1. daviolinist12's Avatar
    Well I was just thinking about this today..

    Is it possible for a blackberry to get a virus or spyware/malware?

    As to my knowledge, I thought it was impossible...
    Then again.. The word impossible says "I Am Possible" haha

    Posted from my CrackBerry at wapforums.crackberry.com
    04-17-10 08:03 AM
  2. mjbesen310's Avatar
    not on a blackberry.. no
    04-17-10 08:58 AM
  3. Branta's Avatar
    not on a blackberry.. no
    Not strictly true. There are programs available for remote monitoring (not including BES), and in at least one case spyware was pushed to all customers by an egyptian telecom service provider, in the guise of "software upgrade".

    However it is true to say there are no known cases of successful exploit without the help of human fingers to install the software on the device.

    UPDATE: It appears Vodafone Egypt and Etisalat (UAE) have both been guilty of sending spyware to customers.
    BlackBerry Spyware Dissected
    04-17-10 09:33 AM
  4. hondateg91's Avatar
    I would say its possible if you download apps or something from an unknown source. Anything from app world or similar then I would say its unlikely.
    04-17-10 09:36 AM
  5. Branta's Avatar
    I would say its possible if you download apps or something from an unknown source. Anything from app world or similar then I would say its unlikely.
    App World doesn't actually test or prove the products. It would be easy enough to embed something evil in a "must have" application.

    It really comes down to trusted sources - but the majority of users would trust their service provider. As the experience of Egyptian and UAE users shows, that could be a mistake.
    04-17-10 11:16 AM
  6. MrObvious's Avatar
    App World doesn't actually test or prove the products. It would be easy enough to embed something evil in a "must have" application.

    It really comes down to trusted sources - but the majority of users would trust their service provider. As the experience of Egyptian and UAE users shows, that could be a mistake.
    Those are some wise words good sir. I feel like you can never take security too carefully. For example, the government can hijack SSL connections simply by going to certificate providers like Verisign and just forcing them to give a certificate that works. It's creepy really.

    Security on the BB is one of the platform's strengths.
    04-17-10 12:08 PM
  7. Ibn la Ahad's Avatar
    Stupid Arabs (even though I myself am an Arab:P).
    04-17-10 02:55 PM
  8. Branta's Avatar
    I think that's a slightly unfair comment. Maybe they were stupid to think they could get away with it, certainly stupid in the implementation which caused rapid detection. But "Arab" doesn't really come into the consideration except that it happened in and was reported from an arabic area.

    The users were far from stupid - they detected the problem fast enough, although it was only after investigation that they found spyware rather than the much more likely program bug. They believed their commercial supplier was providing part of the service for which they had paid, it could have happened to any group of users, anywhere in the world.
    04-17-10 03:13 PM
  9. Ibn la Ahad's Avatar
    I think that's a slightly unfair comment. Maybe they were stupid to think they could get away with it, certainly stupid in the implementation which caused rapid detection. But "Arab" doesn't really come into the consideration except that it happened in and was reported from an arabic area.

    The users were far from stupid - they detected the problem fast enough, although it was only after investigation that they found spyware rather than the much more likely program bug. They believed their commercial supplier was providing part of the service for which they had paid, it could have happened to any group of users, anywhere in the world.
    I think you misunderstood me. I meant the carrier was stupid to make these kind of actions. I wasn't talking about the customers at all, but you're right. I wasn't clear enough in my previous post.
    04-17-10 03:47 PM
LINK TO POST COPIED TO CLIPBOARD