What

 

 Blackberry Security

 
Why

 

 Blackberry and other Personal Digital Assistants (PDAs) are convenient ways to keep much important information with you and provides a wireless email solution for mobile professionals.

 
How

 

 Basic security configuration and precautions must be exercised.

 
Detailed Information

Cracking the BlackBerry with a $100 Key
November 30, 2006  Source Link

The security model of that BlackBerry on your hip isn't holding up very well to third-party scrutiny.

According to a white paper by John O'Connor, a researcher on Symantec's security response team, hackers can pay $100 for an API developer key that can open doors to the theft of data from Research in Motion's BlackBerry devices.

O'Connor's paper was briefly posted -- and quickly yanked -- from a blog entry discussing the future of the BlackBerry device. It is not yet clear why Symantec pulled the paper (the rumor mill says it's being saved for a conference presentation) but a quick peek at the findings suggests there might have been some external pressure involved.

Some highlights from O'Connor's paper, which was seen by eWEEK Security Watch:

  • The BlackBerry's "modest" security framework it is still susceptible to multiple attacks, including being used as a backdoor, allowing confidential data to be exported.
  • The BlackBerry can be used as a proxy for attackers. Some of these attacks require applications to be digitally signed, while others can be conducted without such a signature.
  • While code-signing provides a potential hurdle for malicious code writers, signatures can still be obtained with relative ease and anonymity. Code-signing keys can be bought for $100 -- completely anonymously via the use of prepaid credit-cards. This completely undermines the ability to determine the creators of a signed application, and perhaps track them down in the case of malicious code being signed. 
  • Sending and receiving SMS (text messages) is very simple on the BlackBerry, and doesn't require the code to be signed. Users will receive a prompt the first time the program attempts to send a message, asking if they wish to allow network access, but there are no further warnings on subsequent runs of the application. The same warning is used for an application making a HTTP connection or trying to send an SMS, meaning that a user could be easily fooled into sending very expensive premium SMS messages by an application that purports to connect to the Internet for legitimate purposes.
  • Premium rate "dialer" scams can be extended from the PC to BlackBerry devices, running up huge bills in the process. The application would work as follows:
    • User downloads and runs an application (e.g. a game with "post my high-score online" option).
    • If the code is unsigned, the user receives a prompt "Allow Network Access?"
    • User agrees (thinking he or she is posting high scores on a Web site)
    • The application proceeds to send a premium-rate SMS message in the background unbeknownst to the users until they receive their phone bills.
  • BlackBerry devices are susceptible to SMS interception attacks that allow hackers to send SMS via the infected device and receive the access code giving them free Wi-Fi access, while the victim is billed instead. Other SMS billable services include voting polls, parking and even using vending machines. Note that if the application is signed, the user will not even be prompted.
  • Signed applications can send e-mail and read incoming e-mail. A malicious application could be used to allow third parties to send messages from the infected BlackBerry and also read all received messages. A malicious application could also use e-mail as a command and control channel to receive instructions to send and receive e-mails; send and receive SMS messages; add, delete and modify contacts and PIM data; read dialed phone numbers; initiate phone calls; and open TCP/IP connections.
  • A malicious signed application can launch an e-mail worm by sending a message containing a link to a JAD (Java Application Descriptor) file. When the user opens this link, he or she will be prompted to install the worm code from a remote Web site maintained by the attacker.
  • An attacker could use a malicious signed application to read all the PIM data (contacts, events, to-do lists). This data can be transmitted to the attacker via e-mail, TCP sockets, SMS or telephony.
  • Data integrity stored in the PIM can be compromised by a signed application. Attack scenarios include changing the number associated with a contact name; changing the name associated with a phone number; deleting a contact, event or to-do task; changing the timing of a scheduled event; or reading all the contact names and numbers, and randomly swapping them.

    O'Connor's paper also outlines ways in which BlackBerry phones can be manipulated to launch TCP backdoors, TCP scans, HTTP backdoors and infostealers, and spyware-type call monitoring.

    He warns that the available API (without code signing) provides "limited opportunities" to exploit the BlackBerry platform. This will require social engineering, where the target is tricked into approving the attacks.

    However, because the key can be purchased by anyone for just $100, O'Connor believes that a motivated attacker could develop a range of deceptive or malicious software that could not only compromise the BlackBerry handheld device and its data, but the integrity of the corporate network to which it is attached.

    "As the device continues to become more popular, the incentives for such [malicious] individuals to target the BlackBerry will only increase," said O'Connor, who is based in Symantec's Dublin office.


How can I set a password on my Blackberry 7xxx? 
Overview:  Go to Options. Select Security, change Password to "enabled", then change "Security Timeout" to no more than 15 min (if available, if not use 10 min). Hit escape, save your changes and enter in your password. Hit escape to bring you back to the main menu.

Step-by-Step Instructions: 
1. Turn on your BlackBerry. Before setting your password, back up your device. 
2. Hit the escape button located on the right-hand side of the BlackBerry underneath the trackwheel until you see the home screen icons. 
3. Using the trackwheel, scroll down until the Options icon (a picture of a wrench) is highlighted. 
4. Click the trackwheel to choose Options. 
5. Using the trackwheel, scroll down to Security. 
6. Click the trackwheel to choose Security. 
7. Using the trackwheel, scroll to Password. 
8. Click the trackwheel to bring up the password options. 
9. Click Change Option. 
10. Scroll up to Enabled. 
11. Click the trackwheel to choose Enabled. 
12. Scroll down to Security Timeout. 
13. Click the trackwheel to open the menu and change this option. 
14. Click Change Option. 
15. Scroll down and set time to 10 min. (select 15 if available)
16. Hit the escape button to exit. 
17. Scroll up and click Save. 
18. You will be prompted to enter your password. 
19. Enter your new password. 
20. Click the trackwheel to set your password. 
21. You will be prompted to verify your password. 
22. Enter your password again and click the trackwheel to set your password. 
23. After a pause, the BlackBerry will bring you back to the Options screen. 
24. Hit escape to get back to the main menu. 

The next time you turn on your BlackBerry scroll up to Unlock, click the trackwheel to select and then you will be prompted to enter your password. The password prompt will not appear each time you turn your device on, rather only when you have not used your BlackBerry within the past 15 minutes or when you initially power it on.

 
Resources

 

  

Contact me at NofinerWeb.com