PhoneSnoop Turns BlackBerries into Bugs

A simple BlackBerry program called PhoneSnoop will turn your BlackBerry into a bug. The attacker will install it on a BlackBerry he found lying around. Then calling the BlackBerry from a preconfigured telephone number will put the Balckberry into SpeakerPhone mode and all conversations near the affected BlackBerry can be overheard at the remote end of the call.

This is not a security issue of the BlackBerry operating system, because the root cause here is that the attacker had full control over the phone when he installed the software. For a minimum level of security, the BlackBerry should be configured to require a password ofter a short period of inactivity.

However, the morale here is that you shouldn't think "I don't have sensitive information on my telephone, so I don't need to secure it".