Tyler Shields, senior member of the Veracode Research Lab, spends a lot of time picking apart those BlackBerry devices that are ubiquitous across the enterprise. What he's found may disappoint those who thought they were secure.
At this week's SOURCE Boston conference, Shields will present his findings in a talk called "BlackBerry Mobile Spyware -- The Monkey Steals the Berries."
He'll explain how the bad guys can plant spyware on the device and make off with your sensitive data, and offer some advice on how users can defend themselves.
Access InfoWorld from your iPhone or other mobile device at infoworldmobile.com.
Get the latest tech news on your iPhone with IDG's ITnews iPhone app.
He'll talk about an application called FlexiSpy, which allows users to get copies of SMS, call logs, emails, and locations and listen to conversations within minutes of purchase. He quotes the FlexiSpy Website as saying, "Catch cheating wives or cheating husbands, stop employee espionage, protect children, make automatic backups, bug meetings rooms, etc."
Then there's Mobile Spy, which will "allow you to see exactly what they do while you are away," according to the Website. "Are your kids texting while driving or using the phone in all hours of the night? Are your employees sending company secrets? Do they erase their phone logs?"
To be fair, some could view these as security-enhancing programs, particularly the part about catching employees sending out data that's restricted. But spyware has always been a double-edged sword. IT administrators have long used variations of it to access remote company machines that need repair, for instance.
But Shields will focus on the dark side of smartphone spyware.
"Mobile spyware is trivial to write and the security model of mobile platforms is too loose," Shields said. "There's no easy or automated way to confirm for ourselves what the applications are actually doing and we're trusting the vendor application store provider for the majority of our mobile device security."