The voice of the BlackBerry community.
During the Etisalat controversy, one company that has been really helpful in determining exactly what is going on is SMobile Systems. They have sent me a technical analysis of the “upgrade” which I think the BlackBerry community would be interested in reading.
Click through for a technical analysis of the Etisalat software update
RIM has put out an official document entitled “RIM Customer Statement Regarding Etisalat / SS8 Software”. The document confirms that Etisalat did not release what they called a “upgrade” and that the software was in fact harmful to your device. According to the document:
RIM confirms that this software is not a patch and it is not a RIM authorized upgrade. RIM did not
develop this software application and RIM was not involved in any way in the testing, promotion
or distribution of this software application.RIM further confirms, in general terms, that a third party patch cannot provide any enhancements
to network services as there is no capability for third parties to develop or modify the low level
radio communications protocols that would be involved in making such improvements to the
communications between a BlackBerry smartphone and a carrier’s network.
The above statement is very reminiscent of the article we posted on BlackBerry Cool, regarding what applications can and cannot do on a BlackBerry. The article was written after a company claimed they developed an application that makes the network faster, but it was clearly snake oil.
In the document, RIM also warns about updates that are pushed via SMS or WAP. According to RIM, if there is ever a need to update software, RIM distributes using standard channels, such as OTA and direct downloads. ” RIM does not use SMS or WAP push as an official distribution channel for these types of official BlackBerry software updates.”
It’s too bad we can’t trust our carriers. You would think that they would be content with the hundreds of dollars we give them each year.
Download the official document released by RIM.
Consider reading RIM’s document on Protecting the BlackBerry device platform against malware (PDF).
[Via]
I was recently contacted by the good people at SMobile Systems, the providers of the only Antivirus/AntiSpyware solution for BlackBerry, about my article regarding malicious code found in a recent Etisalat update.
SMobile Systems have released a solution for the recent spyware-laden update sent to BlackBerry users on the Etisalat network in the United Arab Emirates.
The spyware intercepts emails and drains battery life remarkably fast. According to Chris Eng at Veracode, “the server receiving the initial registration packets (i.e. “Here I am, software is installed!”) got overloaded. Devices kept trying to connect every five seconds to empty the outbound message queue, thereby causing a battery drain. Some people were reporting on official BlackBerry forums that their batteries were being depleted from full charge in as little as half an hour.”
If you are in the UAE and on the Etisalat network, I recommend going to the SMobile Systems site and purchasing their SMobile Security Shield or Anti-Theft and Identity Protection software, which will remove the spyware, as well as any other malicious code on your device. If you have already purchased the product, all you need to do is update your software to be protected.
We are living in an age where our smartphones are becoming our personal computers, and therefore the focus of those who want to exploit our personal data in any way they can. Dan Hoffman, CTO of SMobile Systems said it best, “The truth about smartphones is that they are used in the same manner as personal computers and are susceptible to the same threats. It has become clear that smartphone users need to proactively ensure their devices contain the necessary security software to protect not only their e-mail and messaging data, but also to protect their identity and the integrity of their mobile financial transactions.”
Security Shield for BlackBerry is available for $35.41 CAD.
Anti-Theft and Identity Protection is available for $29.99 per year.
Etisalat, the carrier responsible for bringing the BlackBerry solution to the United Arab Emirates, released a very suspect official update. A member on the official support forums did some detective work, and found some suspicious code in the update. According to the user:
“Blackberry subscribers for Etisalat (one of the official service providers in the UAE) received a WAP Push to download a JAR named “registration”
The description of the “update” was as follows:
“Etisalat network upgrade for Blackberry service. Please download to ensure continuous service quality.”
I called the operator’s hotline inquiring about the update, and they confirmed it’s an “official” update that’s meant to enhance network stability which users experienced last few weeks, causing email and BBM delays. But anyone with two functional braincells would imagine such an update/fix would be done at the network side, rather than with an obscure piece of code pushed to client handsets as a WAP Push, rather than a service book.
Out of curiosity, I downloaded, unpacked and decoded the file, and can’t help but feel something is fishy here.
Following is a list of the class files within registration.jar:
/Interceptor.class
/Registration.cod
/Registration.csl
/Registration.cso
/META-INF/MANIFEST.MF
/com/ss8/interceptor/app/Commands.class
/com/ss8/interceptor/app/Transmit.class
/com/ss8/interceptor/app/MsgOut.class
/com/ss8/interceptor/app/Log.class
/com/ss8/interceptor/app/Main$1.class
/com/ss8/interceptor/app/StatusChange.class
/com/ss8/interceptor/app/Send.class
/com/ss8/interceptor/app/Main.class
/com/ss8/interceptor/app/Recv.class
/com/ss8/interceptor/app/Constants.class
/com/ss8/interceptor/tcp/smtp/SMTPHeader.class
/com/ss8/interceptor/tcp/smtp/SMTP.class
com/ss8/interceptor/tcp/HTTPDeliver.class
com/ss8/interceptor/tcp/SocketBase.class
I put up the original JAD/JAR/COD File along with the unpacked classes and decoded ones in one zip file at http://iihs.net/registration.zip and attached it here for those interested in having a look.
There are interesting references in the software to alternate APN, as well as some BB PINs to relay certain messages through. The whole thing seems VERY fishy.
Any JAVA Developers out there willing to take a look as well and help me make sense out of this?”
The BlackBerry Onyx has been spotted with a trackpad. Although the Tour 9630 does not have a trackpad, the BlackBerry Gemini 8520 does. This could mean that RIM is thinking of making all devices post 9630 come with a trackpad.
Is this the death of the trackball? I hope so. BlackBerry users have had to replace a ton of trackballs because they get dust/sand in them or they just simply wear out. This new strategy could mean longer lasting devices.
[Via]
LTE is going to be an incredible evolutionary step for BlackBerry and smartphones. The technology will change the way we use data on our phone as well as aid carriers in coping with an increased network load.
According to research from ABI, wireless operators will spend about $3.3 billion building LTE base stations in 2011. That expenditure will have purchased some 142,000 base stations worldwide. LTE base station equipment spending is expected to rise sharply between 2011 and the end of 2012.
“Vendors will be shipping base station equipment in significant quantities in 2010 ahead of limited trials that typically last about a year, followed by full commercial launches,” says senior analyst Nadine Manjaro. “Many operators have been talking about re-use of existing equipment, but ABI Research understands that while there may be sharing of masts and cabinets most of those 142,000 base stations will have completely new baseband and RF components, because operators will generally try to keep the new LTE networks separate from their legacy networks.”
Continue reading the ABI Research data regarding LTE
Bad Behavior has blocked 26204 access attempts in the last 7 days.