This might raise a few chuckles over at BlackBerry. Recently both companies took swings at each other in a bid to call out each other’s claims on security offered by their mobile devices. BlackBerry describes itself as a market leader in security and boasts many certifications from government agencies around the globe to prove its point. On the other hand Blackphone, a joint venture between Geeksphone and Silent Circle, claims to offer high-end security at consumer level. The device was rooted in under five minutes at the DEF CON security conference this weekend.
Some have questioned Blackphone’s claims of security given the fact that its basically a suite of secure services that run on top of Android Open Source Project. Its because of this that BlackBerry dubbed it as “Consumer-Grade Privacy That’s Inadequate for Businesses.”
At the DEF CON security conference @TeamAndIRC was able to achieve root access on the Blackphone without actually have to unlock its bootloader. The hacker even mocked Blackphone’s team by saying that “It is apparent no one ran CTS [compatibility test suite] on this device.”
The exploit that was discovered was provided to Blackphone which patched it. The other route requires direct user consent so its not like this discovery is going to cause any harm to Blackphone users.
People who find fault with Blackphone being based on top of Android will now have a stronger argument that adding layers of security on the underlying platform that’s not entirely secure isn’t the way to go about things.