Dailydave mailing list archives
Re: Immunity's Guide to Being Mobile and Secure
From: Marco Ivaldi <raptor () mediaservice net>
Date: Thu, 21 Apr 2011 09:57:09 +0200 (ora legale Europa occidentale)
Hi Todd, On Wed, 20 Apr 2011, Todd Haverkos wrote: [snip]
Curious as to your thoughts, or anyone else's on whether Blackberry is even as much of a liability to the enterprise as XP.
Just wanted to contribute a few random thoughts about BlackBerry in the enterprise. I agree with you on the fact that the BlackBerry Enterprise platform provides comprehensive granular control over the handhelds and can be configured to enable a degree of protection suitable for most environments. In this aspect, it can be considered superior to other smartphones (I haven't had the chance to play with Windows Phone 7 yet). That said, in my experience as a security analyst I've verified in the field that most BlackBerry Enterprise deployments are indeed configured in an insecure way and are therefore vulnerable to a broad spectrum of security attacks, such as: malware infection, remote access to the private network (most of the time admins don't bother to separate the different BES components on different servers, and don't apply proper ACLs in order to prevent attacks generating from the BES itself), traffic logs stealing (the logging of all phone calls and MDS connections is enabled by default, and logs are stored unencrypted on disk), a range of wireless attacks (including some attacks on WPA Enterprise PEAP-MSCHAPv2 that also affect the iPhone and Android platforms), etc. The bottom line is: the BlackBerry solution can be extremely robust, if configured properly following RIM's recommendations. But in practice, it usually represents a huge attack opportunity for a remote threat agent. Probably even more than Windows XP, mainly because of its mobile always-connected-to-the-private-network nature. Cheers, -- ------------------------------------------------------------------ Marco Ivaldi OPSA, OPST, OWSE Senior Security Advisor @ Mediaservice.net Srl Tel: +39-011-32.72.100 Via San Bernardino, 17 Fax: +39-011-32.46.497 10141 Torino - ITALY http://www.mediaservice.net/ ------------------------------------------------------------------ PGP Key - https://keys.mediaservice.net/m_ivaldi.asc _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Immunity's Guide to Being Mobile and Secure dave (Apr 18)
- Re: Immunity's Guide to Being Mobile and Secure Todd Haverkos (Apr 20)
- Re: Immunity's Guide to Being Mobile and Secure Timothy Shea (Apr 21)
- Re: Immunity's Guide to Being Mobile and Secure Marco Ivaldi (Apr 21)
- Re: Immunity's Guide to Being Mobile and Secure Todd Haverkos (Apr 20)