back to article Report: BlackBerry BYOD-ware doesn't pass UK.gov security test

BlackBerry Balance, the new feature in BB10 aimed at meeting demand for bring-your-own-device regimes, has been found insufficiently secure for that purpose by Britain's Communications Electronics Security Group (CESG). The CESG, an offshoot of the British signals and electronic intelligence agency GCHQ, describes itself as "the …

COMMENTS

This topic is closed for new posts.
Unhappy

Bis / bes

Not sure how much has changed between 7.1 and 10, but the fact that there's no more bis on bb10, doesn't bode well. Maybe it's like a placebo effective, but it seemed all a bit more secure to me.

If nothing else, the fact we're no longer getting compression on the requested data, using a bb10 will cost more per month. Having read up on cost per plan in Europe vs US, I'm shocked. Shocked!

0
0
Anonymous Coward

Re: Bis / bes

Blackberry are a Dodo on life support. #deadphone

0
5
Anonymous Coward

Re: Bis / bes

#tiresome

3
0
Linux

Or...

K-9 and APG to provide gpg signing and encryption

Textsecure for encrypted texting records and messaging, although why doctors need to discuss patients over texting is not something I understand.

Gibberbot for jabber/gmail encrypted chat comms.

Redphone for voice.

And android built in encryption. I'm not going to claim android is better than IOS for full disk encryption, but if that's your threat model the game is already over, because you shouldn't have copies of secured docs sitting on your phone.

0
1

I know why they can't get "restricted" certification.

As yet BlackBerry hasn't forgotten a z10 on public transit, which seems to be a requirement. :P

1
0

Bring your own Blackberry to work?

What craziness is this... isn't the reason you have a blackberry either ;-

1) You are a south london scalywag teenager who doesn't want to pay for SMS

2) You have been given it by your office when what you really wanted was an iPhone.

3
9
Anonymous Coward

Re: Bring your own Blackberry to work?

Or - you're a perfectly normal teenager who got one for Christmas with a £7 or £10 a month contract, can send unlimited messages to friends, and know your parents can't afford £600 up front or £43 a month for an iPhone?

Or you're someone who sends a lot of messages and really cannot get on with glass keyboards.

Much of the Apple or big screen Android owner mockery is directed purely at people with less money than they have.

10
0
Silver badge
Meh

Re: Bring your own Blackberry to work?

An iPhone....oh how ordinary!

1
1
Silver badge

Still hackable by the Newspapers?

0
1
Silver badge

So broken by design or just a bug?

If it's just a bug they can rectify the issue with a firmware update. They should be more worried if it's something about balance that can't be fixed without seriously compromising the entire design of the software.

0
0
Anonymous Coward

I suspect, based on other sources

It's possible that the issue is that Balance prevents remote wipe of user data, which includes the removable micro SD card. Balance is supposed to prevent you from moving data from the green zone to the red zone, but there is always the possibility of photographing a secret document and saving it on the removable card. Like the old Minox, where you could photograph a load of documents, remove the cassette, cut off the feed side, lose the camera down a ventilation chute or the like, and walk out of the building with all the data on a plastic thing in a pocket (or an intimate cavity) that would probably be missed by most searchers.

It's already been suggested that BlackBerry may have to bring out a crippled BB10 phone for government use with no removable card and no camera.

Removable micro SD cards are an endangered species with many manufacturers, partly because they want you to depend on their cloud services for data storage but, I suspect, largely for security reasons.

2
0

Re: I suspect, based on other sources

>Removable micro SD cards are an endangered species with many manufacturers, partly because they want >you to depend on their cloud services for data storage but, I suspect, largely for security reasons.

I suspect it's the other way around, at least with tablets - apple, google and amazon devices are rather light on microSD card support, whereas my (sort of no-name) Novo7 Fire for example has one, and since I wanted to have my music on a large card rather than taking up memory the big names have lost me as a customer.

'follow the money' seems to suggest that those with large online shops would prefer you didn't have a microSd card slot.

Oh - and I wanted OTG support which at least the Kindle Fire doesn't support, I didn't bother checking the other tablets.

1
0
Silver badge

Re: I suspect, based on other sources

I think the main reason they're cutting SD is because Microsoft is suing them over bogus patents relating to FAT32. Easiest way to avoid the lawsuit is not to include FAT32. That said, it's annoying that so many choose to implement MTP rather than USB mass storage. MTP is okay at a pinch but it's piss poor for things like zips or avis where the entire file has to be copied off the device to be opened.

0
0

Re: I suspect, based on other sources

Why would Blackberry bring out a phone with no camera, when disabling the camera has been a BES policy item for eons?

0
0
Anonymous Coward

Re: I suspect, based on other sources

Because with Balance the corporate may not have any control over your camera. Remember this was not a security assessment of BB 10, it was specifically a security assessment of BB10 with Balance. If MI5 can't stop its operatives from using the camera to save stuff to the red zone, it will fail. If they can't encrypt your micro-SD card so you cannot read it out of the phone, it will fail.

The real root problem for our beloved Government departments and the like is that the whole idea of mobile phones is that they have become tiny computers optimised for receiving and sending data on a huge range of bands from audio through various radio frequencies all the way to optical, and that is inherently a very bad basis for limiting people's ability to shift data around.

1
0
Anonymous Coward

Re: I suspect, based on other sources

Why not simply agree to use a file system which is not Redmond's profit centre? If Android went with an Ext variant then before long it would be Microsoft feeling the pain of people unable to open their SD cards on Windows.

No, I overstated it I agree, it is mainly about selling cloud services, but getting into the secure market may well explain why models like the Lumia 920 do not have an SD slot, but other cheaper models do.

0
0
Anonymous Coward

Re: I suspect, based on other sources

How are those FAT patents bogus? They have been tested in court a number of times.

1
0
Silver badge

Re: I suspect, based on other sources

Those FAT patents are bogus because they essentially relate to a look up table which maps a short name to a long name. Anyone software engineering experience tasked with a way to put long names on an FS supporting short names would come up with a similar solution. It's an obvious and trivial invention and should be struck out for that.

It's so trivial that the Linux kernel produced a patch to prevent generating a valid short short *and* a long name at the same time. It only stores one or the other depending on the name length but never both to work around the lookup patent.

As for "tested in court", it was tested only to see if the patent was violated, not if the patent was valid. Two different things. If it deserves to be a patent at all should merit a payment in pennies at most.

0
0
Anonymous Coward

Hogwash...

This report makes no sense to me. Why would CESG even look at Balance? It doesn't seem to fit with what they'd be interested in, which would be a device that was completely under corporate/government control with no personal side.

1
0
Anonymous Coward

Re: Hogwash...

You can't currently turn balance off.

0
0
Megaphone

Re: Hogwash...

BES10.1 which is currently in testing will provide the ability to remove the personal partition from a BB10 device, leaving only the work partition.

1
0
Meh

The point is...

That Balance enables BYOD for iOS and Android devices isn't it? So you don't have to bring a BlackBerry to work. Have I missed something?

0
1
Anonymous Coward

Re: "Have I missed something?"

Yes.

http://uk.blackberry.com/business/software/blackberry-balance.html

0
0
Bronze badge

While they boast

Recently received (today) link

http://globalsecurity.tradepub.com/free/w_ri89/prgm.cgi

excerpt from page:

"In this overview document, find out about the security features BlackBerry 10 can deliver for all the devices in your enterprise, whether they're running on an iOS, Android™ or BlackBerry® platform. "

0
1
Anonymous Coward

Re: While they boast

Well, yes, the story appears to be bogus and I have sent a correction to El Reg. It looks like someone at the Guardian was trolled. Who by, they're not saying. But they do carry awfully big ads for a well known fruit vendor.

1
0
This topic is closed for new posts.

Forums