Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Especificações descarregar pdf (Página 21)

Attack Surface Analysis of BlackBerry Devices

Bluetooth

The BlackBerry Pearl 8100 has increased Bluetooth support compared to some of its predecessors. It now

provides the following profiles:

• Handsfree

• Handset

• Serial Port

• OBEX (OBject EXchange, for file transfer)

• DUN (Dial Up Networking)

Applications can transmit data to and from the BlackBerry via the Bluetooth serial port profile, but pairing

is always required (Figure 11). To bypass pairing, a vulnerability in the Bluetooth stack would have to be

present. Symantec are not aware of any such vulnerability at the time of writing.

Unsigned applications can use Bluetooth via the

javax.microedition.io.Connector class, but need to be signed in order

to use the net.rim.device.api.bluetooth.BluetoothSerialPortInfo

class. This class is required to gather the information necessary to estab-

lish a client-side Bluetooth connection. If an application can ascertain

this information in another manner (for example if Bluetooth device

address and channel are hard-coded) then it can use the Bluetooth seri-

al port connection without being signed (must still be paired though). The

DUN profile allows a paired PC to use the BlackBerry's data connection.

However it provides the user with a standard "AT command set" interface,

which can be used for tasks other than dial up networking, such as initi-

ating phone calls from the paired PC.

Bluetooth Backdoor

Sensitive data (such as emails, contacts) can be obtained using the meth-

ods discussed in this document. Once this information has been obtained, the application can open a

Bluetooth serial connection with a paired device that is within range, and transmit the gathered data. Note

that the user would have to intentionally pair with the attacker's Bluetooth device before this could work,

making it less feasible than most of the other attacks outlined in this document.

Bluetooth Worms

Bluetooth worms are very unlikely due to the significant amount of human interaction involved in pairing

with a Bluetooth device, accepting a file transfer, and the difficulty in executing any transferred content.

Figure 11: Bluetooth Pairing, PIN entry

1 2 ... 16 17 18 19 20 21 22 23 24 25 26 ... 38 39

Sem comentários

Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Especificações Página 21