back to article Android Security: How's BlackBerry going to fix it?

“Android Security” sounds like an oxymoron, perhaps the biggest since “friendly fire”. So what’s BlackBerry, which has forged a reputation on enterprise security, thinking with the new Priv device? BlackBerry's handset division is promising to create a business-friendly secure 'droid, and it’s recently been explaining just how …

  1. Your alien overlord - fear me

    XDA devs. will root it within a month. Kiss goodbye to security.

    1. Gordon 10

      Doubt it. There are some Androids that are so much hassle to root they don't bother. Suspect it will take much longer, but probably will be aided by the XDA tools.

  2. 0laf

    When there is a £200 version we'll look at it, maybe.

    ~£600... we'll just buy feckin iphones as usual and winpho for the minions

    1. sabroni Silver badge

      re: we'll just buy feckin iphones as usual

      They're popular and therefore a prime target for hacking. Unless these blackberries are really popular iPhones will always be a more attractive target...

  3. Quortney Fortensplibe
    Thumb Up

    Presumably BlackBerry...

    ...have named it after a toilet, to reinforce the idea of security.

    A good bog will always have a strong lock.

  4. sabroni Silver badge

    Sounds like the problem is Android devices not getting patches...

    ... not the underlying architecture. So "all" blackberry need to do is patch in a timely manner.

    1. Andrew Orlowski (Written by Reg staff)

      Re: Sounds like the problem is Android devices not getting patches...

      "There’s our ability to patch vulnerabilities much faster than other Android smartphone makers, and other features I didn’t mention. It’s why I firmly believe PRIV will be MORE resilient than everything else."

      http://blogs.blackberry.com/2015/10/tempest-in-a-teacup/

      1. JLV

        Re: Sounds like the problem is Android devices not getting patches...

        Given Androids licensing and setup, could one patch general holes (not vendor specific) ahead of Google, to one's own devices?

        Would that help security?

        Would just matching Google's patch release cycle help sales? If the main risk here is slow patching by most vendors, then you would think Nexus et all would already be benefiting from the security conscious's biz. Instead it looks as if they compete for punter's $ mainly on price & features, just like the others. I.e. Sure you hear folks talk about patching, but at the end that Sammy Galaxy 6 is just so shiny.

        Best of luck to BB though.

  5. John Smith 19 Gold badge
    Go

    As a business plan this just *might* work

    Leverage stuff they are good at and know how to do.

    No guarantees.

    Just might.

  6. This post has been deleted by its author

    1. Anonymous Coward
      Anonymous Coward

      Really?

      Don't you need a sizeable user base to start making claims about security?

      Proper AC, let the flaming begin

      1. Anonymous Coward
        Facepalm

        Re: Really?

        Like their fork of openssl?

    2. sabroni Silver badge

      re: just that you patch them quickly

      It's not that it doesn't matter how many vulnerabilities there are, but the fact is that vulnerabilities will be found if there's enough money to be made, and when that happens the patches are worthless unless they make it onto the vulnerable devices. I'm sure OpenBSD doesn't have any security vulnerabilities (!) but if it did, you would want them patched in a timely manner, wouldn't you?

  7. David Austin

    Points for trying.

    It's a nice idea, and I hope it works. The idea is very tempting - Android for Enterprise (A title I'm not aware that any handset or manufacturer can legitimately claim at the moment) Is sounding pretty good.

    Dunnow if its possible or feasible, but good on them for trying.

    Besides the software, I've always had a soft spot for android hardware: The blackberry Bold 9900 is probably my favourite handset in terms of hand feel and using as an actual phone, even if it was closer to a feature phone than a smartphone thanks to BBOS 7. I remember thinking "Man, if only this ran Android..."

  8. dogged

    Why Blackberry haven't done a deal with Silent Circle for the Blackphone's OS is beyond me.

  9. decoherence

    Who's gonna patch your Priv if/when BlackBerry goes under?

    1. Anonymous Coward
      Anonymous Coward

      Same people that patch all the other old android phones out there - no one.

  10. Anonymous Coward
    Anonymous Coward

    "The security of Android depends on the timely delivery of updates to fix critical vulnerabilities"

    Further, interestingly the article chooses to ignores the biggest sh@te fest of delayed patch rollout thanks to the mobile phone (mafia) providers. Additionally who's measuring the f@ked up bollo* that mobile telcos roll into their custom update experience, not to mention voluntary user malware installation; No shi@ there are security problems with Android.

    Good luck Blackberry

    1. Anonymous Coward
      Anonymous Coward

      Re: "security of Android depends on the timely delivery of updates to fix critical vulnerabilities"

      You can type fuck on here, it's ok. Your mum isn't watching. And if she was you're AC so she really won't know it's you.

      Now tidy your room!!!!

  11. Anonymous Coward
    Anonymous Coward

    It seems that for most of the commentards

    no Phone will ever be nearly good enough. ooh...no memory card...oohh...bloatware...oohh...it's an Apple...oohhh...Microsoft sucks...oohhh...Blackberry is going belly up...and so on, and so forth.

    If smartphone manufacturers put any truck in the comments posted here, not a single smartphone would ever get made.

    I'm watching the release of this with great interest. Apart from it being a Blackberry, who have admittedly made some bad decisions in the past BUT have quite a solid pedigree in providing business class comms, it looks like quite a decent phone as well.

    1. This post has been deleted by its author

  12. Bota

    I wonder why they didn't do a deal to port sailfish?

    1. sabroni Silver badge

      I wonder why they didn't do a deal to port WebOS......

      1. This post has been deleted by its author

    2. Michael Wojcik Silver badge

      Pff. Port Flex or OS/400. A capability architecture provides a bunch of security benefits.

      Or port the Burroughs B5000 architecture, with its tagged memory words.

      (Not that VMS wouldn't have been fun too - though you'd want to set the default number of preserved file versions lower for all those storage-eating media files.)

  13. oiseau

    Blackberry ?

    Hmmm ....

    Blackberry ...

    Fix something?

    Nah!

    These AHs were never able to get their desktop software to work properly leaving thousands of users on their own to go through hell just to get the damn phones detected, not to mention a myriad of other problems that cropped up with every 'upgrade'. I know, I am one of them. Now, it's all Android and we are all left out in the cold.

    My advice?

    Don't hold your breath.

    1. DanceMan

      Re: Blackberry ?

      If you're referring to the desktop backup software, I concur. Just had my Q10 drop 35 feet to a hard floor. Last several times I tried to do backup to a desktop, yes, six months or more ago alas, it errored out.

      Love the phone though. Not great for surfing but a superb communications device. Love the Hub.

  14. Anonymous Coward
    Anonymous Coward

    Great quote

    "Android represents a global IT security threat not seen for over a decade" I am going to print this out in 6 inch high letters and hold it up in front of every muppet in our organisation who thinks the mobile future includes Android when they are processing customers' health information.

  15. BleedinObvious

    hardware fuse blow as a tell like Huawei's Nexus 6P?

    Maybe it has a hardware fuse that blows when root is acquired, like the QFuse in the new Nexus 6P, which in turn tips off the Blackberry's security suite that security's had a break-in.

  16. Anonymous Coward
    Anonymous Coward

    This could be popular with enterprises

    The Blackberry name probably still carries some weight. But if they sell based on security, they better follow through. They shouldn't even need to wait on Google's "official" fix if a discovered problem has an obvious fix, that would really help tip the scales in their favor if they can beat the patches out for Google's own Nexus devices.

    The other thing they can do is provide Android users with the ability to control permissions individually even after install, like iOS users can. There's no good reason why Google hasn't provided this ability, but doing so may get Android users who are knowledgeable enough to realize why this is a big win to move to the Priv (at least if they introduce a model that drops the unnecessary added weight of the slide out keyboard)

    As for the inability to root it, well iOS does the same "secure boot" thing but jailbreaks abound. I'm sure there will be ways found to jailbreak your Priv just as with iPhones for those so inclined.

    1. os2baba

      Re: This could be popular with enterprises

      "The other thing they can do is provide Android users with the ability to control permissions individually even after install, like iOS users can"

      That's exactly what Marshmallow does. But the Priv is shipping with Lollipop.

      1. Anonymous Coward
        Anonymous Coward

        Re: This could be popular with enterprises

        So Google is FINALLY adding that capability they should have added six years ago?

  17. dodo27

    It's the BES that secures the phone. Everything in BlackBerry's workspace is encrypted.

    Not that I care. Am buying the slider because I want BlackBerry's productivity, battery life, shortcuts, typing speed, accuracy, active frames and all the apps.

  18. Anonymous Coward
    Anonymous Coward

    Trying to put lipstick on a pig. There's zero chance of Priv getting used in my organisation.

  19. Anonymous Coward
    Anonymous Coward

    BlackBerry have done it again.....how can they justify the price being so high? What business is going to choose these over a cheaper iPhone of Samsung S6?

    Security sounds great but you know what most people don't really care. The IT buyer might want if but I guarantee all the sales people, management etc will all want iphones. I'm not saying this is a good thing but look at any organization of any size and I think that will be the picture you'll see.

    If the Priv was launched at £200 they could have gained some market share back most likely. None of the UK networks are interested in selling it. I believe only the Carphone Warehouse has shown a glimmer of interest and that is for business customers only. Why would they waste money on them just to sit in their stock room waiting to be discounted. Hasn't BlackBerry learnt anything from the Passport, Z30, Z10, Q10 and Q5. With the exception of the the Q5 all had crazy inflated prices and were very quickly discounted. I think the Z10 was £400+ initially then price was around £100 a few months later.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like