BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 11-03-2009, 10:00 PM   #1 (permalink)
Knows Where the Search Button Is
 
Join Date: Mar 2009
Model: 9000
PIN: N/A
Carrier: Other
Posts: 20
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Kisses - A free spyware detector

Please Login to Remove!

Hi everyone,

I'd like to announce the release of Kisses - A BlackBerry hidden programs, hidden processes and spyware detector. Its a free tool that I develop to help users have protection from commercially available and unknown variants of spyware. How would the spyware have gotten onto your BlackBerry? You could have had it installed by someone you know who had physical access to your phone, or you could have had it piggy-back on another piece of software. A brief list of Kisses' features:

Show all running processes on the BlackBerry - including system processes
Show processes running on the BlackBerry that are not visible - excluding system processes
Detect programs that are installed on the BlackBerry and are invisible in the Applications page
Detect and remove FlexiSpy and MobileSpy commercial spyware

For more information, please visit "kisses.zensay.com" on your browser. (Link in my signature)

New versions will be added constantly and feature requests will be welcome.

Thanks,
Sheran
__________________
Download Kisses - a hidden app detector for BlackBerry handhelds.
Follow me on twitter: @chopstick_
Offline  
Old 11-03-2009, 10:40 PM   #2 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z30
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,169
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

Hi,

Aren't you also the developer of PhoneSnoop, the program that's written up here?

Security Fix - DHS: PhoneSnoop app bugs BlackBerrys

US-CERT Current Activity

Does Kisses also detect your own spyware PhoneSnoop? I find it interesting that you developed both a spyware app and an anti-spyware app. Personally I would be reluctant to install an anti-spyware app developed by the same person who develops spyware.
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!

Last edited by daphne : 11-03-2009 at 10:43 PM.
Offline  
Old 11-03-2009, 10:59 PM   #3 (permalink)
Crimson Tide Moderator
 
JSanders's Avatar
 
Join Date: Oct 2004
Location: North of the moss line
Model: 9xx0
OS: 7.0sumtin
PIN: t low
Carrier: Verizon
Posts: 41,907
Post Thanks: 60
Thanked 244 Times in 182 Posts
Default

Yes, he is the one and same.

In this earlier thread here he takes credit for the development of the Phonesnoop spyware app.
PhoneSnoop and App Permissions
Offline  
Old 11-03-2009, 11:00 PM   #4 (permalink)
Knows Where the Search Button Is
 
Join Date: Mar 2009
Model: 9000
PIN: N/A
Carrier: Other
Posts: 20
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hello daphne,

Yes, I am the developer of PhoneSnoop.

I think given the recent media coverage of PhoneSnoop, I'd have far more creative and discreet ways of infecting people with spyware than posting a spyware removal tool in a forum or two

I thought Kisses did not need to detect the presence of PhoneSnoop because:

1. PhoneSnoop was a proof of concept
2. It is visible in your homescreen (distinct icon) and applications list
3. It can be easily removed because its not hidden
4. The incoming phonecall is not muted and you will hear it

But given your concern, I think I will add this as a feature in my next release. Users can expect a release in about 10 to 12 hours.

I presented the topic of BlackBerry spyware at the Hack In The Box security conference "hxxp://conference.hackinthebox.org" where I discussed many ways in which spyware can get on your phone. I released my toolkit Bugs and Kisses there as well. My intention was to raise awareness about the topic and provide users with a mechanism for protecting themselves.

I value your concern for both yourself and your forum users. It is a very valid point.

I am not pressuring anyone to install Kisses, I am merely announcing that a free solution is available - whether you choose to install it or not.

Kind regards,
Sheran
__________________
Download Kisses - a hidden app detector for BlackBerry handhelds.
Follow me on twitter: @chopstick_
Offline  
Old 11-03-2009, 11:05 PM   #5 (permalink)
Crimson Tide Moderator
 
JSanders's Avatar
 
Join Date: Oct 2004
Location: North of the moss line
Model: 9xx0
OS: 7.0sumtin
PIN: t low
Carrier: Verizon
Posts: 41,907
Post Thanks: 60
Thanked 244 Times in 182 Posts
Default

So, Sheran, let me understand:

You developed Phonesnoop only as a "kindler and gentler" spyware app, in order to prove the possibility and viability of such spyware on BlackBerrys?
Offline  
Old 11-03-2009, 11:21 PM   #6 (permalink)
Knows Where the Search Button Is
 
Join Date: Mar 2009
Model: 9000
PIN: N/A
Carrier: Other
Posts: 20
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

JSanders,

I developed PhoneSnoop to raise awareness that there are companies out there like FlexiSpy and MobileSpy.

They sell their software to the public. Thus, a motivated individual can purchase this software and proceed to spy on people he knows. How would a user know he's infected? He wouldn't unless he used a commercial or free spyware detection/removal tool. How would a user know how this spyware worked? Again he wouldn't unless he spent money on purchasing the spyware himself.

IMHO, there is no point in releasing a spyware removal tool, unless you tell users how the spyware works and what it can do. Lots of the spyware removal products do not detail enough about how a piece of spyware works and what it does. I am hoping to change that by providing PoC tools. I feel that a demo has (and in this case it clearly had) a greater impact than reading a brochure or bullet point list of features.

Kind regards,
Sheran
__________________
Download Kisses - a hidden app detector for BlackBerry handhelds.
Follow me on twitter: @chopstick_
Offline  
Old 11-03-2009, 11:36 PM   #7 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z30
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,169
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

Quote:
Originally Posted by sheran-g View Post

I developed PhoneSnoop to raise awareness that there are companies out there like FlexiSpy and MobileSpy.
<snip>
Kind regards,
Sheran
So if you developed it as proof of concept and to raise awareness, how long are you going to continue to make it available since you've proved your point already?
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!
Offline  
Old 11-03-2009, 11:51 PM   #8 (permalink)
Knows Where the Search Button Is
 
Join Date: Mar 2009
Model: 9000
PIN: N/A
Carrier: Other
Posts: 20
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by daphne View Post
So if you developed it as proof of concept and to raise awareness, how long are you going to continue to make it available since you've proved your point already?
Err.. I'm sorry, but do I understand from your response that I should remove PhoneSnoop from my blog to make it more justifiable that I release Kisses?

To remove any doubt, I will continue to host PhoneSnoop and release other PoC software as and when I develop them. My disclosure will be responsible, like I have done with PhoneSnoop. I will continue development on Kisses in parallel.
__________________
Download Kisses - a hidden app detector for BlackBerry handhelds.
Follow me on twitter: @chopstick_
Offline  
Old 11-04-2009, 12:00 AM   #9 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z30
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,169
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

I am not telling you what you should do. You said you developed it as a proof of concept and to raise awareness. Do you think you've accomplished those goals? Do you have other purposes for the app also? Do you plan to charge for it at some point?
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!
Offline  
Old 11-04-2009, 12:01 AM   #10 (permalink)
Crimson Tide Moderator
 
JSanders's Avatar
 
Join Date: Oct 2004
Location: North of the moss line
Model: 9xx0
OS: 7.0sumtin
PIN: t low
Carrier: Verizon
Posts: 41,907
Post Thanks: 60
Thanked 244 Times in 182 Posts
Default

Sheran, I can only think that if Norton or McAfee developed viruses (even "nice" ones) to raise awareness of the need for antivirus applications, you would be screaming.

I know I would.

Unless you come up with a better gameplan, I call this the fox guarding the hen house, and that just doesn't fly.
Offline  
Old 11-04-2009, 12:03 AM   #11 (permalink)
Knows Where the Search Button Is
 
Join Date: Mar 2009
Model: 9000
PIN: N/A
Carrier: Other
Posts: 20
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by daphne View Post
I am not telling you what you should do. You said you developed it as a proof of concept and to raise awareness. Do you think you've accomplished those goals? Do you have other purposes for the app also? Do you plan to charge for it at some point?
I am quite certain that I have raised awareness, but I am not sure if its enough. Thus, I will continue to do my research and disclose my findings. I do not plan to charge for any of these applications now or in the future.
__________________
Download Kisses - a hidden app detector for BlackBerry handhelds.
Follow me on twitter: @chopstick_
Offline  
Old 11-04-2009, 12:19 AM   #12 (permalink)
Just me
 
fonejunkie's Avatar
 
Join Date: Jul 2006
Model: iFone
OS: iOS4
PIN: Not on my iPhone5
Carrier: iPhone5 on AT&T Mobility
Posts: 2,292
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I definitely agree with Daphne and JSanders on this one...

On a fundamental level, I am not sure I would trust a spyware detector created and distributed by the same guy that created spyware, even if that spyware was a "proof of concept". It's like Lilly's or Pfizer creating nasty bugs in the lab as "proof of concept" to sell more nasty bug fighting drugs.
Offline  
Old 11-04-2009, 12:20 AM   #13 (permalink)
Knows Where the Search Button Is
 
Join Date: Mar 2009
Model: 9000
PIN: N/A
Carrier: Other
Posts: 20
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by JSanders View Post
Sheran, I can only think that if Norton or McAfee developed viruses (even "nice" ones) to raise awareness of the need for antivirus applications, you would be screaming.

I know I would.

Unless you come up with a better gameplan, I call this the fox guarding the hen house, and that just doesn't fly.
Unlike McAffee or Norton, I'm not out to make money. I did my research on the topic, I provided the findings, I tried to raise awareness. As far as I'm concerned, I can do no more. I wouldn't be objective if I didn't look at and disclose both sides of the topic.

I don't think PhoneSnoop can be compared to a virus, thus there is no point in drawing parallels to McAffee or Norton releasing their own virus. I'm not selling my spyware removal app. I will not charge for my app now or in the future. As I replied to @daphne, I will be updating my Kisses app to detect PhoneSnoop as well. This is so that users who aren't fully aware of what's happening on their phones can benefit as well.
__________________
Download Kisses - a hidden app detector for BlackBerry handhelds.
Follow me on twitter: @chopstick_
Offline  
Old 11-04-2009, 12:32 AM   #14 (permalink)
Knows Where the Search Button Is
 
Join Date: Mar 2009
Model: 9000
PIN: N/A
Carrier: Other
Posts: 20
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by fonejunkie View Post
I definitely agree with Daphne and JSanders on this one...

On a fundamental level, I am not sure I would trust a spyware detector created and distributed by the same guy that created spyware, even if that spyware was a "proof of concept". It's like Lilly's or Pfizer creating nasty bugs in the lab as "proof of concept" to sell more nasty bug fighting drugs.
Thanks @fonejunkie for your feedback. So is the real issue that I released the spyware (if you can call it that) and spyware detector as the same person that's the concern? Would it have been better for everyone if I released them as "good guy identity" and "bad guy identity"? (fairly simple to do with the Internet these days)

Or is it the fact that its taboo for the same person to develop opposing types of applications?

Is it that you don't trust me because I have less than 10 posts?

Is it the fact that I don't release the source?

How about the fact that I don't have a government agency certifying that my spyware detector is not malicious?

I am honestly happy that yourself, @JSanders and @daphne are asking these questions. Because in the end, they go to highlight a fundamental point: How much can we trust something and on what do we base that level of trust? This sort of discussion is as valuable to me as it is to release a app or whitepaper.

Thank you.
__________________
Download Kisses - a hidden app detector for BlackBerry handhelds.
Follow me on twitter: @chopstick_
Offline  
Old 11-04-2009, 01:14 AM   #15 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z30
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,169
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

The bottom line with BlackBerry devices is that they are easy to keep secure. BlackBerry Enterprise admins can lock down the devices so users can't install random apps, including spyware apps. Users can protect their own devices by locking them protection with a strong password, short time security time out, and limiting the password attempts. And by not installing unknown applications. The media is creating a fair amount of hype about BlackBerry spy software but I suspect the risk is pretty low in reality.

Also as far as I know, Flex-Spy and Mobile Spy do not work on pure CDMA devices. What about PhoneSnoop? Would it work on my old 8330?
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!

Last edited by daphne : 11-04-2009 at 01:15 AM.
Offline  
Old 11-04-2009, 01:57 AM   #16 (permalink)
Knows Where the Search Button Is
 
Join Date: Mar 2009
Model: 9000
PIN: N/A
Carrier: Other
Posts: 20
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by daphne View Post
The bottom line with BlackBerry devices is that they are easy to keep secure. BlackBerry Enterprise admins can lock down the devices so users can't install random apps, including spyware apps. Users can protect their own devices by locking them protection with a strong password, short time security time out, and limiting the password attempts. And by not installing unknown applications. The media is creating a fair amount of hype about BlackBerry spy software but I suspect the risk is pretty low in reality.
Accepted. But do we talk about that among ourselves or do we go out there and tell everyone about it? Not everyone is going to put a password on their phone. Not everyone will have a short lockout time; they probably detest how it gets in the way of the use of their phone. The average user sees these things as more of a hinderance than security. Security gets in the way of their routine. We can't assume that everyone will know about it. All I have seen so far on forums and comments to blogs is the same: "The risk is low because the user can put in a password, etc" No one is telling them how to do it. I plan to. I'll be releasing a series of short papers that will address this. Judging by some of the new BlackBerry models being released, I'm certain more consumers will be adopting. Consumers who will need awareness and education.

Quote:
Originally Posted by daphne View Post
Also as far as I know, Flex-Spy and Mobile Spy do not work on pure CDMA devices. What about PhoneSnoop? Would it work on my old 8330?
PhoneSnoop works by matching the incoming phone call's number with a "trigger" number. If there's a match, the call is picked up. It works with voice calls only, so I'm guessing it should work with your 8330. I tested it on the 8330 simulator and it works.
__________________
Download Kisses - a hidden app detector for BlackBerry handhelds.
Follow me on twitter: @chopstick_
Offline  
Old 11-04-2009, 09:39 PM   #17 (permalink)
Knows Where the Search Button Is
 
SplinterCell's Avatar
 
Join Date: Nov 2009
Location: Behind You!
Model: 9630
OS: 5.0.0.419
PIN: N/A
Carrier: Sprint
Posts: 17
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

This is the reply I made on CrackBerry this morning, but they deleted this Kisses fool's thread. I just copy and pasted my reply as I believe it's valuable info. Sorry, I can not post links (so copy and paste obviously replacing the "xx" with "tt") as I'm new, but may post here more often as I now have an account here. This Kisses app just makes me mad as hell and I have to get my 2 in. I wish CrackBerry wouldn't have deleted this PhoneSnoopers thread as it's a valuable warning for some searching for info on these apps!

-------------------
Something fishy when the developer of this PhoneSnoop hxxp://chirashi.zensay.com/2009/10/phonesnoop-turn-a-blackberry-into-a-portable-bug/ who in their own words describes this app with words like "victim" and "attacker". I could care less if PhoneSnoop was devolved to raise awareness; terrorist acts are committed to raise awareness!

If you still want to install this "spyware detector" be forewarned...Kisses will not detect the developers own spyware PhoneSnoop. Here's an article I found by the Washington Post on PhoneSnoop: DHS: PhoneSnoop app bugs BlackBerrys. hxxp://voices.washingtonpost.com/securityfix/2009/10/dhs_warns_of_blackberry_snoopi.html?hpid=sec-tech

The Department of Homeland Security's U.S. Computer Emergency Readiness Team (US-CERT) is warning about PhoneSnoop...

Quote:
BlackBerry PhoneSnoop Application Used to Spy on Users
added October 27, 2009 at 11:59 am

US-CERT is aware of public reports of a new software application called PhoneSnoop. This software allows an attacker to call a user's BlackBerry and listen to personal conversations. In order to install and setup the PhoneSnoop application, attackers must have physical access to the user's device or convince a user to install PhoneSnoop.

US-CERT encourages users to only download BlackBerry applications from trusted sources and to password protect and lock BlackBerry devices.
To the developer of PhoneSnoop and Kisses, IMHO what you are doing is offering protection from people like you. Keep your grubby, snooping hands off my BlackBerry!


Kisses of Death,
Chris
__________________
"The battle, sir, is not to the strong alone; it is to the vigilant, the active, the brave." -Patrick Henry
Offline  
Old 11-04-2009, 09:45 PM   #18 (permalink)
Knows Where the Search Button Is
 
SplinterCell's Avatar
 
Join Date: Nov 2009
Location: Behind You!
Model: 9630
OS: 5.0.0.419
PIN: N/A
Carrier: Sprint
Posts: 17
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by sheran-g View Post
I am quite certain that I have raised awareness, but I am not sure if its enough. Thus, I will continue to do my research and disclose my findings. I do not plan to charge for any of these applications now or in the future.
You will just charge to have them removed. People such as you crack me up, come near my BlackBerry and I'll send you back to Sri Lanka in box.


Best of luck, "Super Spy",
Chris
__________________
"The battle, sir, is not to the strong alone; it is to the vigilant, the active, the brave." -Patrick Henry
Offline  
Old 11-04-2009, 09:49 PM   #19 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z30
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,169
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

Regarding this:
Quote:
No one is telling them how to do it.
Users get told that all the time on this forum. Imo, it doesn't take writing a spyware app to teach people about securing their BlackBerry.

If the authors of Zbot, the trojan that steals banking passwords, said they were trying to raise people's awareness about securing their computers, would that make it ok for them to infect your PC, steal your passwords, and drain your back account?
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!
Offline  
Old 11-05-2009, 01:06 AM   #20 (permalink)
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Z30
OS: 10.2.1.12
PIN: X1ZPY34K
Carrier: VZW
Posts: 9,169
Post Thanks: 122
Thanked 146 Times in 116 Posts
Default

sheran-g,

Question for you. On your page here ZenConsult Technology Consulting | Kisses - the spyware detector you are asking for donations to purchase Flexispy and MobileSpy.

Quote:
Important: I'm trying to build a list of signatures of spyware out there. This will then enable me to add these signatures into Kisses to be able to detect if specific spyware has been installed on your phone. If you have access to any of the following programs: FlexiSpy, MobileSpy, then please contact [email address]. Alternatively, if you are able to do so, a donation would allow me to purchase either of these tools and then examine them further myself. Donations can be tracked and donators will be listed on the donations page. Kisses will always be free; you shouldn't have to pay for protection.
However, in your changelog, you say that Kisses already detects Flexispy and MobileSpy.
Quote:
ChangeLog
Kisses
Features

Kisses 1.0.3
Added spyware detection & removal for PhoneSnoop
Kisses 1.0.2
Added spyware detection feature for two versions of FlexiSpy
Added spyware detection feature for two versions of MobileSpy
Added spyware removal feature for detected spyware
Kisses 1.0.1
Fixed a navigational issue that causes the menu to appear on button clicks
Kisses 1.0
Detects invisible processes
Detects invisible installed applications
Can reveal invisible applications
Shows all running processes on the handheld
So does that mean Kisses does not detect all versions of Flexispy or MobileSpy? You claim it detects invisible installed applications, does that mean some but not all? Or what does it really mean? Something seems wrong with this picture. Also it seems rather presumptuous to me that you are asking for donations to buy spyware apps. I have worked in the anti-spyware and anti-virus industry and I've yet to see a company ask for money to purchase commercial keyloggers, for example, so they can be added to detections. Even companies that offer free apps don't do that.
__________________
Report spam text messages to 7726
#BlackBerry by choice #BlacBerry 10 is here!
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.