Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Dokumentacja Pobierz pdf (Strona 17)

Attack Surface Analysis of BlackBerry Devices

they may not pose a risk to the BlackBerry itself, they may infect other computers that the BlackBerry is sub-

sequently connected to.

Mitigation

You can set the following options to mitigate the scenario outlined above. See Mitigation Strategies for more

information.

USB Mass Storage Abuse

Memory and Processes

Memory within a BlackBerry is automatically allocated when objects and primitives are declared, but since

there are no pointers in Java, applications cannot access or manipulate areas of memory directly (besides

the store areas described previously).

The signed class

net.rim.device.api.system.ApplicationManager can be used to start processes and

retrieve information on running processes. The information that can be retrieved includes:

• A list of all running applications

• The application that is currently in the foreground

• Whether an application runs on startup or is a system application

• Process ID of running applications

However, applications can not kill other processes or affect the memory of other processes.

2,5

At most, an

application could cause a "Denial of Service" (DoS) by creating an infinite loop, with a break condition in the

middle that will always be false to bypass compiler verification. When this code is run, the BlackBerry

becomes completely unresponsive, and only replacing the application files via USB, or a hard reset of the

BlackBerry will make the device usable again. Another interesting side effect is that if an incoming call is

received during this DoS, the calling number will not be displayed. However it is still possible to answer the

call using the green "pickup" button, and the calling number is displayed after the call has been answered.

IT Policy "Disable USB Mass Storage" = True

Application Controls

Device Firewall

Application Permissions

Other Device Settings Options > Advanced Options > Media Card:

"Mass Storage Mode Support" = Off

"Auto Enable Mass Storage Mode When Connected" = No

1 2 ... 12 13 14 15 16 17 18 19 20 21 22 ... 38 39

Brak uwag

Blackberry JAVA DEVELOPMENT ENVIRONMENT - - FUNDAMENTALS GUIDE Dokumentacja Strona 17