09-14-2013 02:02 AM
09-14-2013 12:22 PM
Hi and Welcome to the Community!
That's a lot of questions...I'll try to answer them one by one...but, in general, I think that it's all legit.
I've had some prior bad experience with a certain person tampering with my mobile which they had physical access to so I've switched to BB (9320 w/ OS7.1) and also am weary of suspicious behaviour.
You therefore really should consider using a device lock password. This will prevent anyone else from doing anything with your BB. Of course, if you suspect they will try, you should also do regular backups just in case they try too many times and the device wipes itself clean. You can find full backup instructions via the link in my auto-sig on this post.
This week I've been getting strange "official-looking" messages (notifications?) asking to upgrade my BlackBerryID. I opened the message and clicked "upgrade" fully planning on cancelling once it hit the "enter device password" step in the process...only problem is that it never did. It downloaded, "installed", and asked me to reboot which I did.
Is this "normal" or have I just installed an exploit/malware on my BB?
For the Identity app, that may well be normal. Some updates are not via the security controlled channels, and are instead tied into the OS update channel, which does not go through the BBID verification process. You still have to have said "yes", so indeed you did agree to the installation, even though it didn't prompt for any credentials.
Did RIM just release a new version of BlackBerry ID last week?
We have no "back channel" access to officially know the answer to that, but given the quantity of posts here in the forums concerning updates to the Identity app, I'd guess that the answer to your question is yes.
How do I tell what version is installed?
KB10040 How to view or remove installed applications on the BlackBerry smartphone
How do I tell if it's legit?
I've never heard of an illegitimate version of it.
Why does it not show up in any app list?
It does...see the above KB link. On the device, it's called the Identity App rather than BBID.
Aren't all apps supposed to be installed/updated/removed through App World?
No. There are many methods for installing apps. For Core apps (of which Identity is one), those come out via the OS update channel rather than via AppWorld. AppWorld is for add-on and 3rd party apps, not core.
Isn't a device password required for all modifications?
No. Core app and OS updates come via a different channel, which does not use the same authentications. Further, updates via AppWorld also don't require any entry of any passwords.
What's with the inconsistency?
Things work the way they work. AW distributed apps work one way, OS/core app distribution works a different way. That's just the way it is.
How is it possible for an app to update/install without this requirement?
As per all of the above.