09-09-14 10:49 PM
94 1234
tools
  1. raino's Avatar
    Gotta love the progression of armchair Google/Android enthusiasts. First, they claim Android/Google products are just as secure as BB. Then, when evidence is shown to the contrary, there's the "yeah, but there's no practical exploit, and you'd have to be stupid to get hit by this" all the while implicitly absolving Google of making its GMail app so vulnerable that it was hacked with a succss rate of 92%--almost twice as bad as the least exploitable app. Maybe Google should give these armchair security experts real validation by doing nothing about this, and not welcome the data to improve its mining tentacles products.
    theRock1975, lift and BruvvaPete like this.
    08-24-14 01:46 PM
  2. DenverRalphy's Avatar
    Gotta love the progression of armchair Google/Android enthusiasts. First, they claim Android/Google products are just as secure as BB. Then, when evidence is shown to the contrary, there's the "yeah, but there's no practical exploit, and you'd have to be stupid to get hit by this" all the while implicitly absolving Google of making its GMail app so vulnerable that it was hacked with a succss rate of 92%--almost twice as bad as the least exploitable app. Maybe Google should give these armchair security experts real validation by doing nothing about this, and not welcome the data to improve its mining tentacles products.
    I don't think anybody has ever claimed Android/Google is as secure as BlackBerry.

    As for some apps being more vulnerable than others, this current hack is a completely new concept. It's not like any developers for any app could have been reasonably expected to develop around it.

    And yes, there are no practical examples of this current hack in the wild. The engineers behind it didn't release it to the public. They offered their results to the computing industry to take suitable action.

    The news is yet another in a long string of Proof of Concepts. There are many more that are never published publicly. For every platform.


    Sent from my SCH-I545 using Tapatalk
    mikeo007 and mornhavon like this.
    08-24-14 02:04 PM
  3. allisos's Avatar
    I don't think anybody has ever claimed Android/Google is as secure as BlackBerry.

    As for some apps being more vulnerable than others, this current hack is a completely new concept. It's not like any developers for any app could have been reasonably expected to develop around it.

    And yes, there are no practical examples of this current hack in the wild. The engineers behind it didn't release it to the public. They offered their results to the computing industry to take suitable action.

    The news is yet another in a long string of Proof of Concepts. There are many more that are never published publicly. For every platform.


    Sent from my SCH-I545 using Tapatalk
    They published a white paper explaining exactly how they did it, and anyone can download. How is that not public?


    Posted via CB10
    08-24-14 03:31 PM
  4. allisos's Avatar
    This is something every platform needs to be aware about. It's not an OS specific vulnerability, it's more an "every OS" vulnerability. The article itself even mentions that the engineers are confident that it should work on any OS.

    It's basically an evolved form of stack crushing attacks, where hackers would basically use a method to force a program/app with poor Exception Handling to crash to discover where in memory particular pieces of data are stored, and subsequently grab that data. However, since most modern OS's today have built measures to mitigate that form of attack, the researchers at UCR seem to have found a new method to grab that same data in a different manner. Particularly troubling, is that it doesn't require crashing a process to succeed.

    Every OS, even QNX/BB10, utilizes memory sharing. It's not an OS flaw so much as it's a "how modern day computers work" flaw.

    The kicker though, is that each app needs to be studied intimately for the hack to work. The user has to be unaware that they've installed it, app stores need to be blind to it (every app store scans all apps now), and the OS needs to be blind to the attack (Android and BB10 scan on device, I don't know if iOS or WP have the ability). As well, timing has to be Johnny On The Spot to succeed.

    It is a bit heartening to know that the hack has not been found in the wild. Though releasing the proof of concept will put others on the trail.

    Sent from my SCH-I545 using Tapatalk
    Again.... should work, and proved it works are completely different concepts. I'll patiently continue to wait for the BlackBerry hack PROOF of concept.

    Posted via CB10
    08-24-14 03:33 PM
  5. DenverRalphy's Avatar
    They published a white paper explaining exactly how they did it, and anyone can download. How is that not public?


    Posted via CB10
    The difference is, they explained the concept. Not the actual method to accomplish the feat. Huge difference.


    Sent from my SCH-I545 using Tapatalk
    08-24-14 04:06 PM
  6. lovedaazn's Avatar
    Like always, the attack requires the user to do something stupid first. Surely most people are smart enough not to download no name, supicious apps, or apps from untrusted sources.

    Yet another cyber attack on the smartphone users of the world that will ultimately end up hurting absolutely no one (or atleast no one with a shred of common sense), but will be blown way out of proportion on CrackBerry forums.
    Not true, people do stupid stuff like answer phishing emails and give passwords all the time. Lots of people have been scammed by users on kijiji and telemarketing.

    It takes one person to do one stupid thing. 7 billion people on earth. The chances of someone doing something stupid? Very likely. It's stupid to not use PayPal, but it happens.

    Anyways, my point being is that people fall for tricks that are too good to be true more often than you'd think. And it only takes one person to do one regretful thing to maker a hacker profitable.

    Posted via CB10
    08-24-14 04:11 PM
  7. allisos's Avatar
    Still waiting on that proof... oh, and I reached out to the author of the white paper.... I asked him if he tested OS 7, BB10... here's the reply:


    "No, I have not done anything with BlackBerry. In fact, I knew little
    about BlackBerry systems."

    So.... "it should work on all OSs" is a bit premature.


    Posted via CB10
    raino and BruvvaPete like this.
    08-25-14 09:13 PM
  8. raino's Avatar
    So.... "it should work on all OSs" is a bit premature.
    Well, I'll say. If the authors aren't willing to make that conclusion, I'm not sure how valid the leaps being made here are.
    08-26-14 12:30 AM
  9. Prem WatsApp's Avatar
    Still waiting on that proof... oh, and I reached out to the author of the white paper.... I asked him if he tested OS 7, BB10... here's the reply:


    "No, I have not done anything with BlackBerry. In fact, I knew little
    about BlackBerry systems."

    So.... "it should work on all OSs" is a bit premature.


    Posted via CB10
    Awareness problem...

    (security by obscurity can be a bonus... )

    ? BlackBerry? I premdict the future's gonna be chenomenal! ?
    08-26-14 11:26 PM
  10. allisos's Avatar
    Yeah, yeah. Heard it before. BlackBerry is secure and everyone else isn't. Whatever.

    Posted using my Z10 via CB10
    I'm still waiting patiently for the hacking evidence... anyone is welcome to post a video of a BlackBerry being hacked.

    Posted via CB10
    08-31-14 11:26 PM
  11. jonnaver's Avatar
    Check out this article from the University of California, Riverside

    UCR Today: Hacking Gmail with 92 Percent Success

    They claim a 92 % success rate on hacking gmail.... among other apps. They went after gmail, H&R Block, Chase... not exactly small time apps with no security.

    I may start deleting android apps after all....

    Posted via CB10
    Did it occur to you that they never even bothered to consider trying a BB due to it's low popularity? There's a saying someone coined recently about BB and WP not being targeted by hackers for the same reason there are few developers for them - low popularity. The saying was security by obscurity is no security at all.

    I'm still waiting patiently for the hacking evidence... anyone is welcome to post a video of a BlackBerry being hacked.
    You're welcome:
    Is Blackberry ?NSA-proof?? Don?t bet on it - National | Globalnews.ca
    08-31-14 11:53 PM
  12. allisos's Avatar
    Did it occur to you that they never even bothered to consider trying a BB due to it's low popularity? There's a saying someone coined recently about BB and WP not being targeted by hackers for the same reason there are few developers for them - low popularity. The saying was security by obscurity is no security at all.


    You're welcome:
    Is Blackberry ?NSA-proof?? Don?t bet on it - National | Globalnews.ca
    Where do I begin here... the logic people use sometimes is just maddening...
    You post a link to an article on how the most powerful government in the world, (who uses BlackBerry) can somehow intercept info.... for which you will never actually see first hand proof, and won't be able to replicate what they do.... and also you claim BlackBerry has low popularity, yet the highest of profile targets still use it to protect their information.

    I think everyone is missing my point. I can actually hack an iPhone and Android phone myself using the techniques readily available on the Internet. I can find videos of people doing all over the place. I'm asking for video proof a BlackBerry hacking. It really seems like a simple request.

    And the popularity is soo low... That's like saying no one would dare break into a millionaire's home, because he has no friends.


    Posted via CB10
    ronfc, pttptppt and RWB3325 like this.
    09-01-14 12:02 AM
  13. raino's Avatar
    ^And don't forget, back when BlackBerry was popular, it had that reputation of getting hacked all the ti...oh wait.
    09-01-14 12:04 AM
  14. allisos's Avatar
    You'd think someone would step up with just one little video...

    Posted via CB10
    09-01-14 09:12 AM
  15. tinochiko's Avatar
    ^And don't forget, back when BlackBerry was popular, it had that reputation of getting hacked all the ti...oh wait.
    ^ THIS

    But in those olden days hackers (or at least those that existed) had better things to do... right?

    Check Out TechCraze
    09-01-14 09:22 AM
  16. allisos's Avatar
    http://usat.ly/1pBiw0K

    If you value your information... this is not how to protect it.


    Posted via CB10
    09-01-14 10:53 PM
  17. Laura Knotek's Avatar
    Ok.... this.... tools available to criminals? What tools?
    It is possible for cybercriminals to buy software to perform their hacks. That stuff is readily sold. One does not necessarily need a lot of tech skills to be a hacker if he has the money and knows where to buy that stuff.
    09-02-14 12:59 AM
  18. BBFunGuy's Avatar
    It is possible for cybercriminals to buy software to perform their hacks. That stuff is readily sold. One does not necessarily need a lot of tech skills to be a hacker if he has the money and knows where to buy that stuff.
    You do not need to buy tools they are readily available for free, like Twitter, Google, and Facebook.

    Reference link
    09-02-14 04:48 AM
  19. CrackberryQ's Avatar
    Google themselves "legally hack you" Lool, the fact that they take your consent prior just paints it in a different manner.

    But bottom line is Google designed android and sent it out for free with one target, and it's to mine for info, and boy are they getting better and better with every upgrade and "convenient" feature they add!

    Just checkout your location history and search history on google!

    I really don't care what google does with the info, but imagine that if I do a stupid mistake, and my Gmail gets hacked, the information readily available for the hacker is mind boggling!

    The most unimportant things you never need to know. Pin:C002F4C05
    lift likes this.
    09-02-14 05:34 AM
  20. ozdezignr's Avatar
    No... I'm saying that ANYONE can hack an iPhone or Android device... and the NSA might be able to hack a BlackBerry...

    I'm waiting for ANYONE to show me proof of a BlackBerry hack. Show me how to do it, so I can do it myself.

    So people trumpet how nothing is safe, and everything is vulnerable. Yes... and all things that live will die. BUT... I'm safer in a castle from a wolf than I am in a tent in the woods.... so let's stick to facts.... I can pick up a new iPhone, or a new android handset and easily alter the software. I can also follow the main above guide, and proceed with creating software hacks to embed in apps for people to download.

    Please for the love of all that is real... just show me actual instruction or science of how a BlackBerry is vulnerable to hacking.


    Posted via CB10
    Don't hold your breath...

    Z30 144GB
    09-05-14 09:38 PM
  21. allisos's Avatar
    Don't hold your breath...

    Z30 144GB
    Thanks... I was turning blue

    Posted via CB10
    raino likes this.
    09-05-14 10:03 PM
  22. ATMJOE's Avatar
    Everything is hackable. It's just a matter of how much time and resources you have at your disposal.

    Posted via CB10
    09-05-14 10:38 PM
  23. crazigee's Avatar
    Everything is hackable. It's just a matter of how much time and resources you have at your disposal.

    Posted via CB10
    Absolutely.

    Posted using my Z10 via CB10
    09-06-14 11:41 AM
  24. allisos's Avatar
    Everything is hackable. It's just a matter of how much time and resources you have at your disposal.

    Posted via CB10
    I guess it just takes way to much time to actually back a BlackBerry and show me.


    Posted via CB10
    09-06-14 09:01 PM
  25. allisos's Avatar
    Absolutely.

    Posted using my Z10 via CB10
    Why is it so difficult to get proof of this?

    Posted via CB10
    09-06-14 09:02 PM
94 1234

Similar Threads

  1. can't access 2G and can't unbundle network modes
    By whitethunder84 in forum Ask a Question
    Replies: 2
    Last Post: 08-29-14, 06:59 PM
  2. Replies: 2
    Last Post: 08-28-14, 06:34 AM
  3. Review/personal experience with BlackBerry Assistant
    By pttptppt in forum BB10 Leaked/Beta OS
    Replies: 96
    Last Post: 08-27-14, 07:37 AM
  4. 10.3.1052: sys.android = Permanent?
    By adamlau in forum BB10 Leaked/Beta OS
    Replies: 17
    Last Post: 08-27-14, 12:45 AM
  5. No new high end all-touch device in near future?
    By horyel in forum General BlackBerry Discussion
    Replies: 23
    Last Post: 08-24-14, 11:56 AM
LINK TO POST COPIED TO CLIPBOARD