Google's annual Android Security Review names PRIV one of the most secure smartphones of last year. While rather unsurprising to most of us here, there are some areas of the report that BlackBerry's software efforts receive some substantial kudos.
BlackBerry is named among several manufacturers regularly delivering security updates to flagship devices on the same day as Google. What's more, after looking at last year Google quantified that the BlackBerry Priv devices in the market were at a 95% update rate. Consistent monthly security updates paired with all the hardening of the software stack BlackBerry implements has maintained BlackBerry's security credence in the Android marketplace.
Google gave a special callout to BlackBerry with regards to Zero Day Patching. As BlackBerry Android software utilizes customized kernel hardening and a bottom-up security implementation throughout various layers of Android, they were able to quickly patch a critical exploit and deliver it to customers in time for the November 2016 security update.
The combination of regular monthly security updates and fast responses by Android device manufacturers significantly mitigated the impact of zero-day vulnerabilities against the Android platform. For example, CVE-2016-5195 (also known as Dirty Cow) was publicly disclosed on October 19, 2016. As the patch was available from upstream Linux, some device manufacturers, such as BlackBerry, deployed a fix in time for the November 2016 security update. We created a special patch string (November 06, 2016) for devices to indicate the vulnerability had been fixed. A fix was required for the December 01, 2016 security patch level.
BlackBerry was paying attention and was swift to apply the patch to their software even though it became public toward the end of October. This attention to security detail along with the other kudos given above in the Google report reaffirm what BlackBerry is capable of doing to secure Android for users.
In the QnA portion of the March 31st earnings call that you can replay here. Chen mentioned a further hardening of Android by the codename Black Widow. You should not expect BlackBerry to pull back on their Android security efforts if anything the company will double down and continue to drive their unique value proposition on the platform.
If you're interested in learning more from Google's Android Security 2016 report, it's a 71-page read and lots of fun so set some time aside and dive in.