Wednesday, July 22, 2009

BlackBerry Spyware Wasn’t Ready for Prime Time

WIRED
A BlackBerry software upgrade in the Middle East that turned out to be an e-mail interception program was likely a buggy beta version of a U.S.-made surveillance product, according to an analyst who dissected the malicious code.

Sheran Gunasekera, who works as a security consultant in Asia, released a white paper examining the spyware. (.pdf) Gunasekera said the software had no protective measures to obfuscate it, making it easy to decompile and examine — an unusual flaw for a program designed for surreptitious interception. What’s more, command messages sent to the BlackBerry to initiate and halt interception can be transmitted to the device through e-mail or BlackBerry’s proprietary PIN messaging system. But the PIN messages are visible on the handheld’s screen for a fraction of a second when they arrive and a copy of commands sent via e-mail appear in the user’s inbox, which would conceivably alert an observant user to suspicious activity. Gunasekera says the e-mail command function is turned off by default, apparently because of this glitch.

More...

1 comment:

Jennifer said...

Hi,
You should use ”NoAdware” . It’s very effective. I don’t have anymore problem with spyware, Trojan , pop-up or computer viruses. I came across this software in PC World magazine. check it out here:
http://NoAdware.net