The University of Santa Barbara's software group released the source code for their proof of concept 'Feakk' worm that was developed by Paul Haas in March 2005. The worm uses SMS to send a hyperlink to its target. The targeted user then has to visit the hyperlink and download and acknowledge three sets of prompts in order for the worm to install, at which point it will immediately start to run in the background. It will scan the user's contact list and send a message to each contact (including the recipients' names) and will also scan for new contacts at certain intervals.
Upon installation, the worm checks for a contact with the first name "HACKME." If this isn't found the worm will exit. If it is found, then the worm sends itself to every mobile number it finds in the user's contact list. The author did not write a payload because this was for demonstration purposes only and it should be noted that it can be removed via...
A few months ago, my boss plonked a box on my desk and said "see what you can do with that." That's how I was introduced to the Blackberry. I've been interested in all kinds of PDAs and mobile phones for years now, but I'd never come across a Blackberry. I suppose that up until recently, it has been the preserve of key government and corporate employees, not average-Joe software engineers like me. However, the Blackberry is emerging as an ever more popular platform for the general public. In the next few weeks that followed, I noticed a common thread in the architecture and features of the device: security first and functionality second.
What do I mean? Well, take Bluetooth for example. When you're looking at the box of your shiny new Blackberry and you see that it has Bluetooth support, you might think "great, I can use it with my laptop to go online while on the move." Bzzzt—wrong. Although the Blackberry does...
