Backdoors and surveillance mechanisms in iOS devices

This paper is actually half a year old – give or take – but it’s gotten a lot of attention recently due to, well, the fact that he has uploaded a PowerPoint from a talk about these matters, which is obviously a little bit more accessible than a proper scientific journal article.

For instance, despite Apple’s claims of not being able to read your encrypted iMessages, there’s this:

“In October 2013, Quarkslab exposed design flaws in Apple’s iMessage protocol demonstrating that Apple does, despite its vehement denial, have the technical capability to intercept private iMessage traffic if they so desired, or were coerced to under a court order. The iMessage protocol is touted to use end-to-end encryption, however Quarkslab revealed in their research that the asymmetric keys generated to perform this encryption are exchanged through key directory servers centrally managed by Apple, which allow for substitute keys to be injected to allow eavesdropping to be performed. Similarly, the group revealed that certificate pinning, a very common and easy-to-implement certificate chain security mechanism, was not implemented in iMessage, potentially allowing malicious parties to perform MiTM attacks against iMessage in the same fashion.”

There are also several services in iOS that facilitate organisations like the NSA, yet these features have no reason to be there. They are not referenced by any (known) Apple software, do not require developer mode (so they’re not debugging tools or anything), and are available on every single iOS device.

One example of these services is a packet sniffer, com.apple.pcapd, which “dumps network traffic and HTTP request/response data traveling into and out of the device” and “can be targeted via WiFi for remote monitoring”. It runs on every iOS device. Then there’s com.apple.mobile.file_relay, which “completely bypasses Apple’s backup encryption for end-user security”, “has evolved considerably, even in iOS 7, to expose much personal data”, and is “very intentionally placed and intended to dump data from the device by request”.

This second one, especially, only gave relatively limited access in iOS 2.x, but in iOS 7 has grown to give access to pretty much everything, down to “a complete metadata disk sparseimage of the iOS file system, sans actual content”, meaning time stamps, file names, names of all installed applications and their documents, configured email accounts, and lot more. As you can see, the exposed information goes quite deep.

Apple is a company that continuously claims it cares about security and your privacy, but yet they actively make it easy to get to all your personal data. There’s a massive contradiction between Apple’s marketing fluff on the one hand, and the reality of the access iOS provides to your personal data on the other – down to outright lies about Apple not being able to read your iMessages.

Those of us who aren’t corporate cheerleaders are not surprised by this in the slightest – Apple, Microsoft, Google, they’re all the same – but I still encounter people online every day who seem to believe the marketing nonsense Apple puts out. People, it doesn’t get much clearer than this: Apple does not care about your privacy any more or less than its competitors.

Source: OS News

Note: this is not mentioned in the original article but is definitely worth noting that there is at least one company put there that cares about your privacy and always has and is the leader in security. That’s BlackBerry of course, they should be recognized for how great they are and they continually get over looked unless it is for something negative. BlackBerry for life! Best mobile OS is BlackBerry 10, period.

BlackBerry’s ultra-secure chat gives each message its own security key

Chat systems like BBM (BlackBerry Messenger) are typically very secure, since they’re encrypted end-to-end. However, they still have a glaring flaw: if intruders do crack the code, they can see everything you’ve said. That’s where BlackBerry’s soon-to-launch BBM Protected comes in. As the company showed at its BlackBerry Experience Washington event (CrackBerry’s video is below), the new service makes it extremely difficult to spy on an entire conversation. Each message has its own random encryption key; even a very clever data thief would only get one tidbit at a time, so it could take ages to piece together a full chat.

BBM Protected will only be available for corporate-controlled BlackBerry devices when it launches as part of an enterprise suite in June, although that will include anything running the now-ancient BlackBerry OS 6 or higher. The chat client won’t be available for personal phones running BlackBerry Balance until early fall, while Android and iOS users will have to wait until late fall or early winter. All the same, it might be worth holding out if you’re really, truly worried that someone is watching your private discussions.

Source: Engadget

BlackBerry Tumblr app Trapeez available in Beta Zone

The native Tumblr app Trapeez developed by Kisai Labs has a beta version, version 1.5.0.0 available in BlackBerry Beta Zone.

Google Chrome working on latest BlackBerry 10.3 leak

Using the latest leaked version of BlackBerry 10.3 software version 10.3.0.296. I haven’t yet had a chance to try any other Google apps and in earlier versions of BlackBerry 10 you could not use any apps that require Google Services. A couple more screen shots of Chrome running perfectly on my Z10.

World’s Leading Businesses are Secure with BlackBerry: Let’s Separate Facts from Fiction

Amidst recent media speculation around BlackBerry and hopeful claims of competitors, we decided to set the record straight by coming up with some facts about our pedigree within the EMM space. The below infographic consolidates key details about our current market position, security certifications, award-winning customer service and investments in our future. If it’s not clear already, we are absolutely committed to providing secure and innovative solutions to our customers and giving them the peace of mind they deserve.

BlackBerry is focused on bringing its secure EMM solution and award-winning service to customers around the world. In response to requests from customers to consolidate their enterprise mobility management (EMM) environment and leverage existing investments, we’re soon launching EZ Pass – a simple, cost effective migration path to BlackBerry Enterprise Service 10 with free licenses and Advantage level technical support through January 31, 2015. Learn more at http://el.blackberry.com/ezpass.

Source: Inside BlackBerry Business Blog

BlackBerry First To Receive “Full Operational Capability” On U.S. DoD Networks

BlackBerry received a huge win today, as the company announced BlackBerry 10 is the first mobile operating system to have achieved Full Operational Capability on the DoD networks of the United States government.

Below is the entire press release.

BlackBerry First to Receive Coveted “Full Operational Capability” on U.S. Department of Defense Networks

Validation completes DISA’s certification process for BlackBerry 10 mobility management platform

WATERLOO, ONTARIO–(Marketwired – March 27, 2014) – BlackBerry Limited (NASDAQ: BBRY)(TSX: BB), a world leader in mobile communications, today announced that BlackBerry® 10 has become the first mobility solution to receive Full Operational Capability (FOC) to run on U.S. Department of Defense (DoD) networks from the U.S. Defense Information Systems Agency (DISA). The designation follows the Company’s Authority to Operate (ATO) certification and enables government users with a BlackBerry 10 smartphone connected with BlackBerry® Enterprise Service 10 (BES10) to securely access email, data, apps and other DoD network resources.

BlackBerry was the first Mobile Device Management (MDM) provider to earn ATO and becomes the only vendor with FOC. The granting of FOC completes BlackBerry’s security certification process with the DoD.

“As the first mobile solutions provider to achieve FOC, BlackBerry continues to prove why we are the most trusted enterprise mobility platform,” said John Sims, President of Global Enterprise Services at BlackBerry. “BlackBerry worked side-by-side with DISA to help certify the BlackBerry 10 solution offering the U.S. government an end-to-end mobile infrastructure that does not compromise on security and provides the most productive and collaborative mobile experience.”

FOC allows government employees to realize the full security, productivity, communication and collaboration benefits of the BlackBerry 10 solution. One of the key features now available to DoD customers with a BlackBerry 10 smartphone is BlackBerry® Balance™ technology, which allows users to instantly toggle between work and personal profiles. BlackBerry Balance separates and secures work data from personal content, allowing the user to gain secure access to DoD network resources, along with the full benefits of a consumer experience. BlackBerry 10 smartphones are the only DoD-approved smartphones with this capability.

About BlackBerry

A global leader in mobile communications, BlackBerry® revolutionized the mobile industry when it was introduced in 1999. Today, BlackBerry aims to inspire the success of our millions of customers around the world by continuously pushing the boundaries of mobile experiences. Founded in 1984 and based in Waterloo, Ontario, BlackBerry operates offices in North America, Europe, Asia Pacific and Latin America. The Company trades under the ticker symbols “BB” on the Toronto Stock Exchange and “BBRY” on the NASDAQ. For more information, visit http://www.blackberry.com.

Forward-looking statements in this news release are made pursuant to the “safe harbor” provisions of the U.S. Private Securities Litigation Reform Act of 1995 and applicable Canadian securities laws. When used herein, words such as “expect”, “anticipate”, “estimate”, “may”, “will”, “should”, “intend”, “believe”, and similar expressions, are intended to identify forward-looking statements. Forward-looking statements are based on estimates and assumptions made by BlackBerry Limited in light of its experience and its perception of historical trends, current conditions and expected future developments, as well as other factors that BlackBerry believes are appropriate in the circumstances. Many factors could cause BlackBerry’s actual results, performance or achievements to differ materially from those expressed or implied by the forward-looking statements, including those described in the “Risk Factors” section of BlackBerry’s Annual Information Form, which is included in its Annu al Report on Form 40-F (copies of which filings may be obtained at http://www.sedar.com or http://www.sec.gov). These factors should be considered carefully, and readers should not place undue reliance on BlackBerry’s forward-looking statements. BlackBerry has no intention and undertakes no obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.

BlackBerry and related trademarks, names and logos are the property of BlackBerry Limited and are registered and/or used in the U.S. and countries around the world. All other marks are the property of their respective owners. BlackBerry is not responsible for any third-party products or services.

BlackBerry Met With Facebook Last Week on Potential Bid

Via: WSJ BlackBerry Ltd. executives flew to California to meet with Facebook Inc. last week to gauge its interest in a potential bid for the struggling smartphone-maker, according to people familiar with the matter.

It remains unclear whether Facebook is interested in placing a bid. Spokesmen for both companies declined to comment.

Last month BlackBerry struck a preliminary deal to go private with Canadian insurer Fairfax Financial Holdings Ltd. for $4.7 billion, or $9 a share. The due diligence period for that deal ends next week, but BlackBerry and its advisers remain open to interest from other potential bidders. The deadline for other bids is Monday.

BlackBerry does have other players circling. Earlier this month The Wall Street Journal reported that Chinese computer giant Lenovo Group Ltd. was interested in a possible bid. And BlackBerry has signed a nondisclosure agreement with distressed asset specialists Cerberus Captial Management LP, people familiar with the matter have said.

BlackBerry’s co-founders, Mike Lazaridis and Doug Fregin are also weighing a bid, according to a Securities and Exchange Commission filing earlier this month.

Source: WSJ

BlackBerry Open Letter 10/15/2013

Below is BlackBerry’s open letter to customers published 10/15/2013.

TO OUR VALUED CUSTOMERS, PARTNERS AND FANS:

You’ve no doubt seen the headlines about BlackBerry®‎. You’re probably wondering what they mean for you as one of the tens of millions of users who count on BlackBerry every single day.

We have one important message for you:

YOU CAN CONTINUE TO COUNT ON BLACKBERRY.

How do we know? We have substantial cash on hand and a balance sheet that is debt free. We are restructuring with a goal to cut our expenses by 50 percent in order to run a very efficient, customer-oriented organization.

These are no doubt challenging times for us and we don’t underestimate the situation or ignore the challenges we are facing. We are making the difficult changes necessary to strengthen BlackBerry.

One thing we will never change is our commitment to those of you who helped build BlackBerry into the most trusted tool for the world’s business professional.

And speaking of those dramatic headlines, it’s important that we set the record straight on a few things.

BEST IN CLASS PRODUCTIVITY TOOL

We have completely revamped our device portfolio this year with the launch of BlackBerry® 10. We have four BlackBerry 10 devices – two all touch and two hybrid (touch and QWERTY) – and all are running the third update of our new platform. If what you care about most is getting things done – taking care of your business — we have the best range of devices for you. And we continue to offer the best mobile typing experience – no ifs, ands or buts about it.

BEST IN CLASS SECURITY

Governments all over the world, global corporations and businesses that simply cannot compromise on security choose and trust BlackBerry. Security is our heritage, and the industry recognizes that BlackBerry is the most secure when it comes to the device, server and, of course, our global data network. Have no doubt that you can continue to trust us to keep your communication safe and private.

BEST IN CLASS ENTERPRISE MOBILITY MANAGEMENT

We changed with the market, embracing BYOD because we understand that as iOS and Android™ devices become common in the workplace, businesses still need to manage all of these different platforms seamlessly and securely.

This is not a trivial task. While there are a number of startup companies that make bold claims, BlackBerry has more software engineers and the most resources dedicated to developing the most innovative solutions to address this complex challenge.

And our customers know it. Over the past quarter, our BlackBerry® Enterprise Service 10 server base grew from 19,000 to more than 25,000. Corporate clients are committed to deploying and testing the latest enterprise technology from BlackBerry. We are committed to evolving with our customers. That will never change.

BEST IN CLASS MOBILE SOCIAL NETWORK

We are bringing the most engaging mobile messaging platform to all, with our BBM™ launch for Android™ and iPhone. There are already around six million customers pre-registered to be notified of our roll out. This number is growing every day, and speaks to the tremendous opportunity we have to expand BBM beyond BlackBerry® smartphones to make it the world’s largest mobile social network.

Yes, there is a lot of competition out there and we know that BlackBerry is not for everyone. That’s OK. You have always known that BlackBerry is different, that BlackBerry can set you apart. Countless world-changing decisions have been finalized, deals closed and critical communications made via BlackBerry. And for many of you that created a bond, a connection that goes back more than a decade.

We believe in BlackBerry – our people, our technology and our ability to adapt. More importantly, we believe in you. We focus every day on what it takes to make sure that you can take care of business.

You trust your BlackBerry to deliver your most important messages, so trust us when we deliver one of our own: You can continue to count on us.

Sincerely,
The BlackBerry Team

Follow us @BlackBerry for our updates.

Source: http://us.blackberry.com

iPhone 5s vs. the competition: Spec comparison

Via: Android Central

It’s no secret that Apple has just unveiled its latest devices, the iPhone 5s and 5c, and while our friends over at iMore dive deeper into the Apple-centric coverage we want to see how its latest device’s specs stack up against the Android hardware.

Going head-to-head with Google’s (admittedly 11-month old) latest reference device the Nexus 4 and the HTC One, the iPhone 5s stacks up pretty comparably. The latest iPhone sticks with the 4-inch 326 ppi “Retina” display, matching up to the 4.7-inch 320 ppi of the Nexus 4 and absurdly nice 4.7-inch 468 ppi of the One. On the camera front Apple has moved to an 8MP BSI camera much like the Nexus 4, but with larger pixels like the One and a few new features included in the form of software optimization, a new image signal processor and dual LED flash.

The rest of the specs round out very similarly as other high-end devices out there today, but there are naturally a few points where each device stands out. Stick around after the break for a full spec-by-spec breakdown of the iPhone 5S vs. the Nexus 4, HTC One and the latest BlackBerry and Windows Phone handsets.

Source: Android Central

BlackBerry Demos BBM on iPhone and Android at TIFF

BlackBerry is gearing up to launch cross-platform BBM for iOS and Android. Although, there seems to have been a little bit of a drawback on getting BBM approved by Apple, but BlackBerry intends to launch BBM this month.

If you had attended the BlackBerry Experience at the Toronto International Film Festival, you might have gotten an early glimpse of BBM running on an iPhone 5 and Samsung Galaxy S4.

This is the first time we’ve seen BBM glimpsed on an iPhone, aside from the featured image we used in this article. Nevertheless, as expected, the UI for BBM on iOS and Android looks nearly identical as that on BlackBerry 10.

Stay tuned as BlackBerry will soon kick off the BBM4ALL campaign once BBM is approved to the Google Play and Apple App Store.

Source: N4BB