Blackjacking: Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise [Paperback]

Daniel V. Hoffman (Author)

Book Description

ISBN-10: 0470127546 | ISBN-13: 978-0470127544 | Publication Date: April 30, 2007 | Edition: 1

Today, it is almost impossible to do business without a cell phone and a BlackBerry or PDA. These devices are the lifeline for companies large and small—and nobody knows this better than a hacker. Traditionally, security for mobile devices has held a low priority. Now, a certified ethical hacker explains in this book why this must change and how to change it. Packed with sobering examples of actual attacks, this unique resource shows you how to mount your counterattack.

Editorial Reviews

From the Back Cover

Is someone waiting to pick off your BlackBerry?

Today, it is almost impossible to do business without a cell phone and a BlackBerry or PDA. These devices are a lifeline for companies large and small. And nobody knows this better than a hacker.

Traditionally, security for mobile devices—which are essentially portable computers loaded with sensitive corporate and client information—has had low priority. Now, a certified ethical hacker explains why this must change and how to change it. Packed with sobering examples of actual attacks, this book shows you how to mount your counterattack.

• Understand each type of mobile device and the nature of the threat to each

• Recognize and implement a strong security strategy

• Identify specific threats to BlackBerry devices

• Learn from analysis of actual exploits

• Be able to anticipate future forms of attack

• See how hackers create and modify their assaults

• Defend against physical compromise and contamination from PC or LAN connectivity

About the Author

Daniel V. Hoffman, CISSP, CEH, CWNA has more than a decade of experience in remote-access security. He has built his expertise as an IT Director and U.S. Coast Guard Telecommunications Specialist, and is currently a Senior Engineer architecting security solutions for the largest companies in the world. He is known for his live hacking demonstrations, and his hacking videos have been featured in the Department of Homeland Security's open source infrastructure report.

Product Details

• Paperback: 312 pages
• Publisher: Wiley; 1 edition (April 30, 2007)
• Language: English
• ISBN-10: 0470127546
• ISBN-13: 978-0470127544
• Product Dimensions: 9.2 x 7.4 x 0.7 inches
• Shipping Weight: 1 pounds (View shipping rates and policies)
• Average Customer Review: 4.3 out of 5 stars  See all reviews (3 customer reviews)
• Amazon Best Sellers Rank: #1,206,841 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

4 of 4 people found the following review helpful:

4.0 out of 5 stars Great book on BlackBerry and Mobile Device Security, July 17, 2007

By 

Chris Gates (NoVA, USA) - See all my reviews

This review is from: Blackjacking: Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise (Paperback)

Blackjacking takes on the task of educating both administrators and management about the threats of mobile devices to their enterprise. I believe this book succeeds in its task and serves as a great reference not only for the blackberry enterprise server (BES) administrators out there but also for the network administrators, help desk personnel, security personnel as well as a book that can aid in the education of the end users. It is written in a tone and dialog that can be useful to the technical reader and non-technical reader and does well digging into the relatively new field of mobile device (especially BlackBerry) security.

The book starts out with a very good overview of the threats to mobile devices (Malware, Direct Attack, Data Communication Interception, Spoofing and Sniffing, and Physical Compromise). It then moves into an excellent overview of the devices that will be covered in the book (BlackBerrys, Pocket PCs, Palm Handhelds, and Cell Phones).
From there each device is covered in depth with "Exploiting the Device", "Hacking the Supporting Device Infrastructure", and "Protecting your PC and LAN from the Device."

The BlackBerry section (which is probably why you are thinking about purchasing the book) does a great job covering the current and future attacks given the fairly limited publicly available research, tools, and code and gives solid advice on setting up your network infrastructure to deal with the growing threat with mobile devices. The vignettes discussing plausible attacks for each attack scenario serve as good feasible examples to think about for your enterprise and users and how to protect your network.

Likes: Discussion of how BlackBerry communications work with your cell phone provider and within a BlackBerry Enterprise Server environment, all the background material on the BlackBerry device, multiple examples (for further research on what is best for your environment) for AV and firewall solutions for each type of device, and seeing attacks on most of the threats in the lab using available tools.

Dislikes: while not in the scope of the book more code examples would be nice (of course it would take away from the usability of the book to "non-technical" people) and the book didn't list links for the tools and malware discussed (yes I know Google exists).

Overall an excellent book. I purchased the book for my BlackBerry admin (but I read it first) and I think he will find it useful since he is not a "security" guy. It really ties together networking best practices and technologies and while not a "BlackBerry (or mobile device) or network lockdown guide" blackjacking serves as a good reference for further research into AV, firewalls, and VPNs for mobile devices as well as safe methods for allowing those devices entry and access into your network.

2 of 2 people found the following review helpful:

4.0 out of 5 stars Really Good Book, January 24, 2008

By 

Chris Kuhl (USA) - See all my reviews
(REAL NAME)   

This review is from: Blackjacking: Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise (Paperback)

This book is a very interesting, quick and easy read. It not only talks about the issues of deploying a blackberry environment inside your organization, but also addresses smartphones, and other pda's.
The only issue I really have with this book, is the author presents ideas on how to "more" securly deploy a BES server in ways that either aren't supported by Blackberry (place your entire BES server in the DMZ) or "according to Blackberry" don't by you any type of security "Deploy the BES router function only in the DMZ).
I would use this book as a great starting point, but also do your research before you start declaring the sky is falling for your organization.

1 of 1 people found the following review helpful:

5.0 out of 5 stars It's not just for BlackBerry's anymore! :), June 4, 2008

By 

T. Stirman (Austin, TX USA) - See all my reviews
(REAL NAME)   

This review is from: Blackjacking: Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise (Paperback)

Personally, I skipped over the entire BlackBerry section (I'll read it later) and went straight to the the PDA section. My reasoning for this is that I do not, currently, support any BlackBerry users. I do support a lot of Palm users and have a Windows Mobile PDA, myself. There is a surprising amount of detail to be had on a subject that is not getting the light it needs, but I feel there could be a little more. Perhaps I am greedy in that respect, though. Excellent book. I hope to see more like it.