Ahead of the BlackBerry Priv launch, there was one question that popped up a lot in the CrackBerry Forums, and that was, how would BlackBerry handle the ability to root Android on the Priv? After all, BlackBerry is a company that has a history and reputation of building secure devices; surely they wouldn't just let their device be rooted easily, but how would they prevent it given its prevalence in the Android world and why would they even want to?
Turns out, BlackBerry spent a lot of time thinking about this, as they should have and they've now posted up a new blog post highlighting how and why the Priv protects against rooting. The article itself takes the time to explain rooting, some of the benefits as well as the disadvantages of it but also offers a look at how BlackBerry Integrity Detection works to prevent rooting of the Priv. If some of this sounds familiar, it's because BlackBerry touched on it through several articles ahead of and after the Priv launch, the recent article just goes into greater detail.
BlackBerry Integrity Detection
Priv by BlackBerry comes with built-in BlackBerry Integrity Detection, which continuously monitors for events or configuration changes that could compromise the security of the device. This includes:
- Checking the integrity of the kernel on device bootup
- Checking for unauthorized changes to the SELinux policy
- Monitoring file system mounting permissions
- Ensuring that unauthorized apps don't acquire escalated privileges
- Disabling security-sensitive applications such as path trust
BlackBerry Integrity Detection uses an application in the BlackBerry Secure Compound to provide a trust anchor and generate integrity reports. These reports are digitally signed with ECC-256 and backed by a certificate that chains up to a BlackBerry Certificate Authority, allowing third-party Enterprise Mobility Management solutions and monitoring apps to verify their authenticity. BlackBerry Integrity Detection integrates seamlessly with the new Good Secure EMM Suites and BES12, allowing IT administrators to monitor for rooted and jailbroken devices. If a potential compromise is detected, administrators can configure alerts, prevent the device from accessing the corporate network, or even remotely wipe the device. You can also verify BlackBerry Integrity Detection yourself through the preloaded DTEK app – simply look for the green checkmark beside "Operating system integrity."
BlackBerry rightly points out in the article that preventing and detecting rooting is one of the most difficult games of cat-and-mouse, so they're always going to have to be on the lookout for new methods and in turn, come up with ways to prevent them from working. In any case, the article is an interesting read, so if you haven't given it a look yet be sure to do so. Also, aside from reading the blog post, I fully suggest you look into the security guide for BlackBerry powered by Android as it describes the privacy and security of Priv hardware and software.