SITE MAP
ABOUT US
SUPPORT
FAQ
HOME
Spyware risk chances on BlackBerry |
 |
| 2/08/2010 13:12:36 PM | |
There have been reports for a lot about security issues with iPhone, but the BlackBerry is not yet immune to threats from malicious apps. There was an instance, which allowed people to shoot SMS command to his phone and have his contact list forwarded to the e-mail address in a demonstration. With another short text command, there was an option for BlackBerry to e-mail me any SMS messages sent. This allowed for keeping a log of all his calls, monitored his inbound text messages, tracked the location in real-time based on the GPS (Global Positioning System) in the device and turned his microphone on to listen to conversations in the room and record them. It is trivial for writing this type of code using the mobile provider's own API [Application Programming Interface] provided to any developer. This program is called "TXSBBSpy" and is releasing the source code but not an executable version of it. The main goal is to show how easy it is to create mobile spyware. TXSBBSpy can take data from the phone, both in real-time and in snapshots and send it off through SMS or e-mail to any Web server or TCP [Transmission Control Protocol] or UDP [User Diagram Protocol] network connections. There was an ability to control the spyware using text messages sent from my mobile phone and the spyware had to be first installed on his BlackBerry for the snooping to work. This can be done by sending the targeted victim an e-mail or text with a link to a Web page, in which the spyware is sneakily installed. It can be hidden inside a legitimate-looking app downloaded from the App Store. The risks are quite similar to those posed by Swiss researcher Nicolas Seriot in the iPhone spyware demo at the Black Hat DC security conference on this Wednesday. The types of behaviors demonstrated will be universal across all mobile platforms. BlackBerry platform has a significant number of security mechanisms in place that could be used to mitigate against these types of attacks. For instance, the user can set the options for limiting the access to specific types of data a particular app can accommodate. However, many smartphone users are not aware about the security risks and they don't think the risks are serious or don't know the means to get secure with their devices. A survey from last August found that only 23% of SmartPhone owners make use of the security software already installed on their device. App stores also need to do more to vet the apps and the same message was given for Apple. In the meantime BlackBerry users should be more careful about the apps they download and rights given to them. Users should not hit the 'I trust this app' button". It can give it all the access to all your personal information. Users should go into the app security configuration within the BlackBerry option screen and enlist it specifically about information the app can access or set it to prompt if the app tries to access certain data. The security models are insufficient and inadequate because they trust by default. Sandboxing [techniques] only help in protection from one app from another app and not from accessing user data. App stores give users a false sense of security. RIM was contacted about the issues and the company's official comment was that they ca not make any comment on the security of the operational part of App center. Tag Clouds: wordpress hosting, wordpress web hosting, wordpress website hosting, web hosting, Free Web Hosting, Unlimited Web Hosting, Reseller Web Hosting, VPS Web Hosting, free website templates, Web Hosting news, Web hosting FAQ, Web Hosting Tutorials, Web Hosting Glossary, SEO TOOLS |
|
SRC: |
|
<-- Back
KVC Hosting News
