Specifications
Table Of Contents
- Introduction........................................................................................................................................................
- Architecture Overview........................................................................................................................................
- Operating System..............................................................................................................................
- Code Signing...................................................................................................................................................
- Modifying Signed Applications..................................................................................................................
- Malicious Code Signing..............................................................................................................................
- Mitigation Strategies......................................................................................................................................
- BIS Deployment.........................................................................................................................................
- Application Permissions.......................................................................................................................
- Device Firewall....................................................................................................................................
- BES Deployment......................................................................................................................................
- IT Policy...............................................................................................................................................
- Application Control Policy...................................................................................................................
- Application Permissions.....................................................................................................................
- Device Firewall....................................................................................................................................
- Attack Surface Analysis....................................................................................................................................
- Introduction.................................................................................................................................................
- JAD Files.......................................................................................................................................................
- Mitigation................................................................................................................................................
- File System...................................................................................................................................................
- Persistent Storage...................................................................................................................................
- J2ME File System.....................................................................................................................................
- USB Mass Storage....................................................................................................................................
- Mitigation................................................................................................................................................
- Memory and Processes................................................................................................................................
- Auto start-up and Background processes...............................................................................................
- SMS (Short Message Service)......................................................................................................................
- Premium Rate Scam................................................................................................................................
- SMS Interception.....................................................................................................................................
- SMS Backdoor..........................................................................................................................................
- Mitigation................................................................................................................................................
- Bluetooth......................................................................................................................................................
- Bluetooth Backdoor.................................................................................................................................
- Bluetooth Worms.....................................................................................................................................
- Mitigation................................................................................................................................................
- Email.............................................................................................................................................................
- Email Interception...................................................................................................................................
- Backdoor..................................................................................................................................................
- Worm........................................................................................................................................................
- Mitigation................................................................................................................................................
- PIM Data (Personal Information Manager Data).........................................................................................
- Data Theft................................................................................................................................................
- Loss of data availability and integrity.....................................................................................................
- Mitigation................................................................................................................................................
- TCP/IP Connections......................................................................................................................................
- Proxy/Firewall Bypass.............................................................................................................................
- Backdoor..................................................................................................................................................
- Port Scan..................................................................................................................................................
- Mitigation................................................................................................................................................
- Port Scan..................................................................................................................................................
- HTTP / WAP...................................................................................................................................................
- Data Theft................................................................................................................................................
- Backdoor............................................................................................................................................
- HTTP Proxy...............................................................................................................................................
- Mitigation................................................................................................................................................
- Telephony.....................................................................................................................................................
- Call Record Monitoring............................................................................................................................
- Premium Rate Calls.................................................................................................................................
- Bypassing Caller Verification Systems....................................................................................................
- Telephony Data Theft...............................................................................................................................
- Mitigation................................................................................................................................................
- Camera.........................................................................................................................................................
- Mitigation................................................................................................................................................
- Conclusions......................................................................................................................................................
- Appendix A........................................................................................................................................................
- References........................................................................................................................................................
White Paper: Symantec Security Response
Contents
Introduction.........................................................................................................................................................5
Architecture Overview.........................................................................................................................................6
Operating System...............................................................................................................................6
Code Signing....................................................................................................................................................6
Modifying Signed Applications...................................................................................................................7
Malicious Code Signing...............................................................................................................................7
Mitigation Strategies.......................................................................................................................................8
BIS Deployment..........................................................................................................................................8
Application Permissions........................................................................................................................8
Device Firewall.....................................................................................................................................10
BES Deployment.......................................................................................................................................10
IT Policy................................................................................................................................................11
Application Control Policy....................................................................................................................11
Application Permissions......................................................................................................................13
Device Firewall.....................................................................................................................................13
Attack Surface Analysis.....................................................................................................................................13
Introduction..................................................................................................................................................13
JAD Files........................................................................................................................................................14
Mitigation.................................................................................................................................................15
File System....................................................................................................................................................15
Persistent Storage....................................................................................................................................15
J2ME File System......................................................................................................................................16
USB Mass Storage.....................................................................................................................................16
Mitigation.................................................................................................................................................17
Memory and Processes.................................................................................................................................17
Auto start-up and Background processes................................................................................................18
SMS (Short Message Service).......................................................................................................................18
Premium Rate Scam.................................................................................................................................18
SMS Interception......................................................................................................................................19
SMS Backdoor...........................................................................................................................................20
Mitigation.................................................................................................................................................20
Bluetooth.......................................................................................................................................................21
Bluetooth Backdoor..................................................................................................................................21
Bluetooth Worms......................................................................................................................................21
Mitigation.................................................................................................................................................22
Email..............................................................................................................................................................22
Email Interception....................................................................................................................................22
Backdoor...................................................................................................................................................22
3
Attack Surface
Analysis of
BlackBerry Devices