Software cannot secure hardware bugs: BlackBerry Priv affected amongst others.
-
- Over-priced? Maybe for some; particularly those with no appreciation for creative design and value added features. If BlackBerry hadn't invested the time and money to clean up Android and put diapers on it, I wouldn't have touched Priv or any other Android device. BlackBerry's enhancements to the Android experience make it useable. But just barely.
Now run along and be a good Android fanboy...
Posted via BlackBerry Priv STV100-1
Ps. I can't be a fanboy, I switch between iOS and Android throughout the day sorry kid.Last edited by Tsepz_GP; 08-09-16 at 01:14 PM.
08-09-16 12:09 PMLike 0 -
I've always had Nexus devices around using various launchers and email clients, but I find the BlackBerry Launcher and HUB far better.
I also like how DTEK works handling permissions. It also makes me FEEL better knowing there is better resilience to a persistent root with the hardware root of trust and integrity detection.
That's just me, but I hope enough others will agree so we can keep BlackBerry devices around for a while.08-09-16 12:19 PMLike 4 -
- I will say that, for me, BlackBerry has made Android better.
I've always had Nexus devices around using various launchers and email clients, but I find the BlackBerry Launcher and HUB far better.
I also like how DTEK works handling permissions. It also makes me FEEL better knowing there is better resilience to a persistent root with the hardware root of trust and integrity detection.
That's just me, but I hope enough others will agree so we can keep BlackBerry devices around for a while.
I hope so, either way, no user will get into trouble here, unless they are looking for it.08-09-16 12:25 PMLike 0 - Regardless, for most users it means they have nothing to worry about.
There could be hardware code problems in Apple A-series SoCs, Samsung Exynos SoCs and Huawei Kirin SoCs, but the number of Snapdragon devices that exist by far outnumber all 3 put together, worth it to invest and find ways to exploit them and get money from people who don't know any better.08-09-16 02:03 PMLike 0 - DenverRalphyRetired Network ModNo, hardware does not have Hardwired code. Hardware only passes on input. It's nothing more than a sequence of logic switches. If you've indeed written "hardware code", then you'd know the difference between software, hardware, and firmware. What you're alluding to is firmware, which is actually software but in an isolated environment, which can be replaced. It's not Hardwired. Any modern chip can be reflashed without having to replace that chip.Bluenoser63 likes this.08-09-16 02:26 PMLike 1
- It would be interesting if anybody checked those "prohibitively expensive" Passport drivers to see if they suffer from the same problem. If they were developed by Qualcomm and not by BlackBerry, they may very well suffer from the same flaws.08-09-16 02:28 PMLike 0
- No, hardware does not have Hardwired code. Hardware only passes on input. It's nothing more than a sequence of logic switches. If you've indeed written "hardware code", then you'd know the difference between software, hardware, and firmware. What you're alluding to is firmware, which is actually software but in an isolated environment, which can be replaced. It's not Hardwired. Any modern chip can be reflashed without having to replace that chip.
However, you can hardwire code into IC's. This is done regularly with fuses. You burn them once and you cannot reverse the process through software. You can hardwire "1"s and "0". That's what code ultimately is.
In the 1980's people even hardwired the Spice simulator into a dedicated IC to make it run faster than in software.
It is true that pretty much every chip now has a digital interface through which it can be programmed. That makes even analog and RF chips vulnerable to software bugs, as seems to be the case here.
However, the statement that this proves that BlackBerry, Google, Samsung and others cannot secure through software ICs designed and fabricated by other vendors remains valid.Last edited by sorinv; 08-09-16 at 03:08 PM.
08-09-16 02:53 PMLike 0 -
- I wouldn't. The title of the thread is an engineering and philosophical topic. It's not about Android, it's not about apps, it's about the inability of a software company to guarantee the integrity of the hardware it runs on if all or some of the details of the hardware design are kept away from it.08-09-16 03:05 PMLike 0
- I wouldn't. The title of the thread is an engineering and philosophical topic. It's not about Android, it's not about apps, it's about the inability of a software company to guarantee the integrity of the hardware it runs on if all or some of the details of the hardware design are kept away from it.08-09-16 03:08 PMLike 0
- DenverRalphyRetired Network Mod
OEMs are not strictly limited to what the chip makers dictate. In fact, they don't even have to use the drivers provided by the chip makers (though doing so makes their lives a lot easier).
Samsung is notorious for reflashing their own custom updates. Which is often why various 3rd party camera apps don't work as well as they do on other Android devices. Case in point, if you install and use the stock Android camera app, the digital zoom severely degrades picture quality, whereas if you digital zoom with the Samsung camera, it correctly accounts for it and optimizes the picture so that quality isn't degraded as much.
Which peeves me because I prefer the stock Android Camera over the Samsung camera on my Note 5. But the moment I realize that I have to zoom, I have to switch to the Samsung camera. Whereas on my Nexus device, the Google Camera is superior.08-09-16 03:09 PMLike 0 -
I didn't trust Apple under Jobs. I am beginning to trust Tim Cook, but I have no indication that his desire for privacy and security is matched by the competence of his crew to deliver them.
I still feel safer surfing on my passport or Linux than on my macBook. I can easily tell that from the kind of response I get from the same website...
Ultimately, a company's values depend a lot and can change with the values of the Board and CEO.08-09-16 03:13 PMLike 0 - Not really. Any OEM can reflash the chips, even if the device is already in the hands of the end user. Many updates sometimes reflash. Especially in the case of updating camera functionality.
OEMs are not strictly limited to what the chip makers dictate. In fact, they don't even have to use the drivers provided by the chip makers (though doing so makes their lives a lot easier).
Samsung is notorious for reflashing their own custom updates. Which is often why various 3rd party camera apps don't work as well as they do on other Android devices. Case in point, if you install and use the stock Android camera app, the digital zoom severely degrades picture quality, whereas if you digital zoom with the Samsung camera, it correctly accounts for it and optimizes the picture so that quality isn't degraded as much.
This is very common in the instrumentation, fiberoptics and RF industry.
As an IC designer, I can disable some functionality of my chip from some of my customers because that particular feature is exclusive to a specific customer. It happens all the time.08-09-16 03:17 PMLike 0 - I used to trust BlackBerry more than Qualcomm and Samsung before Chen joined.
I didn't trust Apple under Jobs. I am beginning to trust Tim Cook, but I have no indication that his desire for privacy and security is matched by the competence of his crew to deliver them.
I still feel safer surfing on my passport or Linux than on my macBook. I can easily tell that from the kind of response I get from the same website...
Ultimately, a company's values depend a lot and can change with the values of the Board and CEO.08-09-16 03:23 PMLike 0 - No. I use mostly Linux and don't change my PCs/laptops more frequently than 4 years. So far I have used bb10, but I have no idea what phone I'll buy next. For now, I purchased a second Passport to last me until the picture becomes clearer. There is no rush to buy a new phone.
Moore's law, the cellphone and semiconductor IC markets are saturated. There are no new dramatic developments that introduce new, must have, functionality, so people no longer miss much by not upgrading every year. I actually upgraded my cellphones three times between February 2013 and September 2014. Not since.
It is not uncommon for successful high tech companies to keep the same CEO (usually the founder) for a very long time. So you don't really have to change your buying pattern that often if the ethical values of the company are a concern. They aren't always, but for cellphones these days, they must be. Cellphones know too much about their user.08-09-16 03:43 PMLike 0 - No. I use mostly Linux and don't change my PCs/laptops more frequently than 4 years. So far I have used bb10, but I have no idea what phone I'll buy next. For now, I purchased a second Passport to last me until the picture becomes clearer. There is no rush to buy a new phone.
Moore's law, the cellphone and semiconductor IC markets are saturated. There are no new dramatic developments that introduce new, must have, functionality, so people no longer miss much by not upgrading every year. I actually upgraded my cellphones three times between February 2013 and September 2014. Not since.
It is not uncommon for successful high tech companies to keep the same CEO (usually the founder) for a very long time. So you don't really have to change your buying pattern that often if the ethical values of the company are a concern. They aren't always, but for cellphones these days, they must be. Cellphones know too much about their user.IndianTiwari likes this.08-09-16 07:46 PMLike 1 -
-
- Thing is though, it's not just the drivers, is it? It's the drivers and the interaction with the OS. These vulnerabilities give root access to the Android OS. I'm not saying it's impossible, but it would need to be different malicious code.08-09-16 08:01 PMLike 0
- Android bug fear in 900 million phones - BBC News
I have been posing that question here for over two years.
Again this proves that without controlling hardware, including designing your own integrated circuits and not buying them from others, a company like BlackBerry cannot claim security.
It's interesting that Samsung with Equinox processor (and Apple) are not on the list because they do not use the Qualcomm chip. They have their own.
This also goes back to the security (lack thereof) of a phone designed and assembled in China whose hardware integrity one might fully control.08-09-16 08:36 PMLike 0
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
Software cannot secure hardware bugs: BlackBerry Priv affected amongst others.
Similar Threads
-
WTT Z30 + Z10 for Priv
By OTCHRussell in forum Buy, Sell, Trade - Sold / ArchivedReplies: 16Last Post: 10-05-16, 08:47 PM -
BlackBerry 10 128gb micro SD problem
By skstrials in forum BlackBerry 10 OSReplies: 26Last Post: 08-12-16, 08:26 PM -
DTEK50 Cheapest BlackBerry since (BBOS 10)
By schumi_xtreme01 in forum BlackBerry DTEK50Replies: 40Last Post: 08-12-16, 12:45 AM -
When will Best Buy have the new Blackberry D50?
By Trentp03 in forum Ask a QuestionReplies: 3Last Post: 08-10-16, 02:30 AM -
I can not open the installed software
By CrackBerry Question in forum Ask a QuestionReplies: 1Last Post: 08-09-16, 11:20 PM
LINK TO POST COPIED TO CLIPBOARD