Specifications
Table Of Contents
- Introduction........................................................................................................................................................
- Architecture Overview........................................................................................................................................
- Operating System..............................................................................................................................
- Code Signing...................................................................................................................................................
- Modifying Signed Applications..................................................................................................................
- Malicious Code Signing..............................................................................................................................
- Mitigation Strategies......................................................................................................................................
- BIS Deployment.........................................................................................................................................
- Application Permissions.......................................................................................................................
- Device Firewall....................................................................................................................................
- BES Deployment......................................................................................................................................
- IT Policy...............................................................................................................................................
- Application Control Policy...................................................................................................................
- Application Permissions.....................................................................................................................
- Device Firewall....................................................................................................................................
- Attack Surface Analysis....................................................................................................................................
- Introduction.................................................................................................................................................
- JAD Files.......................................................................................................................................................
- Mitigation................................................................................................................................................
- File System...................................................................................................................................................
- Persistent Storage...................................................................................................................................
- J2ME File System.....................................................................................................................................
- USB Mass Storage....................................................................................................................................
- Mitigation................................................................................................................................................
- Memory and Processes................................................................................................................................
- Auto start-up and Background processes...............................................................................................
- SMS (Short Message Service)......................................................................................................................
- Premium Rate Scam................................................................................................................................
- SMS Interception.....................................................................................................................................
- SMS Backdoor..........................................................................................................................................
- Mitigation................................................................................................................................................
- Bluetooth......................................................................................................................................................
- Bluetooth Backdoor.................................................................................................................................
- Bluetooth Worms.....................................................................................................................................
- Mitigation................................................................................................................................................
- Email.............................................................................................................................................................
- Email Interception...................................................................................................................................
- Backdoor..................................................................................................................................................
- Worm........................................................................................................................................................
- Mitigation................................................................................................................................................
- PIM Data (Personal Information Manager Data).........................................................................................
- Data Theft................................................................................................................................................
- Loss of data availability and integrity.....................................................................................................
- Mitigation................................................................................................................................................
- TCP/IP Connections......................................................................................................................................
- Proxy/Firewall Bypass.............................................................................................................................
- Backdoor..................................................................................................................................................
- Port Scan..................................................................................................................................................
- Mitigation................................................................................................................................................
- Port Scan..................................................................................................................................................
- HTTP / WAP...................................................................................................................................................
- Data Theft................................................................................................................................................
- Backdoor............................................................................................................................................
- HTTP Proxy...............................................................................................................................................
- Mitigation................................................................................................................................................
- Telephony.....................................................................................................................................................
- Call Record Monitoring............................................................................................................................
- Premium Rate Calls.................................................................................................................................
- Bypassing Caller Verification Systems....................................................................................................
- Telephony Data Theft...............................................................................................................................
- Mitigation................................................................................................................................................
- Camera.........................................................................................................................................................
- Mitigation................................................................................................................................................
- Conclusions......................................................................................................................................................
- Appendix A........................................................................................................................................................
- References........................................................................................................................................................
White Paper: Symantec Security Response
Worm.........................................................................................................................................................22
Mitigation.................................................................................................................................................23
PIM Data (Personal Information Manager Data)..........................................................................................24
Data Theft.................................................................................................................................................25
Loss of data availability and integrity......................................................................................................25
Mitigation.................................................................................................................................................25
TCP/IP Connections.......................................................................................................................................25
Proxy/Firewall Bypass..............................................................................................................................26
Backdoor...................................................................................................................................................27
Port Scan...................................................................................................................................................27
Mitigation.................................................................................................................................................27
Port Scan...................................................................................................................................................28
HTTP / WAP....................................................................................................................................................28
Data Theft.................................................................................................................................................28
Backdoor.............................................................................................................................................28
HTTP Proxy................................................................................................................................................29
Mitigation.................................................................................................................................................29
Telephony......................................................................................................................................................30
Call Record Monitoring.............................................................................................................................31
Premium Rate Calls..................................................................................................................................31
Bypassing Caller Verification Systems.....................................................................................................31
Telephony Data Theft................................................................................................................................32
Mitigation.................................................................................................................................................32
Camera..........................................................................................................................................................33
Mitigation.................................................................................................................................................33
Conclusions.......................................................................................................................................................33
Appendix A.........................................................................................................................................................35
References.........................................................................................................................................................36
4
Attack Surface
Analysis of
BlackBerry Devices