Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Spécifications télécharger pdf (Page 31)

Attack Surface Analysis of BlackBerry Devices

Signed applications can also invoke the phone application that comes with the BlackBerry to initiate phone

calls, however the user is prompted to accept the outgoing call before it is actually placed. (Figure 14)

Call Record Monitoring

Call record monitoring is the most plausible attack scenario. An applica-

tion can collect all call records such as calls made, received, and their

durations and send them to a third party. Such spyware type applications

are already popular on both traditional desktop computers as well as

other smart phone devices such as those running the Symbian operating

system

. Typically, these applications are commercial in nature and are

installed when the attacker has access to the device. Note that maintain-

ing PIN and password protection on the device greatly reduces the likeli-

hood of unauthorised physical access.

Premium Rate Calls

A malicious application could dial a premium rate number, running up

larger telephone bills. This call could be disguised in a number of ways,

such as by naming the application something less conspicuous like "cus-

tomer care" or "voice mail". Alternately a malicious application could feature misleading GUI elements such

as: "Click here to call Tech Support", or even feature data from the user's own PIM: "Click to call Uncle Bob".

Either way the user would be prompted to accept the outgoing call before it was initiated (Figure 14), mak-

ing it unfeasible to exploit all but the most naive of users.

Bypassing Caller Verification Systems

Services such as cellular voicemail authenticate the calling user by the incoming phone number. A malicious

application can take advantage of such systems by injecting DTMF tones into ongoing calls. Once the user

is authenticated, the application would have full control over the service preferences. For example, for

voicemail, the application could disable caller verification and instead enable PIN verification and then set

the PIN number.

The attacker could then intercept all subsequent voicemail messages the user receives. A similar method

could be used for other types of services.

Note that in order for this attack to work, the attacker must have precise information on the timing and

structure of the menu system of the system being targeted. This information is more easily gathered for

publicly accessible systems such as cellular voicemail and telephone banking (by the attacker setting up

their own account), than proprietary internal company systems.

For systems that require a PIN code to be entered, a malicious application can use the

Figure 14: Application-initiated phone call

1 2 ... 26 27 28 29 30 31 32 33 34 35 36 37 38 39

Pas de commentaire

Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Spécifications Page 31