01-25-14 12:42 PM
217 1234 ...
tools
  1. stackberry369's Avatar
    My zipper is secure. Thank you.
    Not if it's broken lol.

    sent from my galaxy note 3
    12-06-13 01:32 PM
  2. roadrunner95's Avatar
    If you use Balance Browsing is more secure on the work partition.

    BB10 phones that are not on BES10 are no more secure than any other phone.

    BB10 phones that are on BES10 have, potentially, several services that ARE more secure than other phones, but even then, phone calls, SMS/MMS, Web browsing, and other services are still no different than other phones.

    One of the most important aspects of security is understanding what is and isn't secure. Merely "having faith" is not security - security has real definitions and limitations, on every platform.
    12-06-13 01:40 PM
  3. adamlau's Avatar
    Wow...3K for the Secusmart microSD. One-shot deal, lifetime with free upgrades? It is now on my list of cool stuff I don't need but could use just because.

    SQN100-1 + 10.2.1.1055 | STA100-3 + 10.2.1.1055
    12-06-13 01:45 PM
  4. STV0726's Avatar
    with every iOS version getting jailbroken, you have your answer.
    Yeah. No kidding.

    And btw...if anyone dares say something to the effect of "how are leaks any different from jail breaking", please kindly go back to iMore.com until you are willing to do one search and 3 minutes of reading to know what a leak is and how it is secure, unalterable packaged OS from BlackBerry.

    -STV on Z10STL100-3/10.1.0.4780 TMO US
    12-06-13 01:45 PM
  5. kylef5993's Avatar
    Geez weez, I dunno. But if the president of USA , the gouvernement of Germany, the pentagon just to name a few name, kept or went to blackberry, it's probably for the cool factors

    Better android than android. The future is black....
    i'm still stuck on that spelling of government

    Posted via CB10
    PJD642 likes this.
    12-06-13 01:47 PM
  6. Omnitech's Avatar
    Thanks omnitech bout time someone did what you did, it seems that's the new thing to throw around these days, "BlackBerry phones not on bes are no more secure than other phones"

    You're welcome.

    FWIW, there are a variety of additional things not mentioned in those articles/papers, things like the way the internal security/encryption module is designed, various anti-tampering features and so on. I may look up cites on those things if I have the time.


    Wow...3K for the Secusmart microSD. One-shot deal, lifetime with free upgrades? It is now on my list of cool stuff I don't need but could use just because.

    The SecuSmart solution is not a one-off single-user security enhancement, it requires back-end services and network re-routing to work. Among other things, it completely bypasses the carrier's voice network for voice calls and sends that traffic via their own NOC using secure VoIP. It also authenticates the entity at the other side of the call, but in order to do that they probably have to be using SecuSmart as well. You can't make a secure voice call to someone at some random payphone somewhere. The whole point is to keep the traffic 100% off the insecure PSTN or wireless carrier voice network.
    R Field, Superfly_FR and stlabrat like this.
    12-06-13 05:04 PM
  7. eddy_berry's Avatar
    Wow Omnitech. Bravo sir. Made this thread really informative.
    flyingsolid likes this.
    12-06-13 05:36 PM
  8. bbq10l's Avatar
    From:

    http://us.blackberry.com/content/dam...rity-Works.pdf



    The Security Benefits of the QNX Microkernel

    • It contains less code (about 150,000 lines)
    • This small footprint helps eliminate vulnerabilities by making security verification and testing easier and more robust


    Itís designed for resiliency

    • The Microkernel isolates processes in the user space
    • Unresponsive processes are restarted without affecting others, so that applications donít crash the OS


    It minimizes all root processes

    • Only the most essential BlackBerry processes run as root
    • Root processes are not available to non-BlackBerry parties, which makes the OS less vulnerable to security risks


    The QNX Microkernel diagram below illustrates how user processes cannot directly access other processes.

    Contained and Constrained: Application and Malware Controls

    The best way to protect your enterprise from mobile malware is to use an operating system thatís designed to resist it. BlackBerry 10 uses a Ďcontain and constrainí
    design strategy to mitigate against malware risks.

    By sandboxing the user space, BlackBerry 10 can block malicious behavior:

    • Processes are constrained within the user space and the microkernel carefully supervises inter-process communication.
    • Memory accessed by the user space is also authorized by the microkernel.
    • Any process that attempts to address unauthorized memory is automatically restarted or shut down.



    And in the next diagram, youíll see just a few examples of the security mechanisms that are integrated into the BlackBerry 10 operating system to protect against attacks and arbitrary code execution.

    Protection Mechanism Description
    Non-executable stack and heap Stack and heap areas of memory cannot execute machine code, protecting against buffer overflows
    Stack cookies Buffer overflow protection to prevent arbitrary code execution
    Robust heap implementations A form of protection against heap area of memory corruption that can lead to arbitrary code execution
    Address space layout randomization (ASLR) Random allocation of a processí address space makes arbitrary code execution more difficult
    Compiler-level source fortification Compiler option replaces insecure code constructs where possible
    Guard pages A form of protection against heap buffer overflow and arbitrary code execution
    I love what you wrote here, and I've never seen this explained so thoroughly. But it brings up an important point. All the iphone haters on these forums like to say that the "dumb sheep" don't care about security. They DO care about security, but are they honestly expected to understand this? Maybe if BlackBerry could figure out a way to translate the security features you mention in a way people can understand, they can use the security features of the BlackBerry to sell the phone. In the past, BlackBerry has been selling to IT. Ya'll understand that information. You cannot expect consumers to understand that if it's not communicated in a different way. If BlackBerry could show consumers how this applies to them in a way they understand, that is a selling strength. Just telling customers BlackBerry is "more secure" doesn't work. People don't know what that means.

    Posted via CB10
    12-06-13 09:55 PM
  9. R Field's Avatar
    Troy where'd you go? Lol foot meet mouth.

    Omnitech I think you should compile all that into a article or something of that nature. At least a sticky post for a section of the forums. I was aware of some of those points but not to that extent. Thank you for sharing that.

    BlackBerry Z10 (Z30 inbound) | 10.2.1.1055 | C0006E212
    Last edited by R Field; 12-06-13 at 10:49 PM.
    12-06-13 10:26 PM
  10. axeman1000's Avatar
    This here from Omnitech IS the last word on BlackBerry security, I am confident. End of debate.
    Amen, this is all proof that it is more secure than the others with or without Bes. Now the same five or six liars in this format can move on,and let it go, they have been wrong all along!

    BlackBerry forever, haters never!
    12-06-13 10:46 PM
  11. R Field's Avatar
    When your brand new phone gets hacked 5 ways within the first 72 hours on the lockscreen then gets the TouchID hacked in the first week you have big issues.

    http://threatpost.com/ios-7-plagued-...ss-flaw/102375

    http://m.cnet.com/news/touch-id-hack...legit/57604255

    Other phones security is a joke. Look how easy it is to root/jailbreak their phones. I saw another article Bla1ze posted at one point detailing the laundry list of Apple security issues. I wish I had it available.

    Android is the malware king and if you look how open the Google Play store is you will see why. There is next to no screening/vetting of apps.

    http://thenextweb.com/insider/2013/0...ndroid/#!o8UBt

    Apple product must be neutered to be allowed for use on Us Department of Defense networks.

    http://www.berryreview.com/2013/05/2...vernment-work/

    There is a reason BlackBerry still maintains a gold standard when it comes to security bes or no bes. Android apps are sandboxed and never given access to the RTOS kernel.

    Sadly hardly anyone cares. They freely buy Nexus phones to be data mined by Goggle just so they can generate more ad revenue. It's sad but whatever if you want your credit info susceptible go ahead.

    http://appleinsider.com/articles/13/...rd-data-stolen


    BlackBerry Z10 (Z30 inbound) | 10.2.1.1055 | C0006E212
    Omnitech, ronfc and world saviour like this.
    12-06-13 11:09 PM
  12. raggdoll's Avatar
    Though the iPhone has cornered over 25 percent of the US cell phone market, Apple is missing one key customer: the President of the United States...

    Source: Is the BlackBerry really more secure than the iPhone? - CSMonitor.com
    Nice to see you have 1 customer left, good job! And even he wants to use an iPhone
    12-06-13 11:35 PM
  13. Dgree03's Avatar
    How BlackBerry 10 avoids Android's security issues (TechRadar.Mobile)


    In Depth RIM predicts 'day of reckoning' for mobile security


    Excerpt:


    Google's problem with Android is both the Linux and Java components it's built with and the way it's implemented by multiple handset makers. That causes security headaches and ultimately limits what Android can do. That's according to Sebastien Marineau, the senior vice president of BlackBerry OS.

    "I call it architectural integrity; maintaining integrity of the architecture and for that you need to deeply understand that architecture. The model with Android is one of microforking, from handset manufacturer to handset manufacturer and even between handsets."

    BlackBerry 10 and QNX partition what different apps and processes are allowed to do very strictly, but the design of Android is quite different. "It's much harder to partition in Android because it's a distributed architecture. It's a distributed object model throughout all the Java components and processes and it's far more difficult to partition that."

    Plus there is a lot of Android to understand, compared to the small but powerful QNX kernel that powers PlayBook and BlackBerry 10. "If you look at the microkernel architecture, the microkernel is the only trusted component in the system," he explains. "It's the one thing that can never fail and it gets to control access."

    "In the case of our microkernel it's about 100,000 lines of code, give or take ten thousand and that's the core code that has to be absolutely bullet proof. If you look at something like Linux, I don't know what it's up to today but it was up to 14 million lines six months ago. That code all runs in privileged space and one line in that can take down the whole system or be the vulnerability that people exploit. It's very difficult to test to prove that that amount of code is secure and bug free."

    [...]






    BlackBerry 10 OS will have multi-layered security model (Network World)

    RIM and QNX re-engineering security for the new mobile platform


    Excerpts:


    RIM's upcoming BlackBerry 10 operating system is intended to be as secure, if not more so, than the OS running on RIM's current crop of BlackBerry devices. [...]

    BB10 security will have multiple integrated layers, with the tight, cooperating relationship between hardware and software that's been a BlackBerry hallmark. For mobile users, there will be a permissions-based security model for apps, in plain, understandable English, coupled with a various OS-level security and safety features borrowed from QNX's experience in the embedded systems market. [...]

    At the OS level, QNX has offered a hardened variant of its OS called Neutrino RTOS Secure Kernel for several years. The secure kernel has been certified under the Common Criteria ISO/IEC 15408 Evaluation Assurance Level (EAL) 4+. The Common Criteria is intended to show that a computer security product has been specified, implemented and evaluated in a standard and thorough way. QNX says Neutrino was the first full-featured RTOS certified under this standard.


    This combined group has been focusing on a range of protections, such as:

    • Blocking root access, which enables a user or hacker to gain administrative access to the OS.
    • Memory randomization, which in effect "scrambles" where in memory routines may run, making it harder for these to be leveraged by attackers.
    • Adding security management, including auditing, to the kernel.


    Code to jailbreak or root the QNX-based PlayBook OS (so you can load apps apart from BlackBerry App World) is available from DingleBerry.it, specifically Version 3.3, which was a big step up in simplicity and ease of use. A 4.0 version is in development. The PlayBooks will eventually run BlackBerry 10, so if blocking root access is a priority for RIM, then they may be harder to jailbreak with the release of the new OS. [...]



    (Omnitech note: There has been NO equivalent "rooting tool" released for BB10 because the author of Dingleberry CANNOT BREAK IT, nor has anyone else so far. See below.)


    Posted 2013-01-17







    In fact, the domain "jailbreak.me", owned by the author of Dingleberry is being sold-off now, because he is, quote: "...not working on jailbreaks as much...". Care to guess why?
    And how does any of this protect blackberry phones not on BES from the NSA?
    JR A likes this.
    12-06-13 11:47 PM
  14. axeman1000's Avatar
    Nice to see you have 1 customer left, good job! And even he wants to use an iPhone
    Oh you didn't know? Your opinion doesn't matter. Your on a forum of BlackBerry lovers, I am sure there is more than one, thus making you invalid. Buh bye!

    BlackBerry forever, haters never!
    12-06-13 11:50 PM
  15. axeman1000's Avatar
    And how does any of this protect blackberry phones not on BES from the NSA?
    The nsa will get it no matter what, but it willl be harder to listen over the air on a blackberry than the others. That's better than the bother options if your that concerned. If your doing nothing wrong than its no big worry. But good to know some dork wad in a Starbucks on the public wifi is not going to get into my BlackBerry before a iPhone or android.

    BlackBerry forever, haters never!
    12-06-13 11:53 PM
  16. Omnitech's Avatar
    I love what you wrote here, and I've never seen this explained so thoroughly. But it brings up an important point. All the iphone haters on these forums like to say that the "dumb sheep" don't care about security. They DO care about security, but are they honestly expected to understand this? Maybe if BlackBerry could figure out a way to translate the security features you mention in a way people can understand, they can use the security features of the BlackBerry to sell the phone. In the past, BlackBerry has been selling to IT. Ya'll understand that information. You cannot expect consumers to understand that if it's not communicated in a different way. If BlackBerry could show consumers how this applies to them in a way they understand, that is a selling strength. Just telling customers BlackBerry is "more secure" doesn't work. People don't know what that means.

    I agree they could do more to emphasize this, and perhaps some of it is due to the well-known issues they've had with marketing.

    However I actually think a lot of this could be intentional, and here's why:

    One of the biggest areas where BlackBerry's public perception has been negative, in my opinion, is that they became a headline company in the days when many large companies issued highly-secured, locked-down corporate devices for staff usage. Not only were those devices specifically locked-down in ways that made doing "fun stuff' nearly impossible, BlackBerries of that era didn't have very good support for things like games, movies, music and so on anyway.

    With BlackBerry 10, the company rightly tried to escape from their public perception of being associated with the "control-freaks in suits" that used to deploy their traditional products in businesses. They wanted to leave behind that image because it was pretty much directly at odds with the perception of the now popular consumer smartphones like iPhones and Androids, which people used for lots of "fun stuff". Blackberry wanted to become a mass-market seller and they wanted to shirk that traditional image.

    If BlackBerry were to start emphasizing "security" - an aspect that most of its "consumer market" competitors have barely even made mention of - I think they are afraid of a negative backlash, by associating their brand-new, multimedia-rich, consumer-app-competitive BB10 platform with the "bad old days" when so many people associated BlackBerry with the uptight, corporate, locked-down, no-fun BlackBerries.

    In addition, BlackBerry has a very substantial userbase in the government/military sector.

    As such, I can understand if they are reticent about publicly pushing the angle of "security" as I mentioned above, and they are also in a position between a rock and a hard place if they start pushing "privacy" and "freedom from government snooping" - because this is like tweaking their government/military customers in the nose. Lastly, I think they were reticent about tweaking Google too hard on the privacy thing.

    I once saw a pre-release BB10 marketing document put out by RIM (BlackBerry) before BB10 was actually released, which actually emphasized the privacy aspect, and drew a distinction between RIM's stance on that, versus companies like Google. (I wish I could find a copy of this document - anyone save a copy? I think it was a PDF file.)

    Clearly that marketing angle never saw the light of day, I presume because A) RIM decided that they wanted to pursue the same business model (at least to some extent) which had made so much money for Google etc., and B) they probably didn't want to tweak Google too much because the Android Player they were including in BB10 is a critical feature to boost app availability for their new platform and if they ticked Google off, Google might go out of their way to undermine the success of BB10's Android compatible aspect.
    walt63, world saviour and stlabrat like this.
    12-07-13 03:24 AM
  17. Omnitech's Avatar
    And how does any of this protect blackberry phones not on BES from the NSA?
    If the device is harder to break-into or exploit, then it's harder for the NSA to get whatever they want from it.

    As has been made clear via the various Snowden revelations, the NSA's monitoring strategy is multi-pronged. Not only do they snoop on data in transit, but they employ a variety of other mechanisms to get data in other ways, if it is not available that way. These tactics range from infiltrating technological standards-bodies and vendors to influence their technologies and products in ways that make it easier for NSA to snoop on them (oftentimes without the knowledge of those parties), to planting malware on smartphones, PC's, and other devices, to various other methods of compromising security protocols and standards (ie x.509 SSL certificate fraud/spoofing) and so on.

    If the smartphone platform is harder to exploit, that means there will be that many fewer ways that NSA can break into your property and confidential data and steal it.
    stlabrat likes this.
    12-07-13 03:33 AM
  18. Pilot Prop's Avatar
    Secure from the average bear...but the govt sees all

    Posted via Q10
    12-07-13 05:03 AM
  19. slickvguy's Avatar
    BB10 phones that are not on BES10 are no more secure than any other phone.
    Nonsense.
    My phone, the z10, has not been rooted.
    The o/s itself certainly IS more secure than the others.

    Most people don't care about security, but please, let's be honest and objective.

    Also, have there been any apps on BlackBerry World, that when installed, have been malware, virus, Trojan, hijack, etc.? Not to my knowledge.
    12-07-13 06:43 AM
  20. belfastdispatcher's Avatar
    BB10 phones that are not on BES10 are no more secure than any other phone.

    BB10 phones that are on BES10 have, potentially, several services that ARE more secure than other phones, but even then, phone calls, SMS/MMS, Web browsing, and other services are still no different than other phones.

    One of the most important aspects of security is understanding what is and isn't secure. Merely "having faith" is not security - security has real definitions and limitations, on every platform.
    I'm guessing you didn't read the article, everything can be encrypted with a special memory card, even calls.
    12-07-13 07:04 AM
  21. kbz1960's Avatar
    I was reading both iOS and Android have device encryption but it has to be enabled. How is that different from bbry encryption?
    12-07-13 07:57 AM
  22. Omnitech's Avatar
    How Obama's BlackBerry got secured (Top Level Telecommunications)

    How secure is the Merkel-Phone? (Top Level Telecommunications)


    Good articles, filled with lots of technical details.

    Among other things, the article on Obama's BlackBerry seems to answer the question about why an iPhone is not usable - the security suite that was originally used for his BlackBerry 8830 is Java-based, and runs on legacy BBOS 4.5 and above.

    I'd imagine he's carrying something newer now - various reports suggest it's a 9930. (Verizon has the US government contract)

    Given the fact that it's pretty unlikely he's surfing the web, watching TV shows or playing games on it, I don't think the older tech is likely to be a big hindrance.

    From a Washington Times article on Obama's BlackBerry:

    Inside the Ring - Washington Times

    "The software that allows users access to data up to the Top-Secret classification level was developed by Genesis Key with the help of engineers from the Toronto-based Research In Motion, which makes BlackBerry.
    12-07-13 08:26 AM
  23. Omnitech's Avatar
    Slightly tangentially, something I found in reading related articles:

    It's an open-secret that various governments use their foreign embassies as spying bases. The following article from the Independent (UK) has what I consider to be a quite fascinating photographic comparison. Originally shot by a German public television network "ARD" - it depicts and compares the heat signature of the structure on the roof of the US embassy in Berlin thought to be filled with electronic snooping equipment, before and after public revelations that the NSA had been snooping on German Chancellor Merkel's wireless phone conversations:

    Revealed: Britain's 'secret listening post in the heart of Berlin' - Home News - UK - The Independent
    Superfly_FR likes this.
    12-07-13 09:25 AM
  24. Superfly_FR's Avatar
    I love what you wrote here, and I've never seen this explained so thoroughly. But it brings up an important point. All the iphone haters on these forums like to say that the "dumb sheep" don't care about security. They DO care about security, but are they honestly expected to understand this? Maybe if BlackBerry could figure out a way to translate the security features you mention in a way people can understand, they can use the security features of the BlackBerry to sell the phone. In the past, BlackBerry has been selling to IT. Ya'll understand that information. You cannot expect consumers to understand that if it's not communicated in a different way. If BlackBerry could show consumers how this applies to them in a way they understand, that is a selling strength. Just telling customers BlackBerry is "more secure" doesn't work. People don't know what that means.

    Posted via CB10
    "Set a password (*), encrypt your device, don't DL from unknown sources and you're safe. Security made simple."

    (*) : or better: image password
    kbz1960 likes this.
    12-07-13 09:51 AM
  25. BitPusher2600's Avatar
    This thread has answered so many questions I've wondered about for a long time thanks almost entirely Omnitech, you are fantastic. I'm among those fools who do have that piece of "faith" with which I trust BlackBerry for their long running track record in data security because while that kind of thing is relevant to me since I rely so very heavily on the computing capabilities of this mobile device, it's an important subject and not one I could ever offer much in-depth technical expertise on specifically with the arguments against non-BES devices, yes at that point the subject of security was definitely faith in the architecture of the OS as it's often pointed out that all data is being carried across the carrier network which I always assumed that 100% they hold some strings.

    I love people like you who present real data rather than opinion in a technical debate. I wish I could buy you a beer Thank you.

    Posted from BitPusher's Q10
    12-07-13 10:48 AM
217 1234 ...

Similar Threads

  1. Replies: 14
    Last Post: 10-04-14, 09:28 AM
  2. App Suggestion - The TV Junkie
    By twis in forum Developers Lounge
    Replies: 8
    Last Post: 01-29-14, 08:36 AM
  3. Where and how is the Best and Cheapest way to buy a Z30
    By Wilsonia Goldens in forum BlackBerry Z30
    Replies: 26
    Last Post: 12-09-13, 08:35 AM
  4. Where are the next leaks?
    By yobil in forum BlackBerry 10 OS
    Replies: 33
    Last Post: 12-06-13, 10:24 AM
  5. Put the Blackberry Beta Zone app to serious use!!
    By BBrickk in forum General BlackBerry News, Discussion & Rumors
    Replies: 1
    Last Post: 12-05-13, 04:28 PM
LINK TO POST COPIED TO CLIPBOARD