08-09-16 08:36 PM
225 ... 6789
tools
  1. sorinv's Avatar
    The article lists the HTC One and OnePlus One which have a Snapdragon 600 and 801 respectively.

    HTC One - Full phone specifications

    OnePlus One - Full phone specifications
    In that case, it may be possible, although the drivers are different, I would expect, between android and BB10.
    Else we wouldn't have people telling us that one reason no BB10 phone will be released in the future is because they can't afford to develop BB10 drivers for new qualcomm chips...
    08-09-16 08:42 AM
  2. sorinv's Avatar
    Samsung and Apple phones have their own weaknesses. And I think Samsung/Apple phones, I dunno, just a few of them might also be Chinese made ;-)
    Assembling them in China is not the same as designing them in China.
    It is much harder to introduce backdoors in the integrated circuits when you don't design them and all you do is just solder them on a board.
    You would have to reverse engineer the integrated circuit and make your own version with backdoor, and then replace the original IC with your own.
    This is not impossible to do but unlikely. Early Intel processors were commonly reverse engineered and mass produced in Eastern Europe during the Cold War, I am told. However, Qualcomm's and Apple's 64-bit processors of today are far more complex than the 8-bit and 16-bit processors of the 1980's.
    08-09-16 08:43 AM
  3. anon(9742832)'s Avatar
    Software drivers = Software.. Fixed through a software update = Software.
    Yes and no, a Tech guy will tell you they are different as one is standalone and one is not. Either way this is a looming problem across all platforms.
    08-09-16 08:44 AM
  4. Sairos's Avatar
    Yes and no, a Tech guy will tell you they are different as one is standalone and one is not. Either way this is a looming problem across all platforms.
    The hardware is all good, if its a hardware problem then they need to fix the hardware.. Its a problem in the software part and that's why it was fixed through a software update.. Qualcomm didn't get their software right.. A Physical thing as hardware chips can't be hacked.. The software that's connected to it can be hacked.. We're in the virtual phones business, any sort of malicious activity in tech is done through software.. All virtual.. The only thing that qualifies as something not virtual in this kind of world is social engineering..

    Door Locks and thermostats use Qualcomm? That's very high tech.. Only phones are affected in this case..
    08-09-16 08:53 AM
  5. anon(9742832)'s Avatar
    The hardware is all good, if its a hardware problem then they need to fix the hardware.. Its a problem in the software part and that's why it was fixed through a software update.. Qualcomm didn't get their software right.. A Physical thing as hardware chips can't be hacked.. The software that's connected to it can be hacked..

    Door Locks and thermostats use Qualcomm? That's very high tech.. Only phones are affected in this case..
    I should have explained further, the article stated that these other gadgets all have driver issues with very poor security. Some such as a Slade lock had no security from transmitter to receiver. The thermostats would save your password for your router, but it was not encrypted, amazing don't you think?
    IndianTiwari likes this.
    08-09-16 08:56 AM
  6. sorinv's Avatar
    The more accurate question is which part is not false information.

    First, its a software problem.. "so the whole software can't secure hardware bugs" is false.. Its indeed fixed through a software update because its a problem in the software drivers.. rendering the whole point of the thread useless.

    Second, the fact that Samsung phones are not affected is false too, they use Qualcomm alongside their chips and the S7 is affected.

    Third point.. he argues phones assembled or produced in china can't be secure.. That's just funny.. Doesn't matter where you assemble or produce them.. Qualcomm is american yet the vulnerability is coming from them.. So it has NOTHING to do with China..
    You misinterpreted my email.

    1) I did not write that this hardware code bug (yes it's software that controls the hardware (IC) but only works on that IC) had anything to do with China.

    All I said was that this proved that a software only company like BlackBerry cannot secure the hardware designed and fabricated by others.
    Today, DTEK is supposedly designed and manufactured in China and therefore BlackBerry cannot prevent any intentional backdoor in the hardware from acting on the phone in a way that BlackBerry did not envisage. That's it.

    2) as I mentioned in a subsequent post, only the Samsung GS7 that have the Qualcomm chip, not the GS7 that have the Samsung Equinox chip, were affected. This further proves 1) above. It's hardware related. Every processor needs its individual software code to be controlled by the phone. It's in the specific code developed by Qualcomm for its processor where the bug resides. It is not an android problem, although the bug may very well reside in the code written for android drivers.
    08-09-16 08:57 AM
  7. conite's Avatar
    Yes and no, a Tech guy will tell you they are different as one is standalone and one is not. Either way this is a looming problem across all platforms.
    That's why BlackBerry Android is a good solution right now.

    4 levels of protection:

    1) Not allowing app installs from unknown sources.

    2) Google Play Services scanning during install (which apparently would prevent this type of infection as stated by Google).

    3) Hardware Root of Trust which would not allow a persistent root, thus minimising the threat.

    4) BlackBerry Integrity Detection which would alert the user of OS compromise if alteration has occurred.
    08-09-16 08:59 AM
  8. anon(9742832)'s Avatar
    You misinterpreted my email.
    I did not write that this hardware code bug (yes it's software that controls the hardware (IC) but only works on that IC) had anything to do with China.

    All I said was that this proved that a software only company like BlackBerry cannot secure the hardware designed and fabricated by others.
    Today, DTEK is supposedly designed and manufactured in China and therefore BlackBerry cannot prevent any intentional backdoor in the hardware from acting on the phone in a way that BlackBerry did not envisage. That's it.
    That's a 100% true statement about any hardware made in a factory that you do not own.
    IndianTiwari likes this.
    08-09-16 09:01 AM
  9. anon(9742832)'s Avatar
    That's why BlackBerry Android is a good solution right now.

    4 levels of protection:

    1) Not allowing app installs from unknown sources.

    2) Google Play Services scanning during install (which apparently would prevent this type of infection as stated by Google).

    3) Hardware Root of Trust which would not allow a persistent root, thus minimising the threat.

    4) BlackBerry Integrity Detection which would alert the user of OS compromise if alteration has occurred.
    Yes 100%, its BlackBerry or nothing...............and by the way I finally figured out my Priv, to the great amusement of my son.
    IndianTiwari likes this.
    08-09-16 09:02 AM
  10. sorinv's Avatar
    That's a 100% true statement about any hardware made in a factory that you do not own.
    Correct, and that's why I wrote in this forums in the past (and now I am proven right) that BlackBerry could not secure the Qualcomm hardware.
    If there was/is a backdoor in the Qualcomm processors that BB10 and android BlackBerry phones use, BlackBerry is unlikely to be aware of it and is unable to circumvent its actions.

    Blackberry used to design their own chips, but that stopped circa 2001-2002.
    anon(9742832) likes this.
    08-09-16 09:06 AM
  11. Sairos's Avatar
    You misinterpreted my email.
    I did not write that this hardware code bug (yes it's software that controls the hardware (IC) but only works on that IC) had anything to do with China.

    All I said was that this proved that a software only company like BlackBerry cannot secure the hardware designed and fabricated by others.
    Today, DTEK is supposedly designed and manufactured in China and therefore BlackBerry cannot prevent any intentional backdoor in the hardware from acting on the phone in a way that BlackBerry did not envisage. That's it.
    I didn't misinterpret anything.

    Your thread has a lot of wrong info, and you choose not to admit any of them in responding.. you didn't take the time to correct the whole Samsung isn't affected thing. ( You edited your post and responded about the GS7, not my problem)

    You said in the thread SOFTWARE can't secure hardware bugs.. That's wrong.. No misinterpretation.. A software update was used to secure the software problem.. Thus its software even if its connected to the hardware.

    Its not BlackBerry's problem yet you paint it as if its.. Its Qualcomm's and this has nothing to do with china because BLOODY QUALCOMM IS AMERICAN.. Its Qualcomm's soft and even hardware.. What is china's relation to the discussion.. This is hilarious.. Some people really have a problem with china being successful in producing phones and they kinda use anything to make it look bad..

    Oh now its about Backdoors? Please, Don't bring backdoors in the discussion, We're taking something very specific here and its about the Qualcomm's software drivers.. Its not about backdoors and you even argue that people like apple who didn't use their chips are secure.. So, Apple still produce in china... The backdoor point is irrelevant and even if its relevant, it doesn't matter where you produce them.
    08-09-16 09:08 AM
  12. sorinv's Avatar
    THANK YOU!

    This goes for almost all exploits found in the last 2-3years in Android. You would have to want to get the exploit in your phone to get it and that requires turning multiple security settings.

    I've been saying this for a long time, these articles always conveniently forget to mention the multiple hurdles you have to go through for the exploit to infect your Android, and people who don't understand how Android works are the ones who cry about these exploits, while us Android users laugh it away, and get a security patch update for an exploit that wouldn't have affected us anyway.

    Its great that we have people who find these exploits, but the tech blogs and so on tend to severely exaggerate these things.







    ^^ These are the sort of people these articles are aimed at.
    Maybe it can block it now, after the security update, but Google had no clue about it until the researcher who discovered it alerted Qualcomm a very long time ago.
    If Google knew about it, all these phones, including the Nexus ones, would not have been affected.
    So, please find better excuses, that can convince people beyond kindergarten level.
    08-09-16 09:12 AM
  13. Tsepz_GP's Avatar
    Maybe it can block it now, after the security update, but Google had no clue about it until the researcher who discovered it alerted Qualcomm a very long time ago.
    If Google knew about it, all these phones, including the Nexus ones, would not have been affected.
    So, please find better excuses, that can convince people beyond kindergarten level.
    You don't seem to grasp what is being said. Its ALREADY blocked BEFORE the Security Update, unless you decide to turn off all the Security, THEN it can affect your device

    All the Security Update will do is ensure that even if you turn Off all the Security in your phone and then find and install the app with the exploit, it won't do any harm.

    No excuses, just facts.
    08-09-16 09:16 AM
  14. Sairos's Avatar
    If the phones were produced in the US or Europe.. Would we keep hearing the whole China BS?.. I can't trust phones from China because its China.. If its anything then its Xenophobia and jealousy of China's position.. If these phones were all produced in the US, Canada or Europe.. I wouldn't be hearing a US or Canada production problem.. But its the communists problem always.. Come on guys you still living in the Cold war.. All companies produce in China and the phones are as secure as they get, otherwise the US Gov won't be using Devices produced there..

    It was a mess up by a non Chinese company and yet you put no blame on them (Qualcomm).. Only on BlackBerry which is not their problem really, and definitely not China's Problem..

    BlackBerry's Android is the best and indeed the most secure out there.. But its not implementable and nothing is.. Flaws will be discovered.. They're not Gods.. They don't create something perfect.. No one does.. Get on with it.. Its always like that, people waiting and waiting for the slightest security flaw so they can diss BlackBerry.. even if its not their problem.. Even if its Qualcomm's.. We will now blame F***** BlackBerry for not using their own chips.. How dare they.. and how dare they manufacture in china even if it has nothing to do with the security flaw..
    08-09-16 09:20 AM
  15. sorinv's Avatar
    I didn't misinterpret anything.

    Your thread has a lot of wrong info, and you choose not to admit any of them in responding.. you didn't take the time to correct the whole Samsung isn't affected thing. ( You edited your post and responded about the GS7, not my problem)

    You said in the thread SOFTWARE can't secure hardware bugs.. That's wrong.. No misinterpretation.. A software update was used to secure the software problem.. Thus its software even if its connected to the hardware.

    Its not BlackBerry's problem yet you paint it as if its.. Its Qualcomm's and this has nothing to do with china because BLOODY QUALCOMM IS AMERICAN.. Its Qualcomm's soft and even hardware.. What is china's relation to the discussion.. This is hilarious.. Some people really have a problem with china being successful in producing phones and they kinda use anything to make it look bad..

    Oh now its about Backdoors? Please, Don't bring backdoors in the discussion, We're taking something very specific here and its about the Qualcomm's software drivers.. Its not about backdoors and you even argue that people like apple who didn't use their chips are secure.. So, Apple still produce in china... The backdoor point is irrelevant and even if its relevant, it doesn't matter where you produce them.
    What I wrote is correct. Yes, it is a problem with the Qualcomm chip.
    Yes, the Samsung phones that use that chip are also affected, but not those that don't use that chip.
    BlackBerry software could not detect that problem.
    The conclusion that I drew (and which I stated in other threads during the past two years) is that BlackBerry cannot prevent a bug at the hardware level from affecting the phone and the user data.

    Yes, if BlackBerry designs and manufactures its phones in China it has no way of preventing similar intentional or unintentional hardware bugs from happening. This is where I brought in China because Dtek50 is designed and manufactured in China. I did not say that it has happened, all I said was that it might happen and it makes no sense to allow that to happen if you plan to sell those phones to western companies and governments.

    And yes, if you do not design both the hardware (including the ICS and especially the ICs) and the software you can never be 100% sure that you can secure the phone. Even Chen used to state that when he joined the company. Now it doesn't suit him to say that anymore.
    08-09-16 09:21 AM
  16. sorinv's Avatar
    You don't seem to grasp what is being said. Its ALREADY blocked BEFORE the Security Update, unless you decide to turn off all the Security, THEN it can affect your device

    All the Security Update will do is ensure that even if you turn Off all the Security in your phone and then find and install the app with the exploit, it won't do any harm.

    No excuses, just facts.
    This is a hardware code problem. Has nothing to do with apps. Apps may be able to exploit the flaw, but that's a different discussion in a Priv thread.
    TGR1 likes this.
    08-09-16 09:26 AM
  17. Sairos's Avatar
    What I wrote is correct. Yes, it is a problem with the Qualcomm chip.
    Yes, the Samsung phones that use that chip are also affected, but not those that don't use that chip.
    BlackBerry software could not detect that problem.
    The conclusion that I drew (and which I stated in other threads during the past two years) is that BlackBerry cannot prevent a bug at the hardware level from affecting the phone and the user data.

    Yes, if BlackBerry designs and manufactures its phones in China it has no way of preventing similar intentional or unintentional hardware bugs from happening. This is where I brought in China because Dtek50 is designed and manufactured in China. I did not say that it has happened, all I said was that it might happen and it makes no sense to allow that to happen if you plan to sell those phones to western companies and governments.
    You gotta be kidding me? You're still arguing China yet you admit its a problem with Qualcomm.. How the hell would it help if they produce them in Canada or the US? it would've still happened... It would've still been Qualcomm who produced the bloody chips with its software.. Dude, leave china out of it..

    You can keep arguing hardware chips all day long.. Your point is invalid, Software was used to secure a software bug, its not a physical hardware problem.. Its the software connected to it.. They didn't go and fix the bloody chips physically.. as a result, Your title thread is wrong because a software update was indeed used to secure the problem which was in the software drivers anyhow..

    Oh nice of you to bring Western word in the discussion.. I See I see, you're one of these guys who are hating on China being able to produce anything and the whole world going there to do it.. Its indeed a western Vs Eastern or Red china or whatever problem.. Well, Get over it, because it ain't going away anytime soon.
    TGR1 and Ronindan like this.
    08-09-16 09:30 AM
  18. Tsepz_GP's Avatar
    This is a hardware code problem. Has nothing to do with apps. Apps may be able to exploit the flaw, but that's a different discussion in a Priv thread.
    Regardless, for most users it means they have nothing to worry about.

    There could be hardware code problems in Apple A-series SoCs, Samsung Exynos SoCs and Huawei Kirin SoCs, but the number of Snapdragon devices that exist by far outnumber all 3 put together, worth it to invest and find ways to exploit them and get money from people who don't know any better.
    08-09-16 09:34 AM
  19. sorinv's Avatar
    You gotta be kidding me? You're still arguing China yet you admit its a problem with Qualcomm.. How the hell would it help if they produce them in Canada or the US? it would've still happened... It would've still been Qualcomm who produced the bloody chips with its software.. Dude, leave china out of it..

    You can keep arguing hardware chips all day long.. Your point is invalid, Software was used to secure a software bug, its not a physical hardware problem.. Its the software connected to it.. They didn't go and fix the bloody chips physically.. as a result, Your title thread is wrong because a software update was indeed used to secure the problem which was in the software drivers anyhow..

    Oh nice of you to bring Western word in the discussion.. I See I see, you're one of these guys who are hating on China being able to produce anything and the whole world going there to do it.. Its indeed a western Vs Eastern or Red china or whatever problem.. Well, Get over it, because it ain't going away anytime soon.
    Despite the excited tone and the rest of the text that has nothing to do with the thread and my posts, you do bring up the point of bugs in the physical IC. Those are possible, too. You can use software to activate fuses in the IC and reprogram some digital logic. But that's a different discussion. Did not happen in this case, apparently.

    By the way, if you read my postings in this thread, I suggested in one of them that this type of hardware code error could be accidental or intentional and that the NSA could be "in cahoots" (to quote from others) with Qualcomm. The bug was discovered by a guy with a Russian name who reverse engineered the qualcomm code for 6 months. I am guessing the code was not available to him or else he would not need to reverse engineer it..

    So, relax, all security services do their best to use or implant bugs if they can. I have no insight into any of this, I am just speculating about intentional bugs. They most likely are accidental, due to the incompetence of those who wrote the firmware.
    Last edited by sorinv; 08-09-16 at 09:50 AM.
    08-09-16 09:39 AM
  20. Sairos's Avatar
    Despite the excited tone and the rest of the text that has nothing to do with the thread and my posts, you do bring up the point of bugs in the physical IC. Those are possible, too. You can use software to activate fuses in the IC and reprogram some digital logic. But that's a different discussion. Did not happen in this case, apparently.
    Hahah what? You bring on china which really has nothing to do with the topic and sec flaw (Since Qualcomm is american) and when I take you on and discuss it.. You tell me the text has nothing to do with threads and my posts? You're hilarious..
    08-09-16 09:42 AM
  21. Sairos's Avatar
    NSA working with Qualcomm on this? Oh Boy, Thank you but I'm not into conspiracies.. They don't need Qualcomm to spy on you, they're doing just fine without any help from companies.
    08-09-16 10:00 AM
  22. kvndoom's Avatar
    Are you implying that Qualcomm is in cahoots with someone with nefarious intent? That's a bit much, no?
    This IS crackberry though...

    Passport SE, "The BlockBerry" - Cricket Wireless
    08-09-16 10:09 AM
  23. Mecca EL's Avatar
    CheckPoint is the reputable security firm who discovered and disclosed the Quadrooter vulnerability.

    In this case, their app is okay for scanning. Sorta like when Zimperium released an app for determine Stagefright exposure (Zimperium was the security firm that found Stagefright).
    You're missing my point. Why would I pay the mafia for "protection" I don't need, when I can do it myself?
    IndianTiwari likes this.
    08-09-16 10:34 AM
  24. PantherBlitz's Avatar
    All you have to do is to read my posts here. It is very clear.
    Most of the rest of the posts here are on a different topic that has little to do with the thread.

    The thread is about hardware firmware bugs which BlackBerry and other phone and OS manufacturers (Google, BlackBerry, Silent Circle, Samsung..) have no control over.

    This is not malware. It's a security flaw in the Qualcomm Snapdragon 808 and 810 (I am guessing based on the list of phones affected) which was discovered by a security expert after 6 months of reverse engineering the Qualcomm code.
    The passport or other bb10 phones are not affected because they use older qualcomm Snapdragon chips like the 801.

    This is not android malware.
    It took 157 posts but this thread finally got back on track. Kudos to you, sir!
    08-09-16 10:39 AM
  25. Jerry A's Avatar
    You're missing my point. Why would I pay the mafia for "protection" I don't need, when I can do it myself?
    Now I get your point. Think you might have been a bit too subtle before.
    Mecca EL likes this.
    08-09-16 11:01 AM
225 ... 6789

Similar Threads

  1. WTT Z30 + Z10 for Priv
    By OTCHRussell in forum Buy, Sell, Trade - Sold / Archived
    Replies: 16
    Last Post: 10-05-16, 08:47 PM
  2. BlackBerry 10 128gb micro SD problem
    By skstrials in forum BlackBerry 10 OS
    Replies: 26
    Last Post: 08-12-16, 08:26 PM
  3. DTEK50 Cheapest BlackBerry since (BBOS 10)
    By schumi_xtreme01 in forum BlackBerry DTEK50
    Replies: 40
    Last Post: 08-12-16, 12:45 AM
  4. When will Best Buy have the new Blackberry D50?
    By Trentp03 in forum Ask a Question
    Replies: 3
    Last Post: 08-10-16, 02:30 AM
  5. I can not open the installed software
    By CrackBerry Question in forum Ask a Question
    Replies: 1
    Last Post: 08-09-16, 11:20 PM
LINK TO POST COPIED TO CLIPBOARD