Thread Rating:
  • 5 Vote(s) - 3.6 Average
  • 1
  • 2
  • 3
  • 4
  • 5
BlackBerry's armor has cracks: Security experts
Research in Motion's resistance to giving governments access to its BlackBerry network misses a major point -- authorities could probably hack the data on their own if they want it badly enough, security experts say.

Indeed, a major attack against BlackBerry users by a telecom in the United Arab Emirates employed that very tactic a year ago, according to RIM. Experts say other malicious programs are likely to be lurking around, readying to be sprung.

India, Lebanon, Saudi Arabia and the United Arab Emirates say they need RIM's cooperation so they can decode messages scrambled with BlackBerry's proprietary technology. They have threatened to restrict RIM's operations if the company won't meet their demands, which they say are driven by national security concerns.

But if RIM doesn't back down, the governments themselves could instead choose to hack into the BlackBerry network.

"I could design a good hundred ways to gain access," said Bruce Schneier, a security expert who is chief security technology officer for BT.

Officials with Canada's RIM did not respond to a request for comment.

Security experts say they'd almost certainly attack at the network's most vulnerable points: the BlackBerry smartphone itself and the BlackBerry server. Those two pieces of equipment sit at either end of the network where they offer would-be hackers access to unscrambled data.

Last year's attack in the UAE is a good example of how a hacker might work. It employed spyware created by SS8, a closely held U.S. security firm, RIM says.

Emirates Telecommunications Corp, the UAE's largest telecoms operator, sent the program to its BlackBerry disguised as a software update. It told its customers that the it would enhance the performance of their equipment, but RIM says it was mainly intended to tap into their communications.

The telecom declined comment at the time.

RIM said it quickly discovered the so-called "malware" because of a glitch in its implementation, and told users not to install it on their phones. But hackers might go undetected, experts say.

To prove the point, a security researcher named Tyler Shields released a spyware program earlier this year for attacking BlackBerries via the handset. It allows hackers to intercept messages that reach the device and use its microphone to tap conversations in the immediate vicinity of the phone.

"I wanted to demonstrate that BlackBerry handhelds are susceptible to spyware," said Shields, who works for the Burlington, Massachusetts-based security firm Veracode Inc.

The program, dubbed TXSBBSpy, did not include installation software as Shields never intended it to be used. He only wanted to show the BlackBerry was not unhackable.

A successful attack on a Blackberry Enterprise Server could prove even more devastating because each server manages data for hundreds of users.

Hackers could write code to take advantage of vulnerabilities in the software that runs those servers, said Chet Wisniewski, senior security adviser at Sophos, anti-virus software maker. Such a program would allow outsiders to view messages from all the users hooked up to the computer via their handsets.
yahoo news
Thanks given by:

Possibly Related Threads…
Thread Author Replies Views Last Post
  General News: BlackBerry Evolve, Evolve X launched with dual cameras, 4000mAh battery nairrk 0 706 08-02-2018, 02:34 PM
Last Post: nairrk
  General News: BlackBerry KEY2 with 4.5-inch Full HD display, QWERTY keypad launched in India nairrk 0 699 07-23-2018, 12:35 PM
Last Post: nairrk
  General News: BlackBerry Key2 with dual cameras, QWERTY keyboard launched nairrk 0 587 06-08-2018, 10:30 AM
Last Post: nairrk
  Update: BlackBerry KEYone launched in India for Rs 39,990 nairrk 0 708 08-01-2017, 12:34 PM
Last Post: nairrk
  General News: BlackBerry KEYone launched with fingerprint sensor, Android Nougat nairrk 0 622 04-28-2017, 01:03 PM
Last Post: nairrk
  General News: BlackBerry Aurora affordable smartphone launched: Price, specifications, features nairrk 0 751 03-09-2017, 02:35 PM
Last Post: nairrk
  General News: IBM to soon launch its mobile security service ‘Maa360’ in India rahul1117_kumar 0 609 09-15-2016, 08:09 AM
Last Post: rahul1117_kumar
  Update: 900 million Android smartphones affected by "Quadrooter" security flaw rahul1117_kumar 0 528 08-08-2016, 01:07 PM
Last Post: rahul1117_kumar
  Update: Moto Z and Moto Z Force to receive monthly security updates, Motorola confirms rahul1117_kumar 0 447 07-23-2016, 12:34 PM
Last Post: rahul1117_kumar
  General News: Good news BlackBerry fans, the classic QWERTY keypad is here to stay rahul1117_kumar 0 524 07-08-2016, 06:48 PM
Last Post: rahul1117_kumar

Forum Jump:

Users browsing this thread: 1 Guest(s)