Wednesday, September 2nd15.0°C
26774
26753

BlackBerry: BBM poses 'small' risk from Heartbleed on Apple, Android smartphones

WATERLOO, Ont. - BlackBerry (TSX:BB) says Apple iPhones and Android devices running chat software BlackBerry Messenger face an "extremely small" risk from the Heartbleed software bug.

The bug is caused by a flaw in OpenSSL software, which is commonly used on the Internet to provide security and privacy.

BlackBerry Messenger, or BBM, was created originally for the company's own products, but BlackBerry released software last fall which made the app available to users on iPhone and Android products. The versions that run on non-BlackBerry smartphones don't have the same security standards as a phone connected to its enterprise servers, which are the backbone of the company's security features.

A statement from the Waterloo, Ont.,-based company says investigations have found no problems from Heartbleed on Blackberry smartphones and servers, which are "fully protected from the OpenSSL issue."

But it warned that hacker attacks were possible on these other versions of BBM although they would be "extremely difficult to execute," requiring a so-called "man in the middle" attack.

Technology analyst Carmi Levy says a "man in the middle" attack intercepts data from a device before it reaches its destination server, or involves "picking off traffic as it moves in between different devices and networks."

"An attack would grab the traffic and literally steal my username and password from that exchange," he said in an interview.

"It's literally standing between you and the system you want to access and stealing the credentials as you enter them."

A spokeswoman for BlackBerry was unable to confirm whether BlackBerry would issue a software update to fix the security issues with BBM on iPhone and Android devices.

The vulnerability posed by Heartbleed came to public attention this month but researchers say it may have existed for years. Security experts say Heartbleed may undermine security features of websites and networking equipment, but the extent of the damage isn't known.

Canada Revenue Agency says it estimates the social insurance numbers of roughly 900 people were stolen from its systems through a six-hour breach before the CRA blocked public access to its online services last week.

The Canadian Press


Read more Business News




Recent Trending




Today's Market
S&P TSX13449.69-32.21
S&P CDNX551.08+3.11
DJIA16245.42+187.07
Nasdaq4689.15+53.04
S&P 5001931.34+17.49
CDN Dollar0.7534-0.0011
Gold1133.80-4.90
Oil43.50-1.91
Lumber233.00-2.00
Natural Gas2.657-0.045

 
Okanagan Companies
Pacific Safety0.18+0.01
Knighthawk0.010.00
QHR Technologies Inc1.19+0.01
Cantex0.04-0.01
Anavex Life Sciences1.32+0.00
Metalex Ventures0.05-0.00
Russel Metals20.98-0.23
Copper Mountain Mining0.60-0.02
Colorado Resources0.075-0.010
ReliaBrand Inc0.0045+0.0005
Sunrise Resources Ltd0.02+0.00
Mission Ready Services0.08-0.01
Decisive Dividend Corp2.50-0.25

 





FEATURED Property
20833053221 Vineyard View Drive
4 bedrooms 5 baths
$2,990,000
more details
image2image2image2
Click here to feature your property
Please wait... loading


Agree to ask questions

Photo: Thinkstock.comThe STORY: I think, said Janet to herself, that I just figured out a solution to my problem of letting the prospect run the meeting.With that thought in mind, she got out of her c...


Your business is not a bank

Photo: Thinkstock.comYour plumbing business is not a bank. But when you are giving terms to customers that exceed what you get from your suppliers, you become one. And every time that someone does not...


Begin with the end in mind

Photo: ContributedWe humans love our dates: birthdays, anniversaries, 9/11, the Ides of March - our lives are intimately woven within the tapestry of the calendar. So it should come as no surprise whe...

_



26376




Member of BC Press Council


25143