Here’s everything the BlackBerry Priv does to protect your security and privacy
By embracing Android after years of doing its own software thing from the ground up, BlackBerry arguably took a great gamble. A necessary one, but a risk nonetheless, considering among others the Canadian company’s rock-solid security reputation and the growing malware issues of Google’s otherwise successful mobile platform.
The BlackBerry Priv unsurprisingly looks flawed at a first glance, yet as far as data privacy is concerned, its makers insist it’s the best of the best. Yes, even better than 6.0 Marshmallow-powered Nexuses, despite technically running an “obsolete” Android iteration out the box, i.e. 5.1.1 Lollipop.
BlackBerry’s special Android “hardening sauce” includes a series of security enhancements “independent of the Android version number”, according to a blog post penned by CSO David Kleidermacher, starting with supply chain security for hardware root of trust.
Then you have a proprietary method of keeping Stagefright-like vulnerabilities out, which improves Address Space Layout Randomization. Third on the list, the SELinux mandatory access control policy system is upgraded beyond stock L and M solutions, and an additional slew of cryptographic improvements also enter the equation to shield you from “brute-force attacks.”
“Critical security parameters” are furthermore tamper-proofed, “hundreds of hardening improvements to the Linux kernel and Android service framework” enable features like DTEK, and smart card authentication makes the BlackBerry Priv an impenetrable business tool.
All in all, it’s obvious a lot of work was put into protecting the touchscreen/QWERTY keyboard hybrid from anything and anyone, and BB also promises rapid patching whenever the defense is weakened. Hopefully, the impressive privacy tweaks won’t delay updates to Marshmallow and beyond.
Source: Inside BlackBerry