03-01-15 07:13 AM
98 1234
tools
  1. Bluenoser63's Avatar
    Yeah. It is.

    Has been since BB10. And its not news to anyone paying attention.

    I used to be surprised at the surprise information like this garners on Crackberry. No more.

    Posted via the CrackBerry App for Android
    Then give us the facts as to why iMessage is more secure than BBM since BB10?
    11-06-14 04:26 PM
  2. undone's Avatar
    Scoring without testing is just as bad as <insert company> Fans talking/defending there device. Show me real world testing, I don't care who wins.
    11-06-14 04:54 PM
  3. tchocky77's Avatar
    Then give us the facts as to why iMessage is more secure than BBM since BB10?
    Without BIS,...BBM's travel over servers out of Blackberry's control.

    iMessage traffic travel's, encrypted, via servers owned and operated by Apple.

    Posted via the CrackBerry App for Android
    sentimentGX4 likes this.
    11-06-14 06:00 PM
  4. higherdestiny's Avatar
    Fact: BBM performed poorly when evaluated against the criteria stated on the scorecard.

    Fact: The criteria is very narrow and does not cater for a holistic view of the product's security features.

    BBM (consumer version) remains very secure. Fact is that your chats with mates aren't going to end up in the wrong hands. The London riots showed that even with BlackBerry technically being able to decypher messages, it's not an easy process and the government was not happy with the difficulty in obtaining messages relating to the organisation of the riots. Likewise India/Pakistan banning consumer BBM again points to the security of the plain vanilla edition of BBM. Contrary to rumours, BlackBerry did *not* hand over encryption keys for consumer BBM. What they did was allow the Indian government to access metadata information such as source and target - but not the contents of the message itself.

    The fact that BlackBerry do not release the source code of their product is actually a feature of their security approach. There's pros and cons to open source, as there are for closed code. Saying that open source is more secure than closed code is simply inaccurate.

    In terms of independent audits, BlackBerry's crypo was granted FIPS certification - the same crypto being used for consumer BBM messaging. In my mind, this is far better than an independent review from an unknown company, but this doesn't fit the narrow criteria of the scorecard.

    Then we have BBM protected. Add another layer of FIPS crypo on top of the existing layers. It's arguably one of the most secure channels available on any messaging platform. We're talking three separate layers of encryption, including a rotating cypher per individual message!

    The scorecard rates against a narrow criteria. BBM deserves a more thorough review.

    Here's some criteria the review didn't consider.

    Where are the encryption keys generated? Server on on the device?
    How is the first key transmitted? Is there possibility of interception?
    Is the key bound to a specific device?
    How many layers of encryption are present?
    How many different implementations of crypto?
    Is the crypto used FIPS certified?

    Just to review BBM protected's security layers:
    1. TLS encryption between the smartphone and the BBM infrastructure.
    2. Triple DES 168-bit BBM scrambling key unique to each individual message.
    3. Additional FIPS 140-2 certified cryptographic key generated on the device itself.


    Scorecard aside, if I'm transmitting nuke codes, I'd be using BBM protected over ANY of the other products mentioned.
    11-06-14 06:18 PM
  5. higherdestiny's Avatar
    Without BIS,...BBM's travel over servers out of Blackberry's control.

    iMessage traffic travel's, encrypted, via servers owned and operated by Apple.
    BIS (aka. BlackBerry Infrastructure) is still used, it's simply more transparent to the user and the carrier. Every BBM message traverses the internet through BlackBerry's own secure infrastructure. This is why you can't send a direct peer-to-peer BBM without internet access. Every message is encrypted using FIPS 140-2 certified crypto, generated on the device itself. The encrypted packets then flow through servers owned and operated by BlackBerry themselves.
    11-06-14 06:26 PM
  6. Baconwich's Avatar
    That is a looooooot of messenger apps I've never heard of...
    11-06-14 07:09 PM
  7. jr4941's Avatar
    This scorecard is certainly more biased towards open source type messaging apps.

    Posted via CB10
    11-06-14 07:57 PM
  8. cjcampbell's Avatar
    Without BIS,...BBM's travel over servers out of Blackberry's control.

    iMessage traffic travel's, encrypted, via servers owned and operated by Apple.

    Posted via the CrackBerry App for Android
    False. BBM still runs through the BlackBerry servers.
    CerveloJohn and damien kupuku like this.
    11-06-14 08:17 PM
  9. Toodeurep's Avatar
    Without BIS,...BBM's travel over servers out of Blackberry's control.

    iMessage traffic travel's, encrypted, via servers owned and operated by Apple.

    Posted via the CrackBerry App for Android
    No, not correct. Nice try though.
    CerveloJohn likes this.
    11-06-14 08:35 PM
  10. Oilerz88's Avatar
    Yeah. It is.

    Has been since BB10. And its not news to anyone paying attention.

    I used to be surprised at the surprise information like this garners on Crackberry. No more.

    Posted via the CrackBerry App for Android

    WRONG. Try again.
    11-06-14 08:40 PM
  11. app_Developer's Avatar
    For a company that wants to make their money via software they sure seem unable to get the apps and software right.

    BBM no longer secure as it once was.
    FB still lights years behind.
    BES12 still not out.
    BB10 still is missing many features of the Legacy OS.
    No improvement in BlackBerry Maps.
    BBM for DROID and Windows still behind its competitors.
    So that's my ultimate issue with Chen's plan. The company is focusing on software as the future, but that's actually the very thing this company is not very good at.

    I suck at throwing balls accurately. So I didn't decide to make my career as a pitcher or QB.


    Sent from my iPhone 6 using Tapatalk
    11-06-14 08:46 PM
  12. eddy_berry's Avatar
    Without BIS,...BBM's travel over servers out of Blackberry's control.

    iMessage traffic travel's, encrypted, via servers owned and operated by Apple.

    Posted via the CrackBerry App for Android
    That is horse doodoo.

    Posted via CB10
    11-06-14 09:51 PM
  13. kfh227's Avatar
    Two of those columns are horse****. Open source is a column?


    Audited? I'm sure bbm is audited internally so how did they conclude this?

    Posted via CB10
    11-06-14 09:54 PM
  14. kfh227's Avatar
    So that's my ultimate issue with Chen's plan. The company is focusing on software as the future, but that's actually the very thing this company is not very good at.

    I suck at throwing balls accurately. So I didn't decide to make my career as a pitcher or QB.


    Sent from my iPhone 6 using Tapatalk
    What is your background?

    Posted via CB10
    11-06-14 09:56 PM
  15. Tre Lawrence's Avatar
    Two of those columns are horse****. Open source is a column?


    Audited? I'm sure bbm is audited internally so how did they conclude this?

    Posted via CB10
    Yes, but auditing one's own product might not be considered very above board.
    11-06-14 09:59 PM
  16. Tre Lawrence's Avatar
    So that's my ultimate issue with Chen's plan. The company is focusing on software as the future, but that's actually the very thing this company is not very good at.

    I suck at throwing balls accurately. So I didn't decide to make my career as a pitcher or QB.


    Sent from my iPhone 6 using Tapatalk
    I suspect that the move to software might not be entirely voluntary.
    11-06-14 10:00 PM
  17. app_Developer's Avatar
    I suspect that the move to software might not be entirely voluntary.
    I guess that is true. I like the excitement around the company. I love the Passport. I'd even consider investing in BBRY, if it weren't for this one major flaw in the strategy.


    Sent from my iPhone 6 using Tapatalk
    11-06-14 10:18 PM
  18. Bluenoser63's Avatar
    Without BIS,...BBM's travel over servers out of Blackberry's control.

    iMessage traffic travel's, encrypted, via servers owned and operated by Apple.

    Posted via the CrackBerry App for Android
    I was going to respond, but I don't want to pile on the "wrong!!".
    CerveloJohn likes this.
    11-06-14 10:22 PM
  19. spyeagle's Avatar
    Of course, it must be bull if it reveals BB flaws...tell me if it were so secure why Blackberry released BBM Protected?
    And yet Apples pretty face on SMS must be more secure right?

    Posted via CB10 on my ?Z30
    11-06-14 10:27 PM
  20. iamrauu's Avatar
    Without BIS,...BBM's travel over servers out of Blackberry's control.

    iMessage traffic travel's, encrypted, via servers owned and operated by Apple.

    Posted via the CrackBerry App for Android
    Lol.. you need to do some more reading. you're embarrassing yourself son.
    CerveloJohn likes this.
    11-06-14 10:48 PM
  21. tchocky77's Avatar
    That is horse doodoo.

    Posted via CB10
    Mea Culpa.

    I was wrong.

    Posted via the CrackBerry App for Android
    11-06-14 11:42 PM
  22. tchocky77's Avatar
    Lol.. you need to do some more reading. you're embarrassing yourself son.
    Geez thanks Dad.

    Posted via the CrackBerry App for Android
    11-06-14 11:42 PM
  23. Heinz Katchup's Avatar
    I guess this is why all government figureheads. The people who most importantly have something to hide. Are all using iPhones, Android and WinPhone now.

    Posted with X10 via CB10
    11-07-14 12:02 AM
  24. tchocky77's Avatar
    I guess this is why all government figureheads. The people who most importantly have something to hide. Are all using iPhones, Android and WinPhone now.

    Posted with X10 via CB10
    Not "all" of them, no.

    But far more than are carrying BlackBerry phones are. Aren't they?

    And I'm sorry. But working a matrix of publicly-available information on some celebrities and cracking their weak-a55 icloud passwords is very definitely NOT the same thing as "hacking iCloud." YES. Apple absolutely should have had guess limiting on, and they didn't. But that's been addressed now.

    People here talk about that as if some intricate man in the middle cracking went down. And that's just not what happened.

    Posted via the CrackBerry App for Android
    11-07-14 01:15 AM
  25. Oilerz88's Avatar
    Isn't the President of the United States still using a 'Berry?
    CerveloJohn likes this.
    11-07-14 04:17 AM
98 1234

Similar Threads

  1. no icon to make call over bbm
    By bilinguin in forum General BBM Chat
    Replies: 15
    Last Post: 12-16-14, 03:33 PM
  2. PlayBook NOT dead... Bridge has just been updated!
    By Prem WatsApp in forum General BlackBerry Discussion
    Replies: 67
    Last Post: 11-07-14, 11:01 AM
  3. BBM Stickers overpriced?
    By talberry in forum General BBM Chat
    Replies: 7
    Last Post: 11-06-14, 07:52 AM
  4. BBM voice and video not working
    By marvini in forum BlackBerry Passport
    Replies: 5
    Last Post: 11-05-14, 07:41 AM
  5. Strange bbm call behaviour
    By greatgretschsound in forum BB10 Leaked/Beta OS
    Replies: 9
    Last Post: 11-04-14, 11:50 PM
LINK TO POST COPIED TO CLIPBOARD