05-28-2012 11:29 PM
I'm having trouble finding a secure coding guide for Blackberry.
I did not find anything on Amazon. My Google-fu is also failing me, with lots of irrelevant hits for "secure coding guide site:blackberry.com" and "blackberry secure coding guide".
Would anyone be able to point me to a document for recommendations? I'm especially interested in application and platform specific information.
05-29-2012 01:15 AM
Welcome to forums,
I think this link will helps you,
05-29-2012 04:04 AM
I am not aware of a Guide specifically relating to security, as the BlackBerry Java platform is secure by design. What sort of information would you expect to find in this Guide?
05-29-2012 02:26 PM - edited 05-29-2012 03:28 PM
I am not aware of a Guide specifically relating to security, as the BlackBerry Java platform is secure by design.
I've read that in the literature, too. Often times, its easy to piece together secure components so the resulting system is insecure. Poorly implemented authenticated encryption comes to mind, as does negative interactions with file systems due to caching/journaling and SSD/NAND Flash behavior.
What sort of information would you expect to find in this Guide?
I would expect to find information similar to other guides for using platforms, including Microsoft's Writing Secure Code, Apple's Secure Coding Guide, David Wheeler's Secure Programming HOWTO for Unix and Linux, Jeff Six's Application Security for the Android Platform, or Graham Lee's Cocoa Application Security.
As a concrete example, suppose I have a web based application. I'm concerned about CA failures (Diginotar, Trustwave, et al) and governmental strong-arming of RIM (United Arab Emirates, et al), so I want to pin my certificates. How does one do so under Blackberry's platform?
As another example, suppose I hand craft my byte codes so I gain access to otherwise private inner classes. What measures does Blackberry have in place to keep me from violating the platform? Perhaps they have none, so what tricks can I perform?
As another example, Siri is dangerous on iPhones because it sends data to Apple, which has obscene Terms of Service and can do anything with your data it would like. Additionally, if Apple looses your data or provides it to law enforcement under a request, Apple does not have to make you whole. This begs the question, what does RIM do with Vingo data?
As yet another example, what is the application life cycle of a Blackberry process, and how is one supposed to securely handle state changes such as losing the foreground? It was not readily apparent to me from http://www.blackberry.com/developers/docs/5.0.0api
I see there is a native NDK available for Blackberry 10 (in beta at the moment). I'm also interested in seeing what measures should be taken to harden an application from adverse interactions between managed and un-managed code. Immediately, Matt Bishop and TOCTOUs come to mind down at the native level.
For what its worth, I don't care about Infrastructure since its totally insecure and controlled by my adversaries - for example, CALEA and https://www.eff.org/issues/nsa-spying. I always take proactive measures assuming infrastructure is compromised.
As you can see, there's a lot to this stuff, and its easy to do things insecurely
05-29-2012 04:23 PM
Not an area of expertise, and I can only talk about the Java environment, but my initial reaction is that you can actually design your application and then secure the individual pats and be confident that the BlackBerry is taking case of the rest.
Remember that the only APIs available to developers are Java, and each Java application runs sand-boxed, so unless you are on friendly terms with another application, the running portions of that application are untouchable.
Working through your other concerns, of course the Blackberry offers HTTPS communication with protected keyStores, and of course if you want to encrypt the data yourself as well, the encryption algorithms are baked in. Strong arming and CA failures are not RIM specific, so if you are concerned about these, I guess you code as you would on any other platform, or in your Browser Application.
And significantly for the corporate users, if you are writing applications for a corporate BlackBerry, communication between the corporate BlackBerry and the associated corporate Server is AES 256 bit encrypted.
As noted, even if you could hand craft byte codes, you are not going to get access to executing Objects in RAM. You might want to have a go at the persisted Objects in Flash, but if the developer is worried about these, then they can use the Controlled Access approach so that the BlackBerry will automatically encrypt these. So I can't see anyone going to the trouble to do this.
There is similar mechanism available for files on the SD card, to the extent that the files are only actually readable in the original BlackBerry device.
I don't understand your concern about the state changes. How does a state change make the application less secure?
Anyway, in summary, from what I know, if you pay attention to the parts of your application that are potentially exposed to the outside world, you can be confident that the infrastructure will take care of the rest.
Regarding things like Viigo, email or BlackBerry Messenger, these are beyond our control as application developers aren't they? Why would the implementation of an external program, which our application does not interact with, effect how we write our applications? I'm not sure why we need to discuss these in the context of a secure coding guide.
Anyway, I am aware that this will not satisfy you, but honestly, I recommend that you give coding a go and then figure out how to break into your own program. I think you will be surprised how hard it is.
BlackBerry 10 is a different world with completely different implications, I suggest you ask the question on the forum specific to that: