RE: how do you secure a blackberry
- From: "Steve Armstrong" <stevearmstrong@xxxxxxxxxxxxxxxxxxx>
- Date: Tue, 28 Jul 2009 23:21:22 +0100
Joe,
This is not strictly true.
If you trust the off the shelf blackberry software from RIM (so you are not the subject to a focused attack), and have your own Blackberry Enterprise Server (BES), you can configure the system to reject pushed items, and strictly configure the device as to what the user can and cannot do (link to systems, use Bluetooth, send IMs, use the camera etc).
If you are thinking about this in relation to the Dubai attacks, most of these were against individual users that had individual types of accounts or had poorly configured BES servers will few controls in place.
If you users have standard devices using the ISPs BES servers then you do not have control of your devices and are open to this they of attack.
Check out the following if you want to know more about BES Security try this 200 page RIM document on configuring Sy on their devices. http://na.blackberry.com/eng/deliverables/1417/BlackBerry_Enterprise_Server_Policy_Reference_Guide[1].pdf
Steve A
(Twitter: Nebulator)
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Joseph Williams
Sent: 28 July 2009 18:48
Cc: security-basics@xxxxxxxxxxxxxxxxx; enquiries@xxxxxxxxxxxxxxx
Subject: RE: how do you secure a blackberry
This isn't true. Through "Service Books" a provider can basically push
anything software they want to the device.
Joe
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of Aarón Mizrachi
Sent: Tuesday, July 28, 2009 1:26 AM
To: Shawn Merdinger
Cc: security-basics@xxxxxxxxxxxxxxxxx; enquiries@xxxxxxxxxxxxxxx
Subject: Re: how do you secure a blackberry
On Lunes 27 Julio 2009 15:38:20 Shawn Merdinger escribió:
Hi Aarón,
On Wed, Jul 22, 2009 at 1:55 PM, Aarón Mizrachi<unmanarc@xxxxxxxxx> wrote:
The answer:
deciding not to install the update.
I don't think it is that simple if the service provider is pushing
down software and controls the update process. For the user to decide
not to install the update, the user must be presented with a choice.
If the install is done silently over the network in the background,
then there is no choice for the user.
cheers, i don't really had a time to take a look in deep on this specific
case.
I'm talking the "generic". Usually, the blackberry handheld device does not
came with an automatic update software owned by your "telephony provider" or
rim. Therefore and moreover, any update should be done by hand.
Moreover, real software updates provided by RIM should be installed using
the desktop manager application. Usually this is not an automatic process
and sometimes requires your handheld password to be done.
I understand that you can download blackberry updates from rim websites
according to your provider, but the trust rely in RIM who publish this
software.
Cheers,
--scm
--
Ing. Aaron G. Mizrachi P.
http://www.unmanarc.com
Mobil 1: + 58 416-6143543
Mobil 2: + 58 424-2412503
BBPIN: 0x 247066C1
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
The information contained in this e-Mail and any subsequent correspondence is private and is intended solely for the intended recipient(s). The information in this communication may be confidential and/or legally privileged. Nothing in this e-mail is intended to conclude a contract on behalf of Logically Secure Ltd or make Logically Secure Ltd subject to any other legally binding commitments, unless the e-mail contains an express statement to the contrary or incorporates a formal Purchase Order. For persons other than the intended recipient any disclosure, copying, distribution, or any action taken or omitted to be taken in reliance on such information is prohibited and may be unlawful.
Registered in England and Wales No: 05967368. Registered Office: 36 Tudor Road, Lincoln, LN6 3LL.
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
- References:
- how do you secure a blackberry
- From: Enquiries @ Globalart 4u
- Re: how do you secure a blackberry
- From: Aarón Mizrachi
- Re: how do you secure a blackberry
- From: Shawn Merdinger
- Re: how do you secure a blackberry
- From: Aarón Mizrachi
- RE: how do you secure a blackberry
- From: Joseph Williams
- how do you secure a blackberry
- Prev by Date: Re: Bruce Schneier on Google Apps. Do you trust Google?
- Next by Date: Re: zero footprint virus protection for certified PC
- Previous by thread: RE: how do you secure a blackberry
- Next by thread: Re: how do you secure a blackberry
- Index(es):
Relevant Pages
|
