Confidence - (28-29.05 2013 Krakow)
Język: polski | english

Yury Chemerkin

Bio: Yury Chemerkin started as a reverser and security developer and continued gain experience on malware and mobile security. Last four year I have been researching BlackBerry and Cloud solutions for exploitations based on misunderstanding security principles or developing as a distributed spyware infrastructure. Now I’m a broad security researcher and take part in developing Live Monitoring and Forensics solutions. Also, I regular contribute with Groteck Business Media, Hakin9 and PenTest as a non-staff writer.

Temat prezentacji:
Insecurities in blackberry

Język prezentacji:
Angielski

Skrót:
This paper proposes a new security research covers BlackBerry issues relating their own features relied on highest possible way of integration and aggregation with data, service and application that simplifies management. Such way integration shapes developer’s outlook as well as malware writer’s outlook led to the bypass security methods. Despite of that, BlackBerry is full of holes to the brim if consumer has a flexible IT Policy even because current security techniques implemented in BIS (BlackBerry Internet Service) or BES (BlackBerry Enterprise Server) are indecisive argument to be sure in security and privacy and do not provide enough control. As opposite to smartphone, the tablets (PlayBook) are quite new, QNX-based and have the most known technologies, such Adobe Air, HTML5, and Android Dalvik-Runtime, are implemented widely. However, they have a poor application environment and a little those feature known on non-QNX BlackBerry device. This makes security more difficult and unstable to reliably use it by end-users. Research shows that additional third party security solutions often ruin security while native environment allows intercepting, blocking, stealing, misleading, substitute data in real-time bypassing security controls that, finally, reveal sensitive information and turn security solutions to the malware agents. The non-malware applications may use rootkit techniques, e.g. firewall hooks API to watch any incoming or outgoing network traffic. The legitimizing effect of commercial “malware” software led away from user-mode towards the kernel-mode techniques at first glance. However, user-mode rootkits or spyware are still effective to bypass security applications because they have simple APIs calling kernel methods. This research examines and highlights a range of issues referred to the incorrect approach to the security techniques development. It draws security management level of inefficiency outside isolated environment as well as old-attack techniques possibility of application for new BlackBerry device known as Playbook. The research presents pressing issues for fundamental and application BlackBerry security cases, exploitation of native applications built in OS. In additional, third-party security applications are going to be examined for security holes and misunderstanding BlackBerry security concepts.