BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 08-07-2006, 11:54 AM   #1 (permalink)
New Member
 
Join Date: Aug 2006
Model: 7100T
Posts: 2
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Attacking your company through the Blackberry!?

Please Login to Remove!

Hey guys, I am a systems administrator at a law firm and we are in the middle of setting up a Blackberry server and getting around 15 or so units on it.

I just came across an article from Wired.com, search for Blackberry a Juicy Hacker Target as I cannot post links yet.

Have you seen this yet, any thouhgts on it?

This would obviously be a serious problem for anyone who owns a Blackberry.

If this is true... which I am sure it is, can you think of any ways to prevent it from happening?

Thanks in advance.

Poma
Offline  
Old 08-07-2006, 01:54 PM   #2 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

Wired News Article:
Blackberry a Juicy Hacker Target

RIM KB Articles:
Protecting the BlackBerry device platform against malware
Placement of the BlackBerry Enterprise Solution in a Segmented Network
__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Old 08-07-2006, 02:30 PM   #3 (permalink)
Thumbs Must Hurt
 
richardsbd's Avatar
 
Join Date: Apr 2006
Location: work in Washington, DC, USA
Model: 8700c
Carrier: The 'new' AT&T (formerly known as Cingular)
Posts: 123
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by Poma

If this is true... which I am sure it is, can you think of any ways to prevent it from happening?

Thanks in advance.

Poma
1. Create IT policy which prevents users from installing applications on the handheld.

2. Have anti-virus running on the desktops/email servers to find and catch trojans before they can get to the handheld.

(probably both stated in the KB articles linked by jibi )
__________________
Brian

user and maintainer of a bunch of BB8700s

current project - nordoxandsoaps.com | View my LinkedIn profile
Offline  
Old 08-08-2006, 12:12 PM   #4 (permalink)
BlackBerry God
 
jibi's Avatar
 
Join Date: Oct 2004
Location: Jibi's Secret Place
Model: 8900
OS: 4.6.1.174
Carrier: AT&T
Posts: 11,310
Post Thanks: 0
Thanked 1 Time in 1 Post
Default

Seriously though, I think this is being slightly overblown. When the application is released, I'm going to test it out myself. We have MDS disabled for our production servers, so I'm sure that helps out a lot. As for the MAPI attack, the RIM KB article states the attacker must gain access to the internal network (through a PC) and know the victim's PIN number. If an attacker gets that far, then I'd personally think there were bigger issues to deal with.
__________________
In the beginning the Universe was created. This has made a lot of people very angry and is widely regarded as a bad move.
Offline  
Old 08-08-2006, 01:00 PM   #5 (permalink)
CrackBerry Addict
 
|||||||'s Avatar
 
Join Date: Jun 2006
Model: 7100
Carrier: Rogers
Posts: 615
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by richardsbd
1. Create IT policy which prevents users from installing applications on the handheld.

2. Have anti-virus running on the desktops/email servers to find and catch trojans before they can get to the handheld.

(probably both stated in the KB articles linked by jibi )
This is exactly right

I hate saying "Its a feature not a bug" but this is the case. The BIG feature of Mobile Data Service is that you can access your internal network with it. It is the exact same as any computer within your firewall, the BlackBerry is too. Don't allow users to install apps (easier than windows) and run anti-virus on the desktops (you have worse problems if you dont')
Offline  
Old 08-09-2006, 05:33 PM   #6 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Feb 2005
Model: 7280
Carrier: cingular, no wait, AT&T
Posts: 300
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by jibi
Seriously though, I think this is being slightly overblown. When the application is released, I'm going to test it out myself. We have MDS disabled for our production servers, so I'm sure that helps out a lot. As for the MAPI attack, the RIM KB article states the attacker must gain access to the internal network (through a PC) and know the victim's PIN number. If an attacker gets that far, then I'd personally think there were bigger issues to deal with.
This is not overblown, because the default IT Policy is to allow end users to install any application. I could have written this hack a year ago.

Edit: Well, certain apps have to be signed first. But even then, a signing key is $100.
Offline  
Old 08-09-2006, 08:13 PM   #7 (permalink)
CrackBerry Addict
 
|||||||'s Avatar
 
Join Date: Jun 2006
Model: 7100
Carrier: Rogers
Posts: 615
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by DoomBringer
This is not overblown, because the default IT Policy is to allow end users to install any application. I could have written this hack a year ago.

Edit: Well, certain apps have to be signed first. But even then, a signing key is $100.
You still have to download the app and then you have to allow it to access the network. So these are the same users that will download bonzi buddy on their PC.
Offline  
Old 08-09-2006, 08:40 PM   #8 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Feb 2005
Model: 7280
Carrier: cingular, no wait, AT&T
Posts: 300
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by |||||||
You still have to download the app and then you have to allow it to access the network. So these are the same users that will download bonzi buddy on their PC.
Oh sure, but I assume that your average suit will be easily impressed by "Free game!!!1" and install it.
Trusting your users to do the right thing is network security suicide.
Offline  
Old 08-10-2006, 06:56 AM   #9 (permalink)
CrackBerry Addict
 
|||||||'s Avatar
 
Join Date: Jun 2006
Model: 7100
Carrier: Rogers
Posts: 615
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by DoomBringer
Oh sure, but I assume that your average suit will be easily impressed by "Free game!!!1" and install it.
Trusting your users to do the right thing is network security suicide.
Yeah so you lock down their BlackBerry as good as you lock down their PC. Windows doesn't come locked down out of the box either.
Offline  
Old 08-10-2006, 03:02 PM   #10 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Feb 2005
Model: 7280
Carrier: cingular, no wait, AT&T
Posts: 300
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by |||||||
Yeah so you lock down their BlackBerry as good as you lock down their PC. Windows doesn't come locked down out of the box either.
Exactly. Proper administration is always needed...
One point raised by the article is the common perception that they are some kind of PDA that can't allow a channel into anything, but with the persistent connection to the LAN MDS gives, its a hole most people don't consider.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.