In light of news that a BBProxy code exists that could enable hackers to exploit a BlackBerry handheld-server link to bypass enterprise gateway security, BlackBerry-maker Research In Motion's security staffers seem to be saying, "what's the big deal?"
First, a description of the exploit.
Security vendor Secure Computing on Tuesday warned corporate users that their BlackBerry Enterprise Server deployments on internal networks could be vulnerable to a BBProxy attack. After manually installing BBProxy or getting a user to install it via an e-mail attachment, a hacker could, according to Secure, exploit the encrypted connection between the handheld and the BES and thus obtain access to the internal network, according to San Jose, Calif.-based Secure.
With the right precautions, though, this doom-and-gloom scenario won't happen.
At least that's what RIM says.
"Our attachment service doesn't work that way. You can send and view e-mail, but the BES system is designed to require users to manually download the application from a Web site," said Scott Totzke,director of Research In Motion's global security group.
David Bean, who is president of RIM partner eAccess Solutions,told CRN writer Kevin McLaughlin that the IT policy tools in BlackBerry Enterprise Server 4.1 can control these vulnerabilities. Bean said that BES 4.1 includes policies that can repel an attack by a self-installing or virus-infected file, but it is up to the server administrator to set up and implement such policies.
1. A Trojan like BBProxy, the first of its type for RIM handhelds, could be downloaded by an unsuspecting BlackBerry just like any other mobile malware to another platform, placed on the handheld directly, or a user may be tricked into running it, D'Aguanno said in his presentation; perhaps in a game of Tic Tac Toe.
Posted at 12:45PM on Aug 11th 2006 by DerMeisterFokk