Given the popularity of the BlackBerry and its comprehensive feature set, this platform is ripe for the picking by a thief. To help lower the chance of information exposure to a bad guy via this vector, users should configure their devices to require an authentication passcode when it's activated. This feature is a small nuisance for users, but really helps to shore up the security of the device.
Beyond the physical realm, it's possible that an attacker could exploit the BlackBerry from a software perspective by sending an email or SMS message to the device that exploit flaws to install malware on the BlackBerry itself. Historically, there has been little malware for the BlackBerry platform, given the tight controls that RIM maintains over the underlying operating system -- unlike more open platforms like Symbian or Google's new Android. Even though Apple's iPhone was supposedly a closed environment for software developers before the release of Apple's new iPhone Software Development Kit (SDK), it relies on the well-known Macintosh OS X, and has been famously hacked by a growing community of iPhone security vulnerability researchers.
Thanks to scanty documentation and a security model designed to inhibit the running of additional software, BlackBerry devices haven't faced the onslaught of attacks we've seen against other similar devices. But, stay tuned. Since the iPhone hacks have been whetting the appetites of security researchers by showing the value and power of such exploits, we will likely see renewed scrutiny for finding flaws in BlackBerry.
- Learn more about proof-of-concept mobile device malware.
- Read about the greatest security concerns for mobile device applications.
This was first published in March 2008