Specifications

Table Of Contents

Attack Surface Analysis of BlackBerry Devices

Auto start-up and Background processes

Signed applications can start themselves automatically whenever the system is started via compile time

settings. The developer simply designates the application as a “System Module” that should “Auto-run on

startup” in the project properties (see Figure

9). This also has the effect of not displaying

the application in the standard ribbon.

Once an application is started, the applica-

tion can also set itself to continue running in

the background via a documented run-time

API (

Application.requestBackground()).

This API can be used by both signed and

unsigned applications.

SMS (Short Message Service)

Since the BlackBerry implements the MIDP2

standard, sending and receiving SMS mes-

sages is very simple, and doesn't require the

code to be signed. In a default BIS configura-

tion (with the firewall turned off) the user

will receive a standard MIDP prompt the first

time the application attempts to send a mes-

sage, asking if they wish to allow network

access. There are no further warnings on

subsequent runs of the application.

Furthermore, the same warning is used for an

application making a HTTP connection or try-

ing to send an SMS. So a user could be easily

fooled into sending very expensive premium

SMS messages by an application that pur-

ports to connect to the Web for legitimate

purposes.

Premium Rate Scam

Regular PC users are often targeted by premium rate "dialers", applications which connect the user's

modem to a premium rate telephone number, running up large than expected service provider bills in the

process. A similar technique could be employed on the BlackBerry, but instead using premium rate SMS

numbers. The application would work as follows:

Figure 9: Project Properties in the Java Development Environment (JDE)