 |
| BlackBerry wants to hide a vulnerability that makes the device vulnerable |
A flaw in the BlackBerry software left 200 million cars, as well as hospitals and industrial equipment, vulnerable to hacking, and the company decided to keep it secret for several months.
In its June announcement of the integration of QNX into 195 million vehicles, the company identified the operating system as key to the future of the auto industry as it provides a safe and reliable foundation for vehicles.
The company has announced QNX as the preferred integration plan for 23 of the top 25 electric vehicle manufacturers.
The company has announced that an outdated version of one of its flagship products (an operating system called QNX), but still widely used, contains a vulnerability that could allow hackers to disable the device it's using.
But another company affected by the same bug, BadAlloc, announced the news in May.
The company initially denied BadAlloc's influence on its products, but then declined to make a public announcement. Despite the fact that not all customers who use the program can be recognized.
The comparison between BlackBerry and the government highlights the enormous difficulty in defending against cyberattacks on more and more devices connected to the Internet. This ranges from robotic vacuum cleaners to wastewater treatment plant management systems.
When companies like BlackBerry sell their software to hardware manufacturers, they rarely provide detailed software code records, leaving hardware manufacturers, their customers, and the government unaware of the greater risks.
The company has a good reputation in the field of smartphones with keyboards. However, in recent years the company has evolved into an important provider of industrial facility software. Including QNX, which operates everything from factory machinery and medical equipment to railroad equipment and components on the International Space Station.
BadAlloc can provide backdoors in many of these devices for hackers to control or interrupt their operations.
Microsoft security researchers announced in April that they had discovered and discovered the vulnerability in the operating systems and software of several companies.
In May of this year, several of these companies partnered with the Department of Homeland Security's Office of Network Security and Infrastructure to make vulnerabilities public and encourage users to patch their devices.
BlackBerry wants to hide a vulnerability that makes the device vulnerable
BlackBerry told the agency earlier this year that it does not believe BadAlloc has affected its products. Although KAG came to the opposite conclusion.
In recent months, the agency has put pressure on the company to acknowledge the vulnerability.
The company said it had no plans to open it to the public. He told the agency that he intended to communicate privately with his immediate customers and warned them about QNX issues.
Tech companies sometimes prefer to privately disclose vulnerabilities because this prevents hackers from knowing that a patch is about to be released. This method also limits or delays any public reaction and the resulting economic losses.
The agency created a presentation claiming that many of the company's customers weren't aware of the danger unless the federal government or device manufacturers told them.
The agency mentioned potential national security risks and confirmed that the Department of Defense was involved in setting an acceptable timetable for the launch of the BlackBerry.
The company issued a warning about the vulnerability and urged customers to update their devices to the latest version of QNX.
The company did not deny that it initially boycotted public advertising. She said she maintains her client list and is actively communicating with those clients on the matter.
She added, “We communicate directly with customers to fix errors. However, in order to provide the best service to our customers, there are some adjustments in the process.