. JeepBB's Avatar
    or using passwords such as 12345 or 0000 or 9999.....lol
    Ahhhh, yes.... <reaches for phone> ...
    03-20-16 04:48 AM
46 12

Similar Threads

  1. 10.3.3 for BlackBerry z10 stl100-3??
    By pshrbaiabsbeidban18373 pq in forum Ask a Question
    Replies: 1
    Last Post: 03-18-16, 11:31 PM
  2. Stocks app for BB10
    By maxpowerxiii in forum BlackBerry 10 Apps
    Replies: 0
    Last Post: 03-18-16, 10:49 PM
  3. Vote for the Classic on TechnoBuffalo!
    By conbrio29 in forum BlackBerry Classic
    Replies: 1
    Last Post: 03-18-16, 09:58 PM
LINK TO POST COPIED TO CLIPBOARD