ZDNet – ‘BlackBerry Slow To Respond To FREAK Flaw, Says It Has No Fix’

Freak Blue

Oh dear.

Here at UTB we’re very used to seeing iGnorant journalists make utter fools of themselves with regard to BlackBerry. But Zack Whittaker, of ZDNet, managed to surpass that yesterday with probably the sweetest timing of all.

The title you see above was the ORIGINAL title of an article written yesterday by Zack Whittaker. Zack (also of CNET and CBS News – dear Lord) had taken it upon himself to address the whole issue of the FREAK vulnerability by taking a swipe at BlackBerry.

Why? Well, it would seem that Zack, along with many other, mainly US journalists, it has to be said, seem to ‘get’ the fact that BlackBerry are way out in front on security so will take any chance they get to try and pin the company and finally, in their eyes, finish them off once and for all.

So, Zack wrote a piece, an eye catching little ditty, about how useless BlackBerry were at handling the FREAK vulnerability, how ALL their devices were impacted, how BES was affected, how BBM was affected and how even the President of the US had ‘held on to his BlackBerry despite warnings from the Secret Service to use a hardened, custom device.’

He already has one, you nerk.

 

The problem for Zack was that as he hit publish the fix was already rolling out to Z30 users. Which meant that people were actually laughing at him in the comments to his blog.

Essentially, he got slaughtered.

And now it’s hit Z10 and Q10 users too. Which means that although he has changed the title and a few words of his article, it is again WOEFULLY out of date. See if you can spot the change of words…

Tip – I’ve highlighted them in BOLD!

BlackBerry begins slow rollout for FREAK security flaw, most devices still at risk

Summary:The company, slated as having the world’s most secure messaging devices, warns that devices will be vulnerable to a serious security flaw until a patch is released.

BlackBerry has issued a warning to users that most of its devices and encrypted messaging services are vulnerable to a serious security vulnerability.

The Ontario, Canada-based phone maker said in an advisory, almost two weeks after the flaw was first discovered, that it does not have a fix in place for for most of its impacted devices.

A spokesperson for the company confirmed that it issued a patch for Z30 devices running the latest 10.3.1 update.

“We will continue the patches for other products impacted,” the spokesperson said.

The FREAK flaw is a weakness in modern Web cryptography, which allows an attacker to potentially intercept encrypted traffic between a vulnerable client and server and force them into using weaker encryption that can be easily cracked. But despite knowing about the problem since the beginning of the month, the company said there are no current workarounds to prevent device data from being intercepted.

All versions of newer BlackBerry 10 devices, older BlackBerry 7.1 devices, and BlackBerry Enterprise Service 12 and earlier are affected by the flaw — essentially almost every product the company currently has on the market.

BlackBerry Messenger on Android, iPhones and iPads, and Windows Phone are also affected by the vulnerability.

“Further investigation into affected products is ongoing, and BlackBerry is working to determine the full impact of the issue and confirm the best approach for protecting customers,” the advisory warns.

“As fixes become available, this notice will be updated,” it read.

Every version of Windows is affected. Apple devices, including Macs, iPhones, and iPads (which are now patchable are also hit by the bug, along with Google’s Android operating system. Dozens of other device makers, including Cisco, are introducing patches and fixes for the bug.

BlackBerry devices have long been seen as the industry standard for encrypted messaging. US President Barack Obama has during his two terms held onto his trusty phone, despite warnings from the Secret Service to use a hardened, custom device.

The saving grace is that the back-end system, run by BlackBerry Enterprise Service, would require an attacker to compromise the user’s intranet. It also said that devices encrypting content before being sent over SSL, such as PGP or S/MIME, will “still be protected.”

Yeah! You go Zack!

Here’s a better idea. You obviously don’t own a BlackBerry or take a proper interest so how about shutting up?

Or, here’s a better idea, how about now writing an article about how BlackBerry devices (not all of them at time of writing but I’ll give you until Monday!) are the ONLY ones on the market patched and protected?

I sometimes wonder whether whenever these articles are written the authors send Tim Cook an iMessage to tell him so he knows that they are pandering properly.

Don’t worry.

He doesn’t reply because he’s busy

It’s an iMessage. He never receives it.

Bigglybobblyboo

Bigglybobblyboo is a legend almost nowhere at all. He is a founder member of UTB and spends his spare time taking out his anger at the world with a fishfork and a spatula. He is also a Cribbage Master, having won 1 fight online as the other guy refused to turn up out of fear for his life.

  • MADBRADNYC

    ^^What he said!^^

    Wow. What a Nerk…

  • ray689

    You know what even worse than this? The so called BlackBerry fan site (oh sorry news site so they can troll) was so quick to jump on the freak attack thing but has yet to say a word about the fix. At least this moron at Zdnet doesn’t pretend he’s a BlackBerry fan.

  • Atmari

    Lol these want to bash BlackBerry so badly that they ridicule themselves.

  • Anthony

    Zack-off is the latest example of why I don’t read ZDNet articles for anything any more. It’s quite obvious ZDNet doesn’t

    Biggly, your comment “BlackBerry devices are the only ones on the market patched” is not correct. Other devices are patched.

    Z30 is patched.
    “Firefox Beta” browser is patched.
    “Opera Browser” could be patched. It isn’t “compatible” with the freak test.
    Firefox desktop browser is patched.
    Safari browser is patched.
    Internet Explorer 11 browser isn’t patched.

    I’m still waiting for the Q10 patch.

    The Passport patch should also include the screen flicker fix. locco_smiley_21

    • Robert

      Passport flicker issue was fixed in 10.3.1.2480.

      • Anthony

        Is it smoother with 10.3.1.2480. Eg. scrolling in 10.3.1 browser is a bit jittery, not smooth

  • BB Racer !!

    Ok just file this ZDNET article under, ” I need viewed clicks to keep my boss happy”  file category ….the ZDNET author next time should do real research and get BlackBerry on the line for real facts. ….ok just in a ip6 which belongs to my neighbor still records Red Alert……my Z30 is Blue :)……and yes no lie !!!

  • Reverend Grim

    I’ve just tweeted him… read this then tell me where the iOS and Android fix is…
    Yet another iDiot like Charles Arthur who puts his foot in his mouth then starts back tracking but manages to get his other foot in to!

  • bartron

    Wow. What an idiot. I wonder if he’s aware that the weakened encryption was the US government’s idea. I’m glad to see he got burned, but it’s too bad that he accomplished his obvious goal of getting a bunch of clicks.

  • vorpal

    I do like the shot at Obama not using a ‘hardened, secure’ phone…

    Like the secret service just lets him waltz around with a Bold 9900 he got on sale at Best Buy…

    :lol:

Top