Friday, 20 January 2017
Mobile

BlackBerry explains how it made the PRIV Android Smartphone Secure

Blackberry has explained how it made the Operating System of the Blackberry Priv secure despite it running on the Android platform.

Blackberry’s software is known globally for its tight security but eyebrows were raised when it announced that its new device, the Blackberry Priv, will come with an Android Operating System – which is known to be sketchy and vulnerable to attacks and hijacks.

The Canadian conglomerate in a blog post has however assured that the BlackBerry Priv maintains the same level of security the company puts on all BlackBerry handsets.

‘Priv is for private,’ it said, listing several actions and modifications it took to boost the Priv’s security features.

The company says that the BlackBerry Priv uses a unique homegrown manufacturing process, the ‘Hardware Root of Trust’ that injects cryptographic keys into the device hardware. Blackberry says this action improves the security for the entire system.

The company also listed several other features that it baked into the Priv – a feature called Verified Boot and Secure Bootchain uses embedded keys to verify every layer of the device from hardware to the operating system at startup, along with apps, to ensure that nothing has been compromised.

Blackberry added that the Priv comes with “hardened” Linux kernel with numerous patches and a special configuration to bolster the security. It also encrypts the full disk by default complying with FIPS 140-2 standard.

The BlackBerry Priv also comes with tools such as BES12, a dashboard to simplify the management of users, services, and policies, and BlackBerry Infrastructure, which it says works with security and privacy of the user in mind.

David Kleidermacher, Chief Security Officer at BlackBerry also noted a couple of other aspects that makes the handset more secure.

He added that the Priv comes with the company’s patented picture-login, which according to him is “the best combination of security strength and ease of use for any smartphone authentication scheme available on any mobile device today.”

“Android is a complex, rapidly changing, massively popular, open-source product, which makes it an attractive and fertile target for attackers. Such an environment demands world-class security incident response, and BlackBerry has a long history delivering that to customers with the highest value resources under their (and hence our) protection. BlackBerry’s vulnerability patch program is second to none in the industry,”

he added.