Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Blackberry spyware in UAE

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News
View previous topic :: View next topic  
Author Message
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK

PostPosted: Tue Jul 21, 2009 5:34 am    Post subject: Blackberry spyware in UAE Reply with quote

http://news.bbc.co.uk/1/hi/technology/8161190.stm

Quote:
RIM told customers that "Etisalat appears to have distributed a telecommunications surveillance application... independent sources have concluded that it is possible that the installed software could then enable unauthorised access to private or confidential information stored on the user's smartphone".

It adds that "independent sources have concluded that the Etisalat update is not designed to improve performance of your BlackBerry Handheld, but rather to send received messages back to a central server".

_________________
Inperfect.
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 23 Oct 2014
Posts: 10331
Location: at the beach

PostPosted: Tue Jul 21, 2009 8:00 am    Post subject: Reply with quote

A patch has been released to remove the spyware

http://www.blackberrynews.com/2009/07/15/patch-released-for-etisalat-spyware-on-blackberry/ Currently not responding, but can be seen in Google's cache:

http://74.125.155.132/search?q=cache:WoT-YpK5r60J:www.blackberrynews.com/2009/07/15/patch-released-for-etisalat-spyware-on-blackberry/+Etisalat+spyware&cd=2&hl=en&ct=clnk&gl=us
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
olliver
Expert Developer


Joined: 27 Jan 2006
Last Visit: 02 Dec 2010
Posts: 1157
Location: yes

PostPosted: Wed Jul 22, 2009 11:17 am    Post subject: Re: Blackberry spyware in UAE Reply with quote

aBenG wrote:
http://news.bbc.co.uk/1/hi/technology/8161190.stm

Quote:
RIM told customers that "Etisalat appears to have distributed a telecommunications surveillance application... independent sources have concluded that it is possible that the installed software could then enable unauthorised access to private or confidential information stored on the user's smartphone"..


That's nasty... so they were caught red-handed: But how many other "updates to improve performance" have already been released to unwitting customers in other countries, where total surveillance is currently en vogue and openly endorsed by their administrations? We may look at this article with a false sense of security in mind, that it could not happen to us. But who says it's not already happening?

Just as a thought experiment: Consider the vast amount of Windows users who have, for years been recruited in a zombie army and have never noticed anything unusual on their computers? Consider further how trivial it is to change DNS-records on a hijacked computer, so that it queries servers under the control of those who like to install "updates to improve performance" and directs users to fake Windows update sites also under the control of the hijackers.

The same way, an administration can order that some sites be never resolved by DNS-servers (aka. censorship for dummies), it could also order to resolve some things "differently". If some ip address resolves to "windows.update.microsoft.com", how many people would be aware that PTR records can be trivially falsified (that's resolving an IP-address to a host name). To make matters worse: Who would doubt if someone looked up the IP-address in whois and the data returned claimed the /28 network to be part of Microsoft's Windows update, despite the parent network belonging to some mass hosting company like ThePlanet? [1]

Just some of these questions popping up in my head when I hear of stories like that.

O.

[1] Whois only contains what was submitted to the database. If data is not verified prior to being published, then querying whois may not be as useful for that particular address range.
_________________
Petcord netlabel :: Synflict post-digital arts :: Leftob audio cast
Each click on any of the links above will save the life of a cute kitty somewhere in the universe.
Back to top
View user's profile Send private message
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK

PostPosted: Mon Jul 27, 2009 12:09 am    Post subject: Reply with quote

With regard to security issues Olliver I have long since concluded that paranoia is the only viable survival option. Sad

Nice to know I'm not the only one!
_________________
Inperfect.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group