Security glitch found on BES; protected business contacts can be viewed using Android apps

3comments
Security glitch found on BES; protected business contacts can be viewed using Android apps
A security breach has been found in BES. The report, out of Germany, says that it was discovered that certain Android apps running on a BlackBerry device powered by the recently released BlackBerry 10.2.1, and plugged into BES, could access secured business contacts using Android apps like Skype. That is not supposed to happen, obviously, as Android Runtime enabled apps are not supposed to be in the work partition.

BlackBerry is not only aware of the problem, it has already fixed it. The repair is part of an update that is all set to be pushed out to BlackBerry 10 users. All that is required is approval from the carriers so that the update can be distributed. So far, BlackBerry 10.2.1, which features an improved Android Runtime, has been sent out to some users of the BlackBerry Z10 'all-touch' handset.

Certain business apps in BlackBerry 10 are protected to the point that incoming calls received while the corporate workspace is closed, will not show the caller's name on the screen. Being able to access this protected list of contacts through an Android app is an opening that needs to be shut. Security is the one feature that BlackBerry has left to sell to the the enterprise and to consumers who are increasingly worried about such things in the wake of the revelations involving the NSA.


Thanks, Anonymous Tipster!

source: Heise (translated)
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless