[katin2]

Are BlackBerrys the Next Hacker Target? : Christopher Null : Yahoo! Tech

Are BlackBerrys the Next Hacker Target? : Christopher Null : Yahoo! Tech

[option94]

Wirelessly posted (Cingular 7130c: BlackBerry7130/4.1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/102)

They're one of the most secure devices on the market, of course people will want to take them down.

[katin2]

I know that.... but some master mind has nothing better to do but release a program to hack to into the blackberry and casue problems for people ...

[option94]

Wirelessly posted (Cingular 7130c: BlackBerry7130/4.1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 VendorID/102)

That's what hackers do.

[Soapm]

It would have to be some kind of trojan or worm that would send the contents of your device to other's...

[option94]

What ever it is, im sure the exploit has already being fixed. RIM are security experts. They wont let this become a big deal.

[coreyg510]

You have to consider a few things.

1. There are always going to be people who feel like exercising their skills and brain power to find ways that will crash, wreck, and invade other peoples computer systems.

2. Security experts are constantly anticipating these issues and devising ways to remedy the situation and threats.

3. Hackers are anticipating these remedies and are always updating and changing these hacks and viruses, worms, and such to avoid the detection and nutralization of these things.

If you repeat steps 2 and 3 you will just keep going around the circle. At some point, RIM will miss one of these issues or will not be able to devise a resolution quick enough to stop the breach. Microsoft, Norton, and other virus security teams have these issues as well.

Dont believe me?? Remember when the FBI computer system was hacked?

[adamlau]

All the more reason to keep your firewall enabled and to be wary of outbound connection attempts. See the following post and vote on where you stand on the following issue:

Are Persistent Connection Attempts By Third-Party Apps Acceptable To You?

[BES admin]

At this point, RIM doesn't have a fix for the BBProxy software which allows hackers to get behind your corporate firewall if they can get this software installed on a Blackberry device which is connected to your BES.

For those of you who read this thread, and who are not responsible for BES System administration, PLEASE tell your BES Admins about this exploit. They may not know about it.

Frankly, RIM's solution is nothing more than to lock the devices in your corporation down. Not a bad practice, but there are legit applications which will be affected by an IT policy which prevents software like BBProxy from being installed and run.

Your BES admins need to be aware of this situation and they need to take action. I am currently modifying my IT Policies so that most of my general users are protected against such malware and another for users who are more conscious of the threats against the corp. if they open unexpected attachments.

[gziz]

i wouldnt be too worried, the wired article is wrong, this trojan horse cannot be transmitted via email and the end user has to actually download this application onto the handheld and then run this application for this to possibly get access to the internal network.

and i dont see the point in hacking into your own companys network.

[alitaff]

hi can you advise exactly which IT policies to set on the BES to 'lock down' the devices. I a new BES admin and have only just started getting to grips with IT policies.

[hannahkat]

Any policy applied to users should include 'Disallow Third Party Application Download' = true if you want to prevent users from downloading/installing applications not provided by RIM. This is under the Security Policy Group section of IT Policies. 'Allow Split-Pipe Connections' in the same Group should be set to False. The rest, it depends on what impact you want/are allowed to inflict on your users ;)

[BES admin]

Quote:

Originally Posted by alitaff

hi can you advise exactly which IT policies to set on the BES to 'lock down' the devices. I a new BES admin and have only just started getting to grips with IT policies.

This is what I have set, but currently we DO let users download software. In addition to the settings below, you would want set:

Disallow Third Party Application Downloads = True

This is my IT Policy, but it may not work for you. I recomend using the Admin Guide to determine what settings are best for your environment.

HANDHELD POLICY SETTINGS:
IT Policy Name = "<companyname> Policy"
Password Required = TRUE
Minimum Password Length = 4
User Can Disable Password = FALSE
User Can Change Timeout = TRUE
Enable Long-Term Timeout = TRUE
Home Page Address = "http://<mybesserver>"
Enable WAP Config = FALSE
Password Policy Group:
Forbidden Passwords = ""1234", "2345", "3456", "password", "Password" "
Periodic Challenge Time = 60
Duress Notification Address = "<myemailaddress>"
Set Maximum Password Attempts = 8
Set Password Timeout = 60
Security Policy Group:
Disable Unverified Certificate Use = TRUE
Desktop Backup = 1
Allow Outgoing Call When Locked = FALSE
Disable Forwarding Between Services = TRUE
Disable Radio When Cradled = 1
Disable Weak Certificate Use = TRUE
Disable Invalid Certificate Use = TRUE
Allow Split-Pipe Connections = FALSE
Allow External Connections = FALSE
Allow Third Party Apps to Use Persistent Store = FALSE
Allow Third Party Apps to Use Serial Port = FALSE
Key Store Password Maximum Timeout = 60
Disable Key Store Low Security = TRUE
Disable Revoked Certificate Use = TRUE
Disable Untrusted Certificate Use = TRUE
Memory Cleaner Policy Group:
Force Memory Clean When Idle = TRUE
Memory Cleaner Maximum Idle Time = 60
Browser Policy Group:
Allow IBS Browser = FALSE
MDS Browser Title = "<companyname> Web Browser"
Bluetooth Policy Group:
Require Password for Discoverable Mode = TRUE
Require Password for enabling Bluetooth Support = TRUE
Disable Wireless Bypass = TRUE
Allow Outgoing Calls = 1
Disable Discoverable Mode = TRUE
BlackBerry Messenger Policy Group:
Messenger Audit Max Report Interval = 1
Messenger Audit Email Address = "<myemailaddress>"

DESKTOP POLICY SETTINGS:
Show Application Loader = FALSE
Force Load Count = 0
Auto Backup Enabled = TRUE
Auto Backup Frequency = 1
Auto Backup Include All = TRUE
Do Not Save Sent Messages = FALSE

Good Luck.

[justin.culp]

You are all forgetting one thing:

Hackers are good guys...usually work for security companies and actually enhance security.

Crackers are the bad guys.

The media just calls them all hackers, which in fact is not true.


Just thought I'd point that out; you know, inject some geekisms.

[coreyg510]

Ahhhh clarification. I was waiting for something like that to roll in.

[BES admin]

Quote:

Originally Posted by justin.culp

You are all forgetting one thing:

Hackers are good guys...usually work for security companies and actually enhance security.

Crackers are the bad guys.

The media just calls them all hackers, which in fact is not true.


Just thought I'd point that out; you know, inject some geekisms.

Originally, a hacker was a term of respect, used among computer programmers, designers, and engineers. The hacker was one who created original and ingenious programs. Unfortunately, the current popular meaning of the term is used to describe those who break into systems, destroy data, steal copyrighted software, and perform other destructive or illegal acts with computers and networks.

Moreover, the point here is not weather a 'hacker' a 'cracker' or a 'ritz' developed this software, it's that there is a loophole of sorts, it has been exploited, and we should be letting the less experienced know of the potential for a problem. RIM is well respected and known for their secure applications and hardware, most people assume it will remain this way forever, not necessarily.

Yes, their stuff is more secure than most, but don't close the door on the possibility that there may be further exploits. As a system admin, I am just passing on the knowledge. Use it how you may gentlemen.

[BBAdmin]

I bought this up at a RIM event the other week. Check the following:

First is a whitepaper entitled "Placing the BlackBerry Enterprise Solution in a Segmented Network" and that's available from here:

Livelink - Redirection

Also check out this security whitepaper page:

BlackBerry

[musy]

Hi Gentlemen

Issue with these handhelds policy is that it will disallow all 3rd party apps regardless, what about the scenario where you have pushed a 3rd party in house app to the handheld

Solution according to RIM is an Application Control Policy which disallows unauthorised third party apps exculding authorised apps, this is straightforward enough to implement but what I have noticed when, I have implemented an application control policy with disposition "disallowed" for all apps
and "optional" for an in-house app, this has the desired affect of removing third party software other than the exception in-house app

The issue is that any apps from Plazmic.com are not removed from the handheld and seemed not to be viewed as 3rd party by BES, is this by design. We want to remove all 3rd party apps regardless; other
than the one approved by us and allowed by policy

I did notice that plazmic were bought by RIM a couple of years ago

[jguel]

[QUOTE=BES admin]Originally, a hacker was a term of respect, used among computer programmers, designers, and engineers.

Actually the term 'hacker' goes back to the very early days of computing and actually was first used by students at MIT who were 'hacking' the new phone switching system in 1961. The term, however, was also used to refer to someone who pulled an ingenious or clever stunt not necessarily related to computers or phones.

[greggebhardt]

Quote:

Originally Posted by katin2

Are BlackBerrys the Next Hacker Target? : Christopher Null : Yahoo! Tech

Are BlackBerrys the Next Hacker Target? : Christopher Null : Yahoo! Tech

Until it is doen, do not worry. When it happens, you can read about it here AND the evening news.

The encryption used by BB is pretty secure, our goverment depends on it!