Do you yearn for a secure smartphone with a tactile, physical keyboard but all the functionality of a premium phablet? If so, you might want to check out the BlackBerry KEYone. We’ve just got hold of one and in a nutshell: it’s awesome.
The KEYone is the fourth BlackBerry branded Android smartphone and perhaps combines some of the best design elements of the BlackBerry Passport and Priv. The device has the classic BlackBerry-style Smart Keyboard at the bottom of a crisp (443 PPI) 4.5″ touchscreen LCD display – just big enough to meet the needs of many phablet owners, yet compact enough that the device can actually be used one-handed by most people.
The KEYone also packs respectable technical specs, including a Snapdragon 625 processor, 32GB of internal storage and 3GB of RAM. For the photographers among you it also comes with a 12MP rear camera and 8MP selfie-cam.
The quality look and feel of this device in the hand can’t be overstated. It comes cocooned in an brushed aluminium frame with a nicely dimpled black back cover. The textured back of the device is nice because it’s more grippy than some all-glass handsets, which can at times feel so slippery that it’s like trying to handle a freshly caught fish.
The Smart Keyboard itself deserves special attention, with the most obvious point being that it has physical keys. After years of touch-screen keyboards we found it takes a couple of hours for the muscle memory kick in before your digits to start typing at full speed, but once they do the keyboard becomes a joy to use and allows for surprisingly fast and accurate typing.
Inclusion of a physical Smart Keyboard isn’t just about being different or satisfying market nostalgia – it has quite a few other tricks up its sleeve.
Firstly, its touch-sensitive, meaning you can use it to scroll around web pages, emails and so on without having to obscure bits of the screen by swiping around with your thumb. Secondly, each letter on the keyboard can have a shortcut associated with it (‘t’ for Twitter for example), which saves having to rummage through dozens of your favourite apps every time you want to open one. Thirdly – and as security geeks this is our personal favourite – it has a fingerprint reader built into the spacebar.
As we’ve noted in previous articles fingerprint readers offer a nice way to make security transparent and encourage people put off by PINs to set access control on their devices. The fingerprint reader on the KEYone is lightning fast, bringing up the home screen quicker than any other smartphone we’ve tried. It also seems very accurate and doesn’t keep buzzing and telling you to ‘try again’ before recognising a print.
But moving beyond the fingerprint reader, when you unbox the KEYone the embroidering on the lid also emphasises that you’ve bought a secure smartphone, suggesting the company have gone to great efforts to make their adapted variant of the Android operating system as robust as possible. So lets look at what else that means.
BlackBerry Hardware Security: The Root of Trust
The company have a history of starting their security efforts at the hardware level by embedding encryption keys in their device components. These encryption keys are then used as part of a technique called hashing, where a cryptographic algorithm is used to convert data into a numerical value, which can then be used as a checksum to verify a key’s integrity.
Basically, when you switch a BlackBerry on each layer of hardware essentially has to prove its identity by using the encryption key embedded in it. This secure bootchain helps ensure that no tampering has occurred and no malicious software is running behind the scenes.
Hardened Operating System
The KEYone comes loaded with Android 7.1 Nougat and all its core features, but BlackBerry’s influence is evident through the presence of some additional security tweaks designed to make it more robust.
Firstly, Android’s Linux kernel (the core of the Operating System) has been given a tune-up in the form of various configuration changes and added security patches.
Secondly, BlackBerry have built upon a security technique known as address space layout randomisation in the Android OS, which essentially scrambles the location of executable files making them more difficult for a hacker targeting a general Android vulnerability to take advantage of.
Thirdly, the company have further improved the Android full disk encryption functionality by using the strong AES-128 (128-bit Advanced Encryption Standard) encryption and, most importantly, keeping the encryption key safe in the BlackBerry Secure Compound – an area of the firmware separate from Android which helps keep important data safe.
DTEK by BlackBerry
But locking down hardware and software is only part of the battle: preventing the human mind getting hacked is an equal concern.
With our hectic 21st century lifestyles and constant digital bombardment security doesn’t always feel like a top priority. This makes makes “social engineering” attacks designed to exploit our inherently trusting natures through natural human laziness, forgetfulness, or sheer gullibility a serious risk.
This problem has clearly not been lost on BlackBerry, who have installed the DTEK app on the KEYone, which aims to gently make checking a device security status as casual as checking the weather.
DTEK presents a visually pleasing dashboard summary of various items of security fundamentals, including screen lock status, factory reset protection against theft, and the ability for remote handset management.
Perhaps most importantly it allows a user to easily get a detailed view of what installed third-party apps are getting up to behind the scenes; for example, accessing their contacts, microphone, camera, or contacts. Each of these various aspects of smartphone security get neatly pulled together to provide an overall security rating, complete with suggestions for how the rating can be improved.
Looking past its security features though, the KEYone is frankly just pleasantly different to many other devices hitting the shelves this year.
Did you find this post useful? Follow @DS_Watch on twitter or sign up for email updates to get more posts on security tech.