Rather than accusing him of being wrong and not validating it, why don't you post ... IT & Business Pros forum
Rather than accusing him of being wrong and not validating it, why don't you post links to the white papers you mention.
~via BB (wap.pinstack.com)~
Do your own Research & Google ! =]
I have and according to the sources I have found top be reliable there hasn't been a documented trojan on a bb device. Those sources include programmers for government level firewalls along with blackberry reps, techs, and engineers.
~via BB (wap.pinstack.com)~
#1 He's right. There are trojans for BB's, just because it hasn't hit the news wire doesn't mean it's not a real thing. #2, google it and you'll see plenty of information on it. Now it's nowhere near the point where you are going to have to install Anti-V's on your Curve, but it is in fact possible. Everyone needs to stop treating mrmoe like some crackpot Defcon attendee. Now I do agree that the mobile hacking article the poster mentioned is worthless for us BB users, but the trojan on a blackberry premise is in fact going to be a problem in the future if people keep putting their heads in the sand.......
Originally Posted by Amigotek
Yes, I've been diagnosed with Phantom Vibration Disorder.....
~via BB (wap.pinstack.com)~
Reddog have you so quickly forgotten?
Why should I give these worthless dregs of human existence "credit and recognition"? They are as evil as the drug dealers, murderers, and child molesters that sit in the 8x10's. Harsh? Sure. But they cost me just as much as the other previously mentioned criminals do in tax dollars. Just my $.02.
Originally Posted by mrmoe
There are a few threats that any phone with Bluetooth face:
1. Bluesnarfing is attacking the Bluetooth device, usually a phone, to rip out information. Hackers can obtain phonebooks, calendars and stored SMS messages. Such is the case with the Paris Hilton and Fred Durst incidents.
2. Bluetracking is tracking a person's movement by tracking their Bluetooth device. All Bluetooth devices have a unique address, similar to a MAC address on computer network cards. By using special sensors or antennas you can see where a particular Bluetooth device pops up and record a person's movement.
3. Bluebugging involves sending executable commands to the Bluetooth device. With the proper software, you could secretly turn on a phone and make it call you. Why is this important? You have just turned the phone into a listening device that can record without your target knowing it.
Blackberry has taken steps to prevent attacks on their devices, but the fact remains that any device is only as secure as it's set up to be. If you simply turn on Bluetooth and forget about the other settings like 'allow address book transfer' etc.., then you can only be upset at one person when your information is compromised--->yourself.
Wow you guys are taking this a little personal.
As pertaining to the orginal topic of the thread. Which is Bluetooth Hacking. This is NOT POSSIBLE. Unless you allow random people to pair to your BB.
As for the other security that is all server side. Hacking the Server is completely different than the device itself. And yes please show me some creditable links. This is a discussion and it would give credit to your side of the discussion. Other than saying Google it.
And how am I irresponsible, just because I won't give them credit? I'll give them credit when credit is due. I'm just curious why you're sticking up for them? Anyways believe what you would like.
Actually, as mentioned above, it is possible to pair with an improperly configured phone with Bluetooth on. By default, many phones are programmed to allow pairing with no prompts. This was originally done by most mobile phone manufacturers because a large portion of the public didn't know how or care to learn how to configure their devices to prevent such intrusion. And the fact still remains today (computer security is my profession and is not simply limited to computers), that a LARGE percentage of the public does not know how to configure their devices to be secure. It is extremely easy for me to sit downtown with my laptop and some software (unnamed), and not only gain access to many cell phones running unsecured bluetooth connections, but also 'rip' their address books and more from their phones without their knowledge. Now with the proliferation of phones (such as my 8320) sporting WiFi, this technique becomes easier, as now these phones connect over wireless networks. This is where Evil Twin Cloning can steal every packet of information to and from your WiFi enabled phone. You'd be blown away at the number of unsecured wireless networks out there.
Go ahead and leave your phone on default and connect to that easy WiFi spot at Starbucks........you might be the next victim of ID theft. Just ask Paris Hilton!
Amen brother. The simple fact that the password for 99.9 percent of bluetooth devices is "0000" should help the non-believers....and let's not even get into wireless security as a whole
Originally Posted by 3CISS
Because they save you more than just tax dollars. But thats just my $.02.
Originally Posted by Toddboy71
Because we should.... However, Lets agree, that no one here is an expert on security. and that all is well in Wonderland.
Originally Posted by reddog187
~via BB (wap.pinstack.com)~ Mmmmmmm, interesting topic. I do agree with Reddog there MrMoe, could you site your sources for the BB Trojans? If you are indeed wanting to make us aware of what you perceive to be a credable threat, why not be more open.
Otherwise you still sound like chicken litte to me. I've heard my fair share of conspiracy theories, so I'm always skeptical without more evidence.
So, mrmoe and co, please post something where we can actually see documentation of the threat, or maybe you have something that proves your point more effectively??
I'll keep a eye out for it.
Here's another entry from that linked thread (add a little context to the conversation shall we?):
Originally Posted by kingrykku27
before in the news. But I find it curious that he's telling everyone that he's found a security flaw, talked to RIM about it, yet he's going to release the trojan for download next week. So here is a "Security Researcher", pointing out a flaw, then he's going to give the Trojan to everybody that wants to try to exploit the flaw. Not my idea of responsable research, but maybe I just don't understand.He claims that RIM has posted two new documents on their website on this issue, but a search for BBproxy finds no results. There is one new document that addresses Protecting the Device Platform from Malware in the New Documents Listing.Rcbj
This looks like we're going to be going around for a while on this one.
Tags for this Thread