We may earn a commission for purchases using our links. Learn more.
Ahead of the BlackBerry Priv launch, there was one question that popped up a lot in the CrackBerry Forums, and that was, how would BlackBerry handle the ability to root Android on the Priv? After all, BlackBerry is a company that has a history and reputation of building secure devices; surely they wouldn't just let their device be rooted easily, but how would they prevent it given its prevalence in the Android world and why would they even want to?
Turns out, BlackBerry spent a lot of time thinking about this, as they should have and they've now posted up a new blog post highlighting how and why the Priv protects against rooting. The article itself takes the time to explain rooting, some of the benefits as well as the disadvantages of it but also offers a look at how BlackBerry Integrity Detection works to prevent rooting of the Priv. If some of this sounds familiar, it's because BlackBerry touched on it through several articles ahead of and after the Priv launch, the recent article just goes into greater detail.
BlackBerry Integrity Detection
Priv by BlackBerry comes with built-in BlackBerry Integrity Detection, which continuously monitors for events or configuration changes that could compromise the security of the device. This includes:
- Checking the integrity of the kernel on device bootup
- Checking for unauthorized changes to the SELinux policy
- Monitoring file system mounting permissions
- Ensuring that unauthorized apps don't acquire escalated privileges
- Disabling security-sensitive applications such as path trust
BlackBerry Integrity Detection uses an application in the BlackBerry Secure Compound to provide a trust anchor and generate integrity reports. These reports are digitally signed with ECC-256 and backed by a certificate that chains up to a BlackBerry Certificate Authority, allowing third-party Enterprise Mobility Management solutions and monitoring apps to verify their authenticity. BlackBerry Integrity Detection integrates seamlessly with the new Good Secure EMM Suites and BES12, allowing IT administrators to monitor for rooted and jailbroken devices. If a potential compromise is detected, administrators can configure alerts, prevent the device from accessing the corporate network, or even remotely wipe the device. You can also verify BlackBerry Integrity Detection yourself through the preloaded DTEK app – simply look for the green checkmark beside "Operating system integrity."
BlackBerry rightly points out in the article that preventing and detecting rooting is one of the most difficult games of cat-and-mouse, so they're always going to have to be on the lookout for new methods and in turn, come up with ways to prevent them from working. In any case, the article is an interesting read, so if you haven't given it a look yet be sure to do so. Also, aside from reading the blog post, I fully suggest you look into the security guide for BlackBerry powered by Android as it describes the privacy and security of Priv hardware and software.
Read How and Why the Priv Protects Against Rooting
Read more
Verizon now rolling out software update for the BlackBerry Priv
Have a BlackBerry Priv on Verizon? Surprise! You'll want to go ahead and check for updates as many folks have now started receiving a software update.
BlackBerry Priv will no longer receive monthly updates going forward
A new post on the Inside BlackBerry Blog from Alex Thurber has laid out the status of monthly updates for the Priv as the device has now moved well beyond the two years of monthly software updates BlackBerry originally committed to.
BlackBerry begins rollout of September Android security update
Although it hasn't been noted by @BBSIRT yet, BlackBerry has now begun the rollout of the September Android security update according to a new post on the BlackBerry Knowledge Base.
Verizon BlackBerry Priv owners can now download software AAN368
Verizon has now begun sending out software AAN368 which is noted to have been tested to optimize device performance, resolve known issues and apply the latest security patches.