Some of you may know that I am overly cautious about my personal data. That is why I was curious about the security of the new server based Voice Control features in BlackBerry Z10. One of my friends at BlackBerry was kind enough to point out that there is now some public info on what exactly BlackBerry does to secure Voice Control data.
In short all of your voice control commands are sent to BlackBerry’s servers for processing. This data can include:
- voice commands
- a hashed device identifier
- the device phone number
The contacts information sent is sent over HTTPS along with encrypting your phone number but sadly the actual voice commands data is sent in the clear via HTTP. Since you could be dictating sensitive emails, notes, appointments, and such I would recommend just typing those out.
I really wish BlackBerry would make a point of encrypting these communications with their servers but hopefully that is coming. My guess is there is a performance tradeoff. Still they could give us the option. Right now enterprises only have the ability to disable Voice Control completely. On the other hand none of this changes the fact that you are sharing the content of your contact list and voice control commands with BlackBerry’s servers so make sure you are comfortable with that.