In the time since the iPhone was released in 2007, BlackBerry’s superior security has always been an advantage the company has had trouble capitalizing on. The company’s perceived irrelevance has opened the door for Samsung and Apple to dominate the smartphone space. But Heartbleed, a software bug in the open-source cryptography library OpenSSL, might give the beleaguered Waterloo company another chance.
On April 10, two of the world’s largest producers of Internet equipment, Juniper Networks and Cisco Systems, announced that their products had been impacted by the Heartbleed bug. In Canada, the Canada Revenue Agency shuttered its website to protect against Heartbleed. The bug has set millions scrambling to reset their passwords and assessing their vulnerability.
BlackBerry, meanwhile, confirmed that its devices aren’t vulnerable to HeartBleed.
“BlackBerry is currently investigating the customer impact of the recently announced OpenSSL vulnerability,” said the company in a blog post entitled “BlackBerry response to OpenSSL “Heartbleed” vulnerability”. “BlackBerry customers can rest assured that while BlackBerry continues to investigate, we have determined that BlackBerry smartphones, BlackBerry Enterprise Server 5 and BlackBerry Enterprise Service 10 are not affected and are fully protected from the OpenSSL issue. A list of known affected and unaffected products is supplied in this notice, and may be updated as we complete our investigation.”
BlackBerry says that certain software that runs on Windows, Android and iOS, such as BlackBerry Link, are affected by Heartbleed.
Google, meanwhile, says Android devices running Android 4.1.1 Jelly Bean are vulnerable to Heartbleed.
“We’ve assessed this vulnerability and applied patches to key Google services such as Search, Gmail, YouTube, Wallet, Play, Apps, App Engine, AdWords, DoubleClick, Maps, Maps Engine and Earth. Google Chrome and Chrome OS are not affected. We are still working to patch some other Google services, said the company.
Apple confirmed that its desktop, mobile, and web services also have not been affected.
BlackBerry CEO John Chen says security is one of the cornerstones the struggling company hopes to build on.
“We are building an engineering team on the service side that is focused on security, he told Reuters Thursday. “We are building an engineering team on the device side that is focused on security. We will do some partnerships and we will probably, potentially do an M&A on security.”