EXPERT RESPONSE
While other portable device operating systems, such as Symbian smartphones and Palm PDAs, have been targeted by emerging malware, there haven't been any widespread specimens of malware for RIM Blackberry devices yet. However, I wholeheartedly expect to see attacks against this environment in the near future for three reasons:
- Blackberry use continues to grow, making it a large target for attackers.
- Blackberries are becoming more powerful, with larger memories and better development environments for increased application functionality.
- With improved applications, users will store more valuable secrets and engage in more e-commerce from the platform, making Blackberry an even juicier (pardon the pun) target.
Because RIM built the Blackberry on Java, it's more difficult to create malware for the platform. Blackberry application software must contend with a Java Application Manager, an underlying Blackberry OS component designed to control applications and prevent them from misbehaving. Furthermore, Blackberry applications can be digitally signed to help ensure they come from a trusted software developer. Blackberry touts this Java-based design and code signing functionality as significant boosts for security, and I don't doubt that. However, given the three trends cited above, plus the ingenuity of the attackers mixed in with the history of software vulnerabilities in nearly all platforms, I don't expect the dearth of Blackberry malware to last forever.
MORE INFORMATION:
Read this chapter excerpt from The Art of Computer Virus Research and Defense and learn how wireless mobile worms infect smartphones and other portable devices.
Learn how to keep your network safe with these endpoint security tactics.
|
