09-28-15 04:50 PM
292 ... 9101112
tools
  1. m3ach's Avatar
    Never say never

    Posted via CB10
    I'm rather hoping it does happen, I could have three OS's in two phones then!
    07-09-15 04:35 PM
  2. asherN's Avatar
    Time will tell... have you ever wondered why BlackBerry spends time and money making possible an hypervisor that runs Android on top??? Only for cars? Sure not.

    Posted via CB10
    But QNX is a whole lot more than phones and cars. A hypervisor for ARM processors is a very interesting concept.
    07-09-15 04:53 PM
  3. TheScionicMan's Avatar
    That's severely oversimplifying how rooting works. Even if you've already rooted your device, someone would still need to implant malware that could take advantage of these newly-unlocked privileges. But any app that wants to use root permissions has to request them - and if you possess the technical knowledge to bother with rooting, hopefully you'll be smart enough to deny any suspect apps such a privilege.

    If, however, you haven't rooted your device like the vast majority of Android users, the traditional rooting process is nearly impossible to take advantage of as an exploit - it would take a pretty absurd set of circumstances.
    That's not what he asked. He asked why gaining root is bad.
    07-09-15 05:08 PM
  4. keithhackneysmullet's Avatar
    Deleted
    Last edited by keithhackneysmullet; 07-09-15 at 08:39 PM.
    07-09-15 05:48 PM
  5. keithhackneysmullet's Avatar
    Deleted my post because it was way off topic

    Posted via CB10
    07-09-15 05:51 PM
  6. LazyEvul's Avatar
    That's not what he asked. He asked why gaining root is bad.
    He asked "why the user having access to root is such a bad thing." You said "it's like locking all your valuables in a safe when anyone can override the lock." I pointed out the flaw in that analogy - you have to give someone permission to override the lock, which makes a substantial difference.
    07-09-15 06:03 PM
  7. Superfly_FR's Avatar
    Dumb post.
    Last edited by Superfly_FR; 07-09-15 at 07:32 PM.
    07-09-15 07:12 PM
  8. Superfly_FR's Avatar
    All people here thinks OHA is sacred word, but we must remember Google owns OHA and owns Android.

    They can do whatever they please with OHA and Android. If Google reach an agreement with BlackBerry to change OHA terms, all is possible, including to make "legal" QNX hypervisor.

    Posted via CB10
    No. In OHA There's 'alliance' it's a deal engaging each other and I don't think Google can change the rules without the agreement of -at least- most.

    Posted via CB10
    07-09-15 07:15 PM
  9. Superfly_FR's Avatar
    He asked "why the user having access to root is such a bad thing." You said "it's like locking all your valuables in a safe when anyone can override the lock." I pointed out the flaw in that analogy - you have to give someone permission to override the lock, which makes a substantial difference.
    Hum. You have to be *able* to lock the Rom to pretend giving or not acces.
    AFAIK nor android makers nor apple have been successful in this area.

    Posted via CB10
    07-09-15 07:18 PM
  10. fschmeck's Avatar
    Providing they remove the Android runtime from BB10, nothing prevents them.
    So basically they could pull the Android runtime out of 10.4 and have a separate line of "Android by Blackberry" devices. Either way I don't see how the future for BB10 is anything but bleak.

    Maybe there is some merit in turning BB10 into the "secure only" platform for a niche, kind of like OS/2 was at one put for banks and atm machines. Of course, that train eventually comes to a stop as well.

    Posted via CB10
    Dunt Dunt Dunt likes this.
    07-09-15 07:25 PM
  11. Superfly_FR's Avatar
    That's severely oversimplifying how rooting works. Even if you've already rooted your device, someone would still need to ...
    Unless the root itself Is the problem. The point is here: when rooting you have virtually no idea of how your device will behave and what you substitute to genuine software.
    Say a simple root will change the server address of OTA upgrades and whitelists several apps with root privileges. Or, more easier, embbeds a key logger (add many other easy and invisible hacks here).
    Not only it would jeopardize the device but also potentially any connected infrastructure.
    Hey, I know this is unlikely to happen...
    Still, in the (enterprise) security context, this is a 100% no-go.



    Posted via CB10
    07-09-15 07:28 PM
  12. LazyEvul's Avatar
    Unless the root itself Is the problem. The point is here: when rooting you have virtually no idea of how your device will behave and what you substitute to genuine software.
    Say a simple root will change the server address of OTA upgrades and whitelists several apps with root privileges. Or, more easier, embbeds a key logger (add many other easy and invisible hacks here).
    Not only it would jeopardize the device but also potentially any connected infrastructure.
    Hey, I know this is unlikely to happen...
    Still, in the (enterprise) security context, this is a 100% no-go.



    Posted via CB10
    The typical root procedure should not substitute any software, in theory. It uses an exploit to install a binary with root permissions on your current ROM, which can then be used to grant root permissions via an app. One of the most popular apps for granting these permissions, SuperSU, is available on Google Play and has ran through Google's malware checks as a result.

    Of course, the root binary itself could potentially come packaged with malicious content. But I've never heard of this happening in practice, and the vast Android tinkering community probably wouldn't take long to call foul.

    However, I will agree that rooting is no-go in enterprise, or other high-security environments. It provides another vector of attack and relies significantly on the user to deny root permissions for suspicious apps. For a normal person who just enjoys tinkering with technology, this isn't likely to be a concern. But for a high-value target? Root is not likely to be worth the risk.
    07-09-15 08:12 PM
  13. BB-JAM215's Avatar
    Because gaining root privileges undermines the security model. How do you secure something when someone else can gain the rights to change your security settings? It's like locking all your valuables in a safe when anyone can override the lock. How safe are your valuables?
    Having root privileges only undermines the security model for us non-BES consumers. BES and other mobile device management systems achieve the desired security by separating work and personal spaces and using encryption to secure work related documents and communications.
    07-09-15 08:27 PM
  14. Dunt Dunt Dunt's Avatar
    Having root privileges only undermines the security model for us non-BES consumers. BES and other mobile device management systems achieve the desired security by separating work and personal spaces and using encryption to secure work related documents and communications.
    And by detecting a rooted device and then using IT policies to determine how to react to such a device....

    Too be honest... I don't know what would make an Android Device not secure from an EMM/IT perspective. Maybe someone that is a BES Administrator could explain....
    07-10-15 07:23 AM
  15. BB-JAM215's Avatar
    And by detecting a rooted device and then using IT policies to determine how to react to such a device....

    Too be honest... I don't know what would make an Android Device not secure from an EMM/IT perspective. Maybe someone that is a BES Administrator could explain....
    As you've indicated, it would be more of an IT policy administrative issue than a security issue. Since users of Android devices have more control over them, they become more work to administer. It's easy to find instructions on how to remove Samsung Knox from your phone.
    07-10-15 09:18 AM
  16. Dunt Dunt Dunt's Avatar
    As you've indicated, it would be more of an IT policy administrative issue than a security issue. Since users of Android devices have more control over them, they become more work to administer. It's easy to find instructions on how to remove Samsung Knox from your phone.
    But if you do that, do you still have access to that network or the information?
    07-10-15 09:34 AM
  17. LazyEvul's Avatar
    As you've indicated, it would be more of an IT policy administrative issue than a security issue. Since users of Android devices have more control over them, they become more work to administer. It's easy to find instructions on how to remove Samsung Knox from your phone.
    But why would the average enterprise user even want to remove Knox? The only incentive to remove it is for rooting purposes - and most people don't bother rooting their devices.

    Plus, any data contained within the Knox container would be gone along with Knox itself. And any corporate network access? Gone as well. It's an unlikely event that poses no security risk - at best, it's a nuisance.
    mornhavon and Dunt Dunt Dunt like this.
    07-10-15 09:43 AM
  18. BB-JAM215's Avatar
    I agree, the administrative problems are not likely to come from intentional actions on the part of the user.
    07-10-15 10:06 AM
  19. Xaiux's Avatar
    Because gaining root privileges undermines the security model. How do you secure something when someone else can gain the rights to change your security settings? It's like locking all your valuables in a safe when anyone can override the lock. How safe are your valuables?
    My valuables are perfectly safe if I can control who has access to the lock. Otherwise, without root, even I don't have access to the lock.
    07-10-15 10:13 AM
  20. dejanh's Avatar
    This was announced back in March.

    THE BLACKBERRY EXPERIENCE SUITE
    BlackBerry is bringing deeply integrated productivity, communication and collaboration and security experiences to all smartphone and tablet users running iOS, Android™ and Windows operating systems.
    We want to empower all mobile professionals with solutions that supercharge their productivity and allow them to work across all their devices in an effortless and secure way.

    The BlackBerry Experience Suite will be comprised of three suites of services that will bundle different BlackBerry solutions together.

    Watch the BlackBerry Experience Suite video
    https://global.blackberry.com/en/ent...nce-suite.html
    No mention there of this being a BES only feature, as you have led me to believe through your initial statement.
    07-10-15 12:03 PM
  21. BB-JAM215's Avatar
    No mention there of this being a BES only feature, as you have led me to believe through your initial statement.
    No mention of these three suites of services and solutions being free either.
    07-10-15 02:23 PM
  22. dejanh's Avatar
    No mention of these three suites of services and solutions being free either.
    I don't care if they are pay-for or free. I will pay for them. I only want them to be available for me to buy.
    07-10-15 02:28 PM
  23. Dunt Dunt Dunt's Avatar
    No mention of these three suites of services and solutions being free either.
    Chen is about making money and there is nothing I can think of that would make me think he is going to make this suite of Apps free.

    Not saying it isn't possible that they are free and maybe for a small subscription you can unlock more features. But I think BBM has shown him that monetizing a free app is harder than expected.

    And the key is all the info on this suite, is under the Enterprise portion of BlackBerry. These will be a BES add-on apps subscription apps most likely in my view. You will most likely have to have a corporate BES Account or a personal BES Cloud account.

    But so far BlackBerry hasn't said what they will be.
    jmr1015 likes this.
    07-10-15 02:39 PM
  24. Bonsaibo's Avatar
    Chen is about making money and there is nothing I can think of that would make me think he is going to make this suite of Apps free.

    Not saying it isn't possible that they are free and maybe for a small subscription you can unlock more features. But I think BBM has shown him that monetizing a free app is harder than expected.

    And the key is all the info on this suite, is under the Enterprise portion of BlackBerry. These will be a BES add-on apps subscription apps most likely in my view. You will most likely have to have a corporate BES Account or a personal BES Cloud account.

    But so far BlackBerry hasn't said what they will be.
    Of course, if one buys a BlackBerry Android, regardless of BES or not, one would hope they'd be free. Assuming there is ever a DroidBerry.
    07-10-15 07:00 PM
  25. gabbleratchet's Avatar
    One way to get around the OHA rules would be to make the new android phones Samsung-branded devices. Blackberry develops and licences certain components: the BlackBerry experience suite, the capacitive keyboard, etc.

    Maybe there's some limited use of the BlackBerry brand on the Samsung phones, like "Powered by Android, Secured by BlackBerry"

    However, since the phone isn't technically a BlackBerry-branded device, BlackBerry is free to continue to develop its own bb10 line of phones with the Android runtime.

    Posted via the CrackBerry App for Android
    gfondeur likes this.
    07-10-15 09:20 PM
292 ... 9101112

Similar Threads

  1. Unable to access files from BlackBerry Link and Blend
    By Joonty in forum BlackBerry Leap
    Replies: 2
    Last Post: 07-14-15, 04:52 PM
  2. Replies: 67
    Last Post: 07-10-15, 12:58 PM
  3. Replies: 3
    Last Post: 07-08-15, 12:20 AM
  4. Latest version of Instagram now working with 10.3.2 update
    By RowSkilly in forum Android Apps (Amazon Store & APK Files)
    Replies: 2
    Last Post: 07-07-15, 10:40 PM
  5. New update - issue with large screen on initial opening
    By siglerm in forum BlackBerry Z10
    Replies: 3
    Last Post: 07-07-15, 08:45 PM
LINK TO POST COPIED TO CLIPBOARD