(pdf) yury chemerkin icitst 2012
TRANSCRIPT
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
1/28
VULNERABILITY ELIMINATI
FORCE OF NEW MOBYU
THE 7TH INTERNATIONAL CONFERENCE FOR INTERNET TECHNOLOGY AND SECURED
TR
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
2/28
THE SECURITY IS THE CORNERSTONE
A POWERFUL HIGH LEVEL INTEGRATION
IMs, SOCIAL NETWORKS
FINANCIAL DATA AND ETC.
THE BLACKBERRY WAS BUILT
FREE OF MALWARE & HARMFUL ACTIONS WITH NATIVE SECURITY SOLUTIONS
MAINLY FOCUSED ON ENTERPRISE
WIDE RANGE IT POLICY SET
UP TO 500 UNITS
A FEW THIRD PARTY SECURITY SOLUTIONS
A SIMPLIFICATION OF THE SECURI
POOR INTERGRATION (ONLY BLAC
NO BUILT IMs, HTML5 &
NO WALLETS OR ELSE BU
PLAYBOOK MIGHT
PRODUCE FEW VALUE DA NOT MORE THAN LARGE
TOTALLY FOCUSED ON ENTERPRIS
IT POLICY EXTRA REDUCE
UP TO 10 UNITS
ENTERTAINMENT APPLIC
BLACKBERRY SECURITY ENVIRONM
BL CKBERRY SM RTPHONE W S SECURE PLAYBOOK HAS COME WITH A POO
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
3/28
A LOT OF TYPES
BOOTKITS
FIRMWARE
USER-MODE
KERNEL
HYPERVISOR
SIMILAR TO THE SPYWARE
BUNDLING WITH DESIRABLE SOFTWARE
WIDESPREADING, EASY DITRIBUTION AND QUITE
RELEVANT FOR HACKERS
BASED ON:
VENDOR-SUPPLIED EXTE
THIRD PARTY PLUGINS
PUBLIC INTERFACES
INTERCEPTION OF SYSTE
EXPLOITATION OF SECUR
VULNERABILITIES
HOOKING AND PATCHING
METHODS
USER MODE ROOTKIT AND SPYWA
M LW RE BOUNDS BECOME UNCLE R HACKERS ARE INTERESTED IN CHEA
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
4/28
VIA THE BUILT (INTERNAL) EXPLORER
AFTER ENTERING THE PASSWORD BUT STILLTHE INTERNAL EXPLORER
FOR EXECUTING MALWARE FROM THE DEVICE
BY CLICKING FILE (.JAR/.JAD + .COD)
TO ALLOW COPYING THE MALWARE TO THEDEVICE AS AN EXTERNAL DRIVE (LIKE A WORM)
AFTER MOUNTING AS AN EXT
AFTER ENTERING THE PASSWONOT NECESSARY TO USE INTER
TO PREVENT FROM EXECUTIN
OUTSIDE APPWORLD (.BAR)
MALWARE IS A PERSONAL APSUBTYPE IN TERMS OF RIMs S
THE FILE SYSTEM ISSUES
BB OS v45 WAS ACCESSIBLE BB OS V67 PLUS PLAYBOOK ARE AC
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
5/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
6/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
7/28
THE UPGRADE FEATURE MEANS
THE INSTALL & REMOVE ACTIONS AT LEAST
AN APPLICATION ID REQUIREMENT
AN ACCESSIBLE RUNNING APPLICATION LIST
HANDLING ANOTHER APPs SILENTLY VIA API
HANDLING ANOTHER APPLICATION SILENTLY VIAPC TOOLS
MAY NEED A PASSWORD
DEBUG MODE IS FOR TRACING &
DEBUGING ONLY
EASY TRACKING THE NEWCOMING .COD
MODULES FOR THE MALWARE PAYLOAD
THE UPGRADE MEANS AN USE
WITH APPWORLD
WITH HOME SCREEN
THERE ARE SOME APIs BUT DIS
THERE IS NO API FOR SUCH ACT
HANDLING ANOTHER APPLICATIPC TOOLS
MAY NEED A PASSWORD
STRONGLY NEED ACTIVAT
MODE
LOOKS LIKE MORE SECURE THAN
DIFFICULT TO REMOVE DISTRIBU
THE APPLICATION MANAGEMENT IS
BLACKBERRY SMARTPHONE (LESS THAN BB 10) BLACKBERRY PLAYBOOK (PROBABLY
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
8/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
9/28
HOW TO REVEAL THE DATA IN REAL TIME
GETCLIPBOARD()
ANY PROTECTION
NATIVE WALLETS RESTRICT THE CLIPBOARD
ACCESS BY RETURNING NULL WHILE THE APPLICATION IS ACTIVE (ON
TOP OF SCREEN STACK) ONLY
DOES NOT WORK IN MINIMIZED STATE
HOW TO REVEAL THE DATA IN R
GETDATA()
ANY PROTECTION
NO NATIVE WALLET APPL
MANAGING THE LAST CLSHARED FOLDER
PLAIN TEXT
HTML
ETC.
THE CLIPBOARD ISSUES
BLACKBERRY SMARTPHONE BLACKBERRY PLAYBOOK
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
10/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
11/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
12/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
13/28
SCREEN PROTECTION VIA SWITCHING
PERMIT
RESTRICT
ADDITIONALLY PER APPLICATION.
BUT DOES NOT HANDLE WINDOWs
HANDLE WITH THE KEY PREVIEW DUE THEVIRTUAL KEYBOARD
MAY BE IMPROVED BY XORing TWO
PHOTOSCREENS TO GET THE DIFFERENCE
MASKING THE ASTERISKS TAKES A DELAY
ENOUGH TO STEAL THE TEXT
MAY BE PART OF OCR ENGINES
ONLINE OR DESKTOP
RECOGNIZE TYPED DATA
WAS TESTED ON ABBYY O
SUBSTITUTE FOR HARDWARE KE
RUNNING DOWN THE BATTERRYTHAN PHOTO/VIDEO CAMERA
EASY ACCESS TO ANY APPLICATI
NO RESTRICTION LIKE THE CLIPB
SCREENSHOTS OFTEN STORE IN
THE SAME A FILE ACCESS
THE PHOTOSCREEN ISSUES
ARE AVAILABLE FOR ALL BLACKBERRY DEVICES BUT DISABLED FOR PLAYBOOK AND BLACK
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
14/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
15/28
USING AUTHORIZED API TO INTERCEPT
MESSAGES (BBM, EMAIL, PIN-TO-PIN)
CREATE THE MESSAGE
READ THE MESSAGE
DELETE THE MESSAGE
SET THE MESSAGE STATUS (UNREAD,SENT, ANY ERROR STATE, ETC.)
THE BUTTON EVENTS (THE SAME TYPES)
OPENING THE MESSAGE
FORWARDING THE MESSAGE
SENDING THE MESSAGE
INTERCEPTING THE SMS (BASICA
RECEIVING AND SENDING
DELETING THE SENT & R
ENOUGH TO HANDLE SO
OUTCOMING SMS (ADVANCED)
BLOCKING (DROPPING) T A NOTIFICATION IN THE M
SPOOFING
THE RECEPIENT
THE BODY
TRANSMISSION RE
SUCH MESSAGE W
THE MESSAGES ISSUES
AVAILABLE ON THE BB DEVICES PROBABLY ON THE BLACKBERRY 10 NO 3G, NO AP
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
16/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
17/28
THE PASSWORD PROTECTION COVERS
DEVICE LOCKING & ENCRYPTION FEATURE
APPWORLD REQUEST
LIMITED BY 5/10 ATTEMPTS & WIPE THEN
WIPING THE INTERNAL STORAGE ONLY
EXTRACTING THE PASSWORD TRHOUGHT ELCOMSOFT PRODUCT (CUSTOM CASE)
GUI VULNERABILITY
CREATING THE FAKE WINDOW ON
DESKTOP SYNCHRONIZATION
BREAKING INTO BB DESKTOP SOFTWARE
HANDLING MS WINDOWS VULN
UNMASKING THE FIELD
GRABBING THE PASSWO
MASKING THE FIELD
THIS DELAY TAKES 10-20
AFFECTED PASSWORD TYPES THE DEVICE PASSWORD
THE BACKUP PASSWORD
AFFECTED DEVICES
BLACKBERRY 4-7 (BB 10
BLACKBERRY PLAYBOOK
THE DEVICE PASSWORD ISSUES
FOR THE BLACKBERRY 47 DUE THE INTERNAL CASE FOR ALL DEVICES DUE IN THE DESK
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
18/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
19/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
20/28
INITIALLY BASED ON AUTHORIZED API COVERED
ALL PHYSICAL & NAVIGATION BUTTONS
TYPING THE TEXTUAL DATA
AFFECT ALL NATIVE & THIRD PARTY APPs
SECONDARY BASED ON ADDING THE MENU ITEMS
INTO THE GLOBAL MENU INTO THE SEND VIA MENU
AFFECT ALL NATIVE APPLICATIONS
NATIVE APPLICATIONS ARE DEVELOPED BY RIM
BLACKBERRY WALLETS, MESSAGES,
SETTINGS, FACEBOOK, TWITTER,
BBM/GTALK/YAHOO/WINDOWS IMs,
GUI EXPLOITATION HANDLES WI
REDRAWING THE SCREEN
ADDING NEW GUI OBJEC
CHANGING THEIR PROPE
GRABBING THE TEXT FRO
ANY FIELDs (INCL.
UNLOCK THE DEVI
SETTING UP THE P
ADDING, REMOVING THE
ORIGINAL DATA IS INACCESSIBL
AFFECTED
GUI OBJECTS SHUFFLING IS NOT
THE GUI EXPLOITATION
CONSEQUENCE OF WIDE INTERGRATION FEATURES OFFERED FOR DEVELOPERS (BLACKBE
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
21/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
22/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
23/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
24/28
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
25/28
KASPERSKY MOBILE SECURITY PROVIDES
FIREWALL, WIPE, BLOCK, INFO FEATURES
NO PROTECTION FROM REMOVING.CODs
NO PROTECTION UNDER SIMULATOR
EXAMING THE TRAFFIC, BEHAVIOUR
SHOULD CHECK API IS SIMULATOR SMS MANAGEMENT (QUITE SECRET SMS)
PASSWORD IS FOUR SIXTEEN DIGITS SET
AND CAN BE MODIFIED IN REAL-TIME
SMS IS A HALF A HASH VALUE OF GOST R
34.11-94
IMPLEMENTATION USES TEST CRYPTO
VALUES AND NO SALT
TABLES (VALUEHASH
OUTCOMING SMS CAN B
WITHOUT ANY NOTIFICA
OUTCOMING SMS CAN B
THE SAME DEVICE OR AN
McAfee MOBILE SECURITY PROV
FIREWALL, WIPE, BLOCK NO PROTECTION FROM R
NO PROTECTION UNDER
EXAMING THE TRA
SHOULD CHECK AP
WEB MANAGEMENT CO
DIFFICULT TO BREAK SM
THE THIRD PARTY EXPLOITATIO
THERE ARE A FEW OF THEM THEY MIGHT HAVE AN EXPLOIT BUT RUIN NA
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
26/28
DENIAL OF SERVICE
REPLACING/REMOVING EXEC FILES
DOSing EVENTs, NOISING FIELDS
GUI INTERCEPT
INFORMATION DISCLOSURE
CLIPBOARD, SCREEN CAPTURE
GUI INTERCEPT
DUMPING .COD FILES, SHARED FILES
MITM (INTERCEPTION / SPOOFING)
MESSAGES
GUI INTERCEPT, THIRD PARTY APPs
FAKE WINDOW/CLICKJACKING
GENERAL PERMISSIONS
INSTEAD OF SPECIFIC SUB-PE
A FEW NOTIFICATION/EVENT
BUILT PER APPLICATION INST
CONCRETE PERMISSIONS
BUT COMBINED INTO GENER
A SCREENSHOT PERMISSIONCAMERA
GENERAL PERMISSIONS
INSTEAD OF SPECIFIC SUB-P
A FEW NOTIFICATION/EVENT
BUILT PER APPLICATION INST
THE PERMISSIONS
PRIVILEGED GENERAL PERMISSIONS OWN APPs, NATIVE 3RD PARTY APP
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
27/28
SIMPLIFICATION AND REDUCING SECURITY CONTROLS
MANY GENERAL PERMISSIONS AND COMBINED INTO EACH OTHER
NO LOGs ACTIVITY FOR SUB-PERMISSIONS TO PROVE THE TRANSPARENCY
ANY SECURITY VULNERABILITY ARE ONLY FIXED BY ENTIRELY NEW AND DIFFERENT OS / KER
A FEW PERMISSIONs ARE CLOSED TO THE USER ACTIONS
THE SANDBOX PROTECT ONLY APPLICATION DATA
USERS HAVE TO STORE THEIR DATA INTO SHARED FOLDERS OR EXTERNAL STORAGE APPLICATIONS CONTINUE STORE DATA IN PUBLIC FOLDERs BECAUSE GOVERNED BY CHANC
MITM / INTERCEPTION ACTIONS ARE OFTEN SILENTLY
THE NATIVE SPOOFING AND INTERCEPTION FEATURES
BLACKBERRY ENTERPRISE SOLUTION / BLACKBERRY MOBILE FUSION IS NOT EFFECTIVE MUC
THE BEST SECURITY (PERMISSIONS) RULED BY AMAZON WEB SERVICES
PERMISSIONS SHOULD RELY ON THE DIFFERENT USEFUL CASES SET INSTEAD OF SPECIFIC PE
CONCLUSION
THE VENDOR SECURITY VISION HAS NOTHING WITH REALITY AGGRAVATED BY
-
8/13/2019 (PDF) Yury Chemerkin Icitst 2012
28/28
THAN
YU