If you're genuinely interested in how effective BlackBerry 10 security is then you'll most certainly be interested in checking out the upcoming Black Hat US 2013 conference being held in Las Vegas July 27th - August 1st. At the event, there will be a briefing held by Ralf-Philipp Weinmann, who is a research associate at the Interdisciplinary Centre for Security, Reliability and Trust (SnT) of the University of Luxembourg. As noted on the Black Hat 2013 site, his briefing will cover BlackBerry 10 from a security perspective:
BlackBerry prides itself with being a strong contender in the field of secure mobile platforms. While traditionally BlackBerryOS was based on a proprietary RTOS with a JVM propped on top, the architecture was completely overhauled with BlackBerryOS 10. Now the base operating system is the formerly off-the-shelf RTOS QNX, which doesn't exactly have an excellent security track record. Moreover, for the first time in BBOS history, native code applications are allowed on the platform.This talk will present an analysis of the attack surface of BBOS 10, considering both ways to escalate privileges locally and routes for remote entry. Moreover, since exploitation is only half the work of offense, we'll show ways for rootkits to persist on the device. Last but not least we will settle whether BlackBerry Balance really holds what it promises: are mobile devices really ready to securely separate crucial business data from Angry Birds?
With all that has been happening over the past little while with the NSA leaks and further questioning of BlackBerry security, it would certainly be an interesting session to take in. It's one I'm sure the BlackBerry Security Incident Response Team will be paying attention to as well.
Aside from BlackBerry 10 being discussed though, there will also be briefings on Android and iOS as well and the security exploits that exist for those systems. If you're looking to learn more about the Black Hat 2013 conference, you can hit the link below to be taken directly to the conference website.