Cracking the BlackBerry with a $100 Key

← Back to Stories (view on slashdot.org)

Cracking the BlackBerry with a $100 Key

Posted by Zonk on Thursday November 30, 2006 @11:15AM from the reach-out-and-worming-someone dept.

Hit Reply writes "Eweek is running the contents of a Symantec white paper that details how easy it is for a hacker to manipulate BlackBerry applications. Using a developer key that can be purchased by anyone for $100, an attacker can launch e-mail worms, SMS interception and backdoor attacks, and compromise the integrity of contacts, events and to-do items. The white paper has been yanked from Symantec's Web site." From the article: "Signed applications can send e-mail and read incoming e-mail. A malicious application could be used to allow third parties to send messages from the infected BlackBerry and also read all received messages. A malicious application could also use e-mail as a command and control channel to receive instructions to send and receive e-mails; send and receive SMS messages; add, delete and modify contacts and PIM data; read dialed phone numbers; initiate phone calls; and open TCP/IP connections."

3 of 94 comments (clear)

Min score:

Reason:

Sort:

Re:But what if... by inotocracy · 2006-11-30 11:54 · Score: 4, Interesting

I believe they already are, encryption keys are regenerated monthly on my blackberry, I always assumed that they were for this exact purpose.
No way! by 77Punker · 2006-11-30 13:05 · Score: 2, Interesting

So if you execute code on a computer, it does what you tell it to do? Better watch out!
Re:will it be used maliciously? by Curmudgeonlyoldbloke · 2006-11-30 13:56 · Score: 2, Interesting

I guess this is as good a place as any to ask - how did RIM ever sell the idea of having all corporate email and web traffic for Blackberries routed through their servers? The alternative would be to work the way that MS Mobile 5 does and have the device in the field connect directly into the Exchange Server (or whatever) via an access mechanism that you maintain. That means that you have to do the work to "keep the bad guys out" rather than RIM. Which one is "better" will depend on your point of view, and what you want to use mobile devices for. Personally, the RIM model makes a lot of sense to me, as you're already trusting your data to "someone else's network" (the wireless carrier). It's a lot easier to implement a connection (always initiated outbound) from your company to RIM than it is to support 1000s of remote devices in the field connecting in to you. Also, as has already been said above, the "rogue employee at RIM" would have to crack the AES / 3DES encryption on the traffic as it went through their servers.