We may earn a commission for purchases using our links. Learn more.
Remember when we told you about the Black Hat session that would be covering BlackBerry 10 OS security? At the time, the description sounded as though Ralf-Philipp Weinmann, who is a research associate at the Interdisciplinary Centre for Security, Reliability and Trust (SnT) of the University of Luxembourg, had some interesting things to say but as we now know, he didn't have anything overly interesting to say at all.
Rather than dropping a bombshell of knowledge on folks, he ended up stating nothing outside of the obvious for BlackBerry and most users. His biggest piece of news was that BlackBerry 10 contains QUIP, a diagnostic tool that has the ability to collect various user data, including voice and audio communications, screen captures and memory dumps which can be sent to BlackBerry and it's off by default.
Outside of that, his other 'major' findings were that applications can be easily loaded onto the devices and maintain persistence, something in his own words is not as secure as iOS but "it’s somewhat, if not significantly, better than on most Android phones.” In short, applications can be side loaded and when such a thing takes place, they'll remain on the device. A possible entry point for exploits that could potentially allow escalated privileges. Again, something that is well known.
Perhaps the most interesting thing to come from Ralf-Philipp Weinmann's session is the noted fact that BlackBerry 10 contains additional security features that help with exploit mitigation such as ASLR, DEP and stack cookies. In the end, the whole session was based on theoretical conversation with no 'proof of concepts' shown off or exploits divulged. Just the obvious fact that it could, potentially, be exploitable.
tl;dr: The BlackBerry Security Incident Response Team isn't running around trying to figure out how to patch any exploits uncovered by this guy and that's a good thing.
Read more
How Go Talk intends to be the BlackBerry of mobile carriers
Identity theft often goes through an unexpected route: conning the carrier. Go Talk Wireless wants to stamp out SIM swap fraud at the source.
Could AphyOS be the BlackBerry 10 successor we’ve been waiting for?
I met with representatives of Apostrophy at CES and received a first look at AphyOS — a new privacy-focused, subscription-based mobile OS that is expected launch later this year.
The Apple Watch Ultra is perfect for more than just fitness buffs
The Apple Watch Ultra is positioned as a smartwatch in a class of its own among Apple's smartwatch lineup, and it's in a class of its own amongst all smartwatches. Here's why we love it!
CrackBerry website migration happening this Saturday - DONE
Today is 2/22/22, which has put the number TWO in my head and made me realize it has been a minute or two since I've updated everyone on CrackBerry 2.0 relaunch progress. To fix that, here's an update starting with two exciting things happening this Saturday: 1. CrackBerry Turns 15! February 26, 2022 marks 15 years since CrackBerry.com officially launched. Seriously, where does the...