[xkarel]

Hi, my Classic running 10.3.2.2886 is listening on port 443 TCP and accepts incoming SSL connections. There is a weird self-signed certificate with following subject matching wireless MAC address in XX :

Research In Motion Limited, CN = PlayBook: XX:XX:XX:XX:XX:XX

Web server accepts just incoming TLS 1.0 connections.

What's that and how to get rid of it? Phone is not attached to any Enterprise service and nor debug/devel mode is enabled.

Thanks!

Karel

P.S. I've posted this on official BB forums with no response

[Morten]

I nelieve that is the port Blackberry use for their blackberry services/UDS etc - to keep the device connected with blackberry

Dont think you can block the port on the device itself - doit on your router if yo have concerns

[Richard Buckley]

I haven't looked at this myself, but most SoHo or consumer routers would block incoming connections to port 443, unless UPnP has turned it on. I disable UPnP on all my routers and haven't noticed any lack of functionality. No, I would suspect it is for Blend. If I have time I will look into it tonight.

LeapSTR100-2/10.3.2.2876

[rockitnyc]

I believe that is the certificate created by BlackBerry Bridge for authentication when connectting to a PlayBook tablet which shares services and media between the two devices.

Posted via CB10

[xkarel]

Hi, thanks for responses. I never installed anything like BlackBerry Bridge or PlayBook related things.

nmap scanner tool is identifying that as:
443/tcp open ssl/http Blackberry Universal Device Service

Also it was never attached to any BlackBerry enterprise server software.

Any hints how to get rid of that? Wondering why should my device run HTTPS server, especially with some insecure crypto settings ...

How can I start investigation on QNX shell? I've been using BGShellPlus tool for SSH - that one has QNX shell however netstat version in use doesn't reveal PID and also shell session is not privileged enough.

Thanks!

[yessuz]

U do not need BlackBerry enterprise services in order to utilise this service.

See the nice 4 dot BlackBerry logo near the network connection indicator on the screen?
There u have it

Posted via CB10

[xkarel]

OK. However why would there need to be any service accepting inbound connections to handset? There is usually NAT between the handset and Internet services. Everything works without technologies allowing connections from outside to device subjected to NAT.

Remember qconnDoor remote root vulnerability - that's btw. another concern of mine as that service is accepting connections to port 4455 TCP without enabled debug mode.

Does anyone care about serious lock-down of the device from networking perspective?

Thanks!

[rthonpm]

It's a necessary connection for the handset. It's no different than an Android handset needing a connection back to Google, or an iOS device needing to poll Apple servers. Why make a mountain out of a molehill, or overthink the situation?

Posted via CB10

[gariac]

Hi, my Classic running 10.3.2.2886 is listening on port 443 TCP and accepts incoming SSL connections. There is a weird self-signed certificate with following subject matching wireless MAC address in XX :

Research In Motion Limited, CN = PlayBook: XX:XX:XX:XX:XX:XX

Web server accepts just incoming TLS 1.0 connections.

What's that and how to get rid of it? Phone is not attached to any Enterprise service and nor debug/devel mode is enabled.

Thanks!

Karel

P.S. I've posted this on official BB forums with no response

Is this on the USB port?

Posted via CB10

[Farzeen25]

It's a necessary connection for the handset. It's no different than an Android handset needing a connection back to Google, or an iOS device needing to poll Apple servers. Why make a mountain out of a molehill, or overthink the situation?

Posted via CB10

So true, I think the OP is over reacting to this situation! Stay calm brotha. You have a secure device at your disposal.

Posted via CB10

[tipplex]

Create a ticket @ BlackBerry

Posted via CB10

[xkarel]

Ok, will take this path. There are some people here who don't understand the difference between outbound connecting to BB services and listening sockets on their handsets.

Btw. with a little effort the 443 TLS 1.0 service presenting Playbook certificate can be shot down. There is some apparent bug. TCP 4455 doesn't seem to have any limits and when you flood it a little it's ACKing nicely. Resulting in CPU load and battery drain at minimum. What a mess....

[Superdupont 2_0]

Ok, will take this path. There are some people here who don't understand the difference between outbound connecting to BB services and listening sockets on their handsets.

Btw. with a little effort the 443 TLS 1.0 service presenting Playbook certificate can be shot down. There is some apparent bug. TCP 4455 doesn't seem to have any limits and when you flood it a little it's ACKing nicely. Resulting in CPU load and battery drain at minimum. What a mess....

Could it have something to do with video call?

The PlayBook has an app for video calls.

I can make video calls from the PlayBook to
a) other PlayBooks and to
b) BBM on BB10 devices

and normally it worked also for video calls from BBM (on BB10) to the PlayBook.

It is actually a very nice feature.

However, I speculate this feature only works if the device is listening for any incoming calls from PlayBooks.