Specifications
Table Of Contents
- Introduction........................................................................................................................................................
- Architecture Overview........................................................................................................................................
- Operating System..............................................................................................................................
- Code Signing...................................................................................................................................................
- Modifying Signed Applications..................................................................................................................
- Malicious Code Signing..............................................................................................................................
- Mitigation Strategies......................................................................................................................................
- BIS Deployment.........................................................................................................................................
- Application Permissions.......................................................................................................................
- Device Firewall....................................................................................................................................
- BES Deployment......................................................................................................................................
- IT Policy...............................................................................................................................................
- Application Control Policy...................................................................................................................
- Application Permissions.....................................................................................................................
- Device Firewall....................................................................................................................................
- Attack Surface Analysis....................................................................................................................................
- Introduction.................................................................................................................................................
- JAD Files.......................................................................................................................................................
- Mitigation................................................................................................................................................
- File System...................................................................................................................................................
- Persistent Storage...................................................................................................................................
- J2ME File System.....................................................................................................................................
- USB Mass Storage....................................................................................................................................
- Mitigation................................................................................................................................................
- Memory and Processes................................................................................................................................
- Auto start-up and Background processes...............................................................................................
- SMS (Short Message Service)......................................................................................................................
- Premium Rate Scam................................................................................................................................
- SMS Interception.....................................................................................................................................
- SMS Backdoor..........................................................................................................................................
- Mitigation................................................................................................................................................
- Bluetooth......................................................................................................................................................
- Bluetooth Backdoor.................................................................................................................................
- Bluetooth Worms.....................................................................................................................................
- Mitigation................................................................................................................................................
- Email.............................................................................................................................................................
- Email Interception...................................................................................................................................
- Backdoor..................................................................................................................................................
- Worm........................................................................................................................................................
- Mitigation................................................................................................................................................
- PIM Data (Personal Information Manager Data).........................................................................................
- Data Theft................................................................................................................................................
- Loss of data availability and integrity.....................................................................................................
- Mitigation................................................................................................................................................
- TCP/IP Connections......................................................................................................................................
- Proxy/Firewall Bypass.............................................................................................................................
- Backdoor..................................................................................................................................................
- Port Scan..................................................................................................................................................
- Mitigation................................................................................................................................................
- Port Scan..................................................................................................................................................
- HTTP / WAP...................................................................................................................................................
- Data Theft................................................................................................................................................
- Backdoor............................................................................................................................................
- HTTP Proxy...............................................................................................................................................
- Mitigation................................................................................................................................................
- Telephony.....................................................................................................................................................
- Call Record Monitoring............................................................................................................................
- Premium Rate Calls.................................................................................................................................
- Bypassing Caller Verification Systems....................................................................................................
- Telephony Data Theft...............................................................................................................................
- Mitigation................................................................................................................................................
- Camera.........................................................................................................................................................
- Mitigation................................................................................................................................................
- Conclusions......................................................................................................................................................
- Appendix A........................................................................................................................................................
- References........................................................................................................................................................
Attack Surface Analysis of BlackBerry Devices
they may not pose a risk to the BlackBerry itself, they may infect other computers that the BlackBerry is sub-
sequently connected to.
Mitigation
You can set the following options to mitigate the scenario outlined above. See Mitigation Strategies for more
information.
USB Mass Storage Abuse
Memory and Processes
Memory within a BlackBerry is automatically allocated when objects and primitives are declared, but since
there are no pointers in Java, applications cannot access or manipulate areas of memory directly (besides
the store areas described previously).
The signed class
net.rim.device.api.system.ApplicationManager can be used to start processes and
retrieve information on running processes. The information that can be retrieved includes:
• A list of all running applications
• The application that is currently in the foreground
• Whether an application runs on startup or is a system application
• Process ID of running applications
However, applications can not kill other processes or affect the memory of other processes.
2,5
At most, an
application could cause a "Denial of Service" (DoS) by creating an infinite loop, with a break condition in the
middle that will always be false to bypass compiler verification. When this code is run, the BlackBerry
becomes completely unresponsive, and only replacing the application files via USB, or a hard reset of the
BlackBerry will make the device usable again. Another interesting side effect is that if an incoming call is
received during this DoS, the calling number will not be displayed. However it is still possible to answer the
call using the green "pickup" button, and the calling number is displayed after the call has been answered.
17
IT Policy "Disable USB Mass Storage" = True
Application Controls
Device Firewall
Application Permissions
Other Device Settings Options > Advanced Options > Media Card:
"Mass Storage Mode Support" = Off
"Auto Enable Mass Storage Mode When Connected" = No