The words Android and security don’t often go well together. Cheap, insecure OEM devices and delayed updates crop up in articles with alarming regularity. BlackBerry Android phones want to change this perception.
BlackBerry is a brand built on consumer expectations of security. Even if the average user doesn’t understand the specifics, the BlackBerry badge delivers a sense of safety.
Since BlackBerry’s heyday not much has changed in this sense. Yet the market has moved to iOS and Android devices. BB oS10 handsets like the Passport and Classic were praised for their security credentials. They just didn’t capture the imagination of the wider buying public.
BlackBerry Android phones are an altogether different breed. They modify the user-friendly open source Android OS in a number of ways to suit their ongoing commitment to security.
BlackBerry Android Security
Security is always best implemented in layers. With BlackBerry Android phones, every aspect of a phone’s production is addressed. In order, those layers are
- OS Runtime
- Disk Encryption
- Software Updates
Does that seem like a lot of steps? Well it is. But every one is important when committing to a truly secure platform.
Blackberry like to refer to their Hardware Root of Trust.
During manufacturing, a security key is added to the processor on every BlackBerry Android. These track, verify, and provision each handset. This authenticates the integrity of the phone – and its data – right at the motherboard level.
All consumer phones ship with a locked bootloader to avoid unverified software installation. It is often possible to unlock this at the expense of your warranty.
The bootloader on a BlackBerry Android is different though. It has full encryption and will only ever allow an untampered, BlackBerry-signed OS to load.
Each stage of the boot chain must verify the next component is fully intact before proceeding.
The Linux kernel is the core of Android. This was developed in the early 90’s and has been modified hundreds of times for various distributions and applications.
BlackBerry have introduced numerous patches and configuration changes to the Android implementation to reduce the attack surface.
BlackBerry continuously monitor all of their Android phones. BID is checking for events or configuration changes which may indicate a compromise to security. If any occur, BID will trigger real-time countermeasures.
It’s par for the course these days to encrypt all user data saved to disk. Just to take it up to 11, BlackBerry ensure the encryption is at U.S. government-suitable levels.
BlackBerry have made a commitment that they will match Google’s monthly security patches. Not only this, BlackBerry will also deliver patches to update their own apps and software alterations.
Not always in people’s minds is looking at the future. It’s easy to respond to threats you are told about but BlackBerry go further. BlackBerry also employ security experts to try and break, hack or exploit their phones.
Their results, along with the findings of others are part of a constant cycle of improvement.