09-21-2010, 08:26 PM
Join Date: Aug 2010
Post Thanks: 0
Thanked 0 Times in 0 Posts
| | Add-on Application Security
Please Login to Remove!
I consider myself as fairly knowledgeable when it comes to PC security. I'm familiar with most major PC security software vendors, their products, and in general how their products work and what they do. I must admit I know extremely little about Blackberry security, and it bothers me.
My concern is not with viruses (I understand there are none that affect the BB), but instead with what are called (I believe) Trojans in the PC world. Specifically, how can I know that what I think is a friendly add-on application is not instead quietly stealing data from my BB and sending it somewhere while it performs it's advertised duties? On a PC I can use, if I wanted to, a packet-sniffer and see exactly what data is being sent out by an application. Do I just need to have faith in these add-on applications?
1. Are apps in Blackberry App World checked out by RIM for things like this before they post the app to their site?
2. If I disable "Connections" (where it does not disable the app), does that completely disallow that application from communicating with entities outside my BB? (WiFi, Email, Text, etc.)
3. If I am using Password Keeper, can an application get access to data inside PK when I have PK opened (unlocked)?
4. What general precautions do security-minded folks take to limit their exposure while taking advantage of BB's many features?
5. Is there a reputable web site / thread where people document apps they have found that are malicious in some way? I usually read every app review in detail before installing, looking specifically for stuff like this, but I'm not sure every user posts their review or findings for every app they use.
Any suggestions / comments will be greatly appreciated.