[bb10adopter111]

BACKGROUND:
The recent update to the Hub on Android, which has rendered SMS messages a lot less usable for me, has stimulated me to rethink my expectations for my KEYone. I have decided to take a minimalist approach designed to reduce my attack surface and prioritize privacy as much as possible, while still using Android for Work for my business.

PLAN:
Over the next month, I intend to start from scratch in setting up my phone, using my knowledge and access to experts in privacy and cybersecurity to minimize the likelihood of compromise and the amount of personal data shared with my carrier, Google, and other third parties. I will be uncompromising on security, but there will be a number of tradeoffs made when it comes to convenience and privacy. However, the underlying principle will be to only compromise my privacy where I absolutely need to in order to make the phone a practical device suitable for single carry as a primary work phone.

THE QUESTION FOR CRACKBERRIANS:
I'm going to go through this exercise for myself and to prepare research for my clients. But it occurred to me that some of the folks here on the CrackBerry forums may be interested as well.

Please respond below if you'd like me to share my journey in a thread, and add any questions or suggestions that you would like to see me address.

If 100 or more people want me to do this on CB, I will do it.

Posted with my trusty Z10

[idssteve]

YES!! Count me in! Since I'm using three K's, (1, 2, & LE) can my vote count as 3? Hehe...

I've been pondering this concept myself but little free time to pursue it properly. Right now, for better or worse, LE has been serving as defacto banking, bill paying, ordering, etc, etc. Handset. It has never been on wifi and very limited browsing. Only very trusted email over a very trusted account get opened on it. Browsing, videos, etc all get done on my K2 and anything remotely risky, like opening a questionable attachment, happens on k1. I've employed as near zero as possible of any passwords over k1. If something needs a password, LE gets grabbed. Right or wrong, that's been defacto practice, for me. I'd sure like to learn better practices!

Also, 9930 still serves most sms/mms & non-html email functions. K's sms learning curve has been disrupted by the latest fix-it-till-it's- broke "update"... lol.

[anon(10562251)]

Well, I don't have a BBMo device at the moment but FWIW I do have the suite installed and use it daily, so I will follow this thread with interest. Thanks in advance for your efforts.

[bb10adopter111]

Well, I don't have a BBMo device at the moment but FWIW I do have the suite installed and use it daily, so I will follow this thread with interest. Thanks in advance for your efforts.

I would expect 90% of what I do will be applicable on any Android that isn't compromised by a poor implementation of Android by the OEM and/or carrier. So Samsungs, Pixels, LGs, and Sonys ought to be fine. I'm less sure when it comes to Huawei and the other Chinese OEMs. None of them have ever been submitted to a significant security audit of which I am aware.

Posted with my trusty Z10

[bb10adopter111]

I'm less sure when it comes to Huawei and the other Chinese OEMs. None of them have ever been submitted to a significant security audit of which I am aware.

I should add that, to my knowledge, neither have the BBMo phones, though BlackBerry Limited, who are responsible for the Android Implementation, do have a significant history of past performance in mobile security.

Posted with my trusty Z10

[bh7171]

Excellent topic and idea. Having recently switched back to a PKB BlackBerry and a BE KeyOne from my S9 I am interested.

When I decided to set up my new BlackBerry I did not utilize a back up and or saved profile of apps in Google.

I started fresh, disabled Chrome and only added apps I thought absolutely necessary for our business, managing and organizing family activities (very active kids) and my soccer coaching duties.

So far I have been rewarded with a very responsive, efficient and hopefully secure PKB smart phone that can easily last me 2+ days with my usage patterns.

[Tsepz_GP]

I will certainly be watching this closely from my Chinese device, to see how you manage and whether I should be worried.

Will be very interesting to see the outcome.

Thanks a lot!

[gebco]

I would be interested in seeing how this plays out. Using a Pixel 2XL

[TgeekB]

So you’re mostly doing this because you run a business using your phone?
I’m new to BBandroid (have used Android before as well as iOS and BB10) and recently purchased an LE. I do not own a business so mine is only a personal phone. I am a believer that security rests in the hands of the person using the device and Android, if used wisely, is pretty secure.
I am interested in what you find/do though. It’s always good to learn something new through experience and prevent ourselves from being vulnerable. Will definitely be following your thread!

[bb10adopter111]

So you’re mostly doing this because you run a business using your phone?
I’m new to BBandroid (have used Android before as well as iOS and BB10) and recently purchased an LE. I do not own a business so mine is only a personal phone. I am a believer that security rests in the hands of the person using the device and Android, if used wisely, is pretty secure.
I am interested in what you find/do though. It’s always good to learn something new through experience and prevent ourselves from being vulnerable. Will definitely be following your thread!

The reasons I'm doing this are 1) personal interest in privacy; 2) I'm in the business of cybersecurity risk management and regularly advise clients on how to reduce their "attack surface"; and 3) I've recently decided that the way I've tried to use Android for the past year and a half is not working for me, as too much of my personal information is being shared unintentionally.

Posted with my trusty Z10

[TgeekB]

The reasons I'm doing this are 1) personal interest in privacy; 2) I'm in the business of cybersecurity risk management and regularly advise clients on how to reduce their "attack surface"; and 3) I've recently decided that the way I've tried to use Android for the past year and a half is not working for me, as too much of my personal information is being shared unintentionally.

Posted with my trusty Z10

Well then your experience in cybersecurity risk management will give us a unique insight into the BBandroid platform. Now I’m even more interested! Thanks for doing this.

I have a question for you. I run my Gmail through my Outlook account. Does that affect security at all (good or bad)?

[Thud Hardsmack]

For true business use without going through (or maybe a little) of the following suggestions, check out Android for Enterprise, as well as G-suite accounts for business.

Start with your Google account, go through every tab and their sections and lock down and/or opt out of anything that isn't necessary. Gmail isn't necessary (it doesn't exist on my devices), but if it's used, go through it (and every other app installed) and check security settings, adjust to use case. Make sure to go into your device settings and deny apps' permissions if they don't have the necessary settings within the app itself. This may cause problems with some apps, so it's up to users to decide what's necessary. Go into Settings -> Accounts, check all accounts that sync and shut off any unnecessary or services within that are unnecessary. You can also deny overall sync capabilities within most Android devices as well as all background activity.

Here's a couple resources for deciding on an email client for Gmail replacements:

Email - which apps keep it private

A few others that should be in the above list:


Granted, if too many of these are engaged and/or denied your device won't work properly, but it's doable. It's more for regular users than business.

[bb10adopter111]

For true business use without going through (or maybe a little) of the following suggestions, check out Android for Enterprise, as well as G-suite accounts for business.

Start with your Google account, go through every tab and their sections and lock down and/or opt out of anything that isn't necessary. Gmail isn't necessary (it doesn't exist on my devices), but if it's used, go through it (and every other app installed) and check security settings, adjust to use case. Make sure to go into your device settings and deny apps' permissions if they don't have the necessary settings within the app itself. This may cause problems with some apps, so it's up to users to decide what's necessary. Go into Settings -> Accounts, check all accounts that sync and shut off any unnecessary or services within that are unnecessary. You can also deny overall sync capabilities within most Android devices as well as all background activity.

Here's a couple resources for deciding on an email client for Gmail replacements:

Email - which apps keep it private

A few others that should be in the above list:


Granted, if too many of these are engaged and/or denied your device won't work properly, but it's doable. It's more for regular users than business.

Good stuff. Just to add on...If you have a G Suite account, Google treats it very differently than a free account for email and Google Docs. Google's security is generally top notch, but their free accounts are bait to capture and track users and their personal data. The basic rule of the Internet is if you're not paying for the product YOU are the product.

Posted with my trusty Z10

[TgeekB]

Reading up on G-suite now.

[WaterTower]

I am definitely interested!

[Aju]

I always tried to do things to increase my privacy whenever I was using key phones. But I am nobody with knowledge on security and stuff. I just did whatever I found on internet to reduce my stuffs flying out from my phone. I had some trust with BB softwares untill lately somebody in this forum created a new post saying bb launchers do have google trackers juiced into them. Now I am lost.

I would really appreciate if you try (since u r from security background) and lay out things that can be done to maximise privacy in my BB keyphone.

Posted via CB10

[rarsen]

Greatly interested in your efforts, recently using a KEY2 here and haven't stopped using the Passport as a backup.

[silent.one]

Yes, am very interested in this topic and would appreciate a dedicated thread. I'm currently using a Passport SE, but want to prepare for a post-BB10 world, and a possible shift to an Android device. Many thanks for your insights and efforts.

Posted via CB10

[Chuck Finley69]

I'd like to participate as well....

[conite]

(I will only)... compromise my privacy where I absolutely need to in order to make the phone a practical device suitable for single carry as a primary work phone.

This is certainly the crux of the exercise. It varies wildly on how one defines "practical".

But I'm in!

[bb10adopter111]

This is certainly the crux of the exercise. It varies wildly on how one defines "practical".

But I'm in!

Yes. The appropriate trade-offs between security and convenience, and privacy and convenience vary tremendously depending on functional requirements and the threat model under consideration. I will try to be explicit about both!

[Ben xfg]

I'll be following along.

Posted via CB10

[anon(10218918)]

I am following, too.

Posted via CB10

[bb10adopter111]

OK. Given the quality of respondents, I'm not worried about the quantity. I'll lay out my plan and get started this week. I'll also set up a separate blog (with a pseudonym, of course!) to organize the resources. Once the project is complete, I'll see if the mods think a sticky thread I can maintain would be appropriate for CB users interested in the topic.

Please keep the questions and comments flowing!

[elfabio80]

I am following dude!