BlackBerry announced that it's oft-rumored Android-based phone, the Blackberry Priv (formerly called "Venice") is real. According to John Chen, BlackBerry's CEO, the phone's name is derived from the word "privacy," because privacy and security are at the core of the company's products.
“Today, I am confirming our plans to launch Priv, an Android device named after BlackBerry's heritage and core mission of protecting our customers' privacy. Priv combines the best of BlackBerry security and productivity with the expansive mobile application ecosystem available on the Android platform," said Chen.
BlackBerry also said that it will support Google's "Android at Work" service on its BES12 enterprise platform, but other than that we know little about what kind of security and privacy features the Priv will bring for enterprise customers (and potentially for consumers, as well).
There was a rumor a few days ago that the Android kernel on the BlackBerry Priv will come integrated with Grsecurity, which is a whole suite of mitigations and protections against kernel attacks.
"Grsecurity is an extensive security enhancement to the Linux kernel that defends against a wide range of security threats through intelligent access control, memory corruption-based exploit prevention, and a host of other system hardening that generally require no configuration. It has been actively developed and maintained for the past 14 years. Commercial support for grsecurity is available through Open Source Security, Inc.," reads the company's website.
Grsecurity is largely regarded as a top-notch solution for security hardening for any Linux-based operating system. However, in practice, not too many mainstream Linux distros have adopted it, mainly because it's not integrated into the official Linux kernel itself, which can lead to breaking legacy code.
One of Grsecurity's components, called PaX, which is not developed by the Grsecurity developers but comes bundled with the kernel patch, is also being used in the CyanogenMod-based and security enhanced Copperhead OS. Right now, the open source Copperhead OS is still in Alpha and is only available for the Nexus 5 and the Galaxy S5.
Increased adoption of such features is already showing a trend that privacy- and security-conscious device makers are starting to adopt more hardcore security enhancements for Android, to make them better suited (especially) for the enterprise environment.
Silent Circle's BlackPhone, which has become a competitor of sorts to BlackBerry's phones in the enterprise, mainly because of its secure communication applications, doesn't include such kernel security enhancements yet, but there's little reason why it shouldn't in the future. If BlackBerry's bigger popularity makes this a "must-have" solution for enterprise customers, then we could see others adopt it, including Google for AOSP.
Samsung also open-sourced KNOX last year, but it's not clear yet whether the BlackBerry Priv uses it (although Android Lollipop, on which the Priv seems to be based, does use parts of it). KNOX enhances the security of each layer of Android, from hardware to applications, and has been largely effective against root exploits in the past. It has also already been approved by multiple government agencies. BlackBerry started supporting Samsung KNOX devices on its BES12 platform, so at least we know it considers KNOX a rather strong security solution for enterprise devices.
According to rumors, the BlackBerry Priv may also come with the company's own "Safeguard" solution, which seems to allow users to further confine applications, likely by removing permissions from them.
BlackBerry also noted that it will continue to improve its BlackBerry 10 operating system, which it developed based on the QNX acquisition. BlackBerry 10 was supposed to be the "modern answer" to Android and iOS, but the lack of a strong ecosystem (despite the support for repackaged Android applications) hampered its success.
As it tries to avoid a similar fate to Nokia's (that is, being either acquired or forgotten), the company seems to now be exploring its options with an Android-based device, while also ensuring that it does everything to make its Android version as secure as it possibly can be. That's why adopting the rumored Grsecurity kernel patch seems like a great idea.
The company said that BlackBerry Priv should be available by the end of the year, but more details will come out in the next few weeks.