Al Sacco, my friend and BlackBerry Guru of CIO, has an excellent article “The Latest BlackBerry Spyware Scare: Don’t Worry Yet“, and it’s about the latest study done with the Proof-Of-Concept and his views on it. While we present you the facts, I try to point out we’re not discouraging you, only urging you to use secure practices with your device. It’s just like a computer, be careful and be educated about it.
Al’s article points out the truths about how the software gets on and that it’s not really hacking which is true. But like the week we got our first computer, or better yet let our young teens on the computer, and everything was downloaded. I had more experience with viruses, trojans, and worms because of that, and I also learned security practices to a T. I can’t remember how many times my firewall would alert me because of a trojan trying to access the internet. I use an anti-virus on my pc only because I don’t want to second-guess sites or have the headache of removing them. I protect my data at home and when I travel. But that’s me.
Al also points out that it’s nothing new, and no reason to run just yet. And it’s true. Studies like these are done to see where weaknesses are and where the vulnerabilities lay. But it’s true, in the study, the software was installed on the BlackBerry. Something I hope most of us would vigilantly guard against with security measures. The Proof-Of-Concept is a study for both experts and consumers, so you can be aware. It’s like everyday caution. Sure, we know we don’t have rich uncles who died in Nigeria, yet the scammers exist and you just don’t answer those emails. The many pictures that came with trojans that even though many people knew about, they spread anyways when consumers opened their emails on their pcs. Be aware of your surroundings and exercise caution.
Your BlackBerry is no different. It’s a miniature pc with voice. And I’m not saying that it’s not a concern, but if you password protect your BlackBerry no one can go through it or install malware on it. That was something SMobile has brought up in tips for us. Also I know many of us go happy downloading apps. We never really think about the allow connections or run as trusted app when the alert pops up. We just allow. Don’t assume that your phone is resistant to any malware downloaded, or that it is foolproof. Your device is only as secure as you keep it. So knowing what you’re downloading and thinking about what you’re allowing is something to think about. And SMobile had said to make sure the app you’re downloading is trusted and an official app. Make sure there’s reviews and feedback on it, check the ratings. Be a cautious consumer.
As Al points out for now these apps can only affect you if they are installed on your BlackBerry. And there have been a few around for awhile. The various spyware and trojans are listed on the pdf’s from the previous post. The only reason I post about the security is because I want you to be careful with your BlackBerry and use security practices. Even in your security options you have a firewall you can enable and decide what you want blocked outside your contacts. I bring out the facts so you can read them, see them, and just know what’s out there. Being careful never hurt anyone, I’m not trying to give you concern to panic, just to be aware. I’ll bet you use security practices with your laptop, home pc, and/or netbook, so why is your BlackBerry any different? I’ll be going into security practices with you, including the password protect so that you know what options are available on your device already and using security practices with installation so whether your’re a newbie or someone who’s never given it any thought, just remember an ounce of prevention is worth a pound of cure.
I am also including a statement from RIM:
“As a point of clarification to the article titled “BlackBerry spyware source code released”, it is very important that you understand the risk of spyware. Applications containing spyware cannot be installed on a BlackBerry smartphone without the user’s explicit consent unless of course someone gains physical possession of the user’s device along with knowledge of any enabled password. Although it is important for users of all types of computers and mobile devices to always exercise caution before downloading apps, it is also important to understand the context in which the risk of this spyware was described at the conference on Sunday and that the spyware app cannot simply install itself stealthily on to a user’s device. Further,, a user can review and confirm the list of installed apps on their device by looking in the “Options” area at any time.”