Researcher cures poisoned BlackBerry with Kisses

Software tool can detect and remove spyware installed on BlackBerry handsets

A security researcher in Asia has braved Internet worms and poisoned applets to rid BlackBerry smartphones of spyware with Kisses, a free software application.

Kisses detects spyware and hidden programs on BlackBerry devices to show users exactly what's going on inside their mobile phone. Why use it? Because spyware can be purchased by anyone from vendors such as FlexiSPY and Retina-X Studios.

For US$50, just about anyone can travel with you and your mobile phone and listen to your conversations, read your texts and even track your location via GPS (global positioning system). The tricky part is installation. Someone, your boss, spouse, business rival or thief, needs physical contact with your handset to plant spyware from these vendors, one reason password protection is so important. It hurts that spyware vendors offer tricks-of-the-trade advice, including the simple act of giving you a new smartphone, with their spyware inside, as a gift. Makes you wonder if Santa was generous with the new iPhone this year or just really wants to know if you've been naughty or nice.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

A security researcher in Asia has braved Internet worms and poisoned applets to rid BlackBerry smartphones of spyware with Kisses, a free software application.

Kisses detects spyware and hidden programs on BlackBerry devices to show users exactly what's going on inside their mobile phone. Why use it? Because spyware can be purchased by anyone from vendors such as FlexiSPY and Retina-X Studios.

For US$50, just about anyone can travel with you and your mobile phone and listen to your conversations, read your texts and even track your location via GPS (global positioning system). The tricky part is installation. Someone, your boss, spouse, business rival or thief, needs physical contact with your handset to plant spyware from these vendors, one reason password protection is so important. It hurts that spyware vendors offer tricks-of-the-trade advice, including the simple act of giving you a new smartphone, with their spyware inside, as a gift. Makes you wonder if Santa was generous with the new iPhone this year or just really wants to know if you've been naughty or nice.

This is where Sheran Gunasekera comes to the rescue with Kisses. The software detects and removes FlexiSPY and Mobile Spy software on BlackBerry devices. It may not necessarily be able to remove all available spyware (there's a lot) but it will at least show you any hidden applications so you can seek help.

Since the release a month ago, Kisses has been downloaded over 5,000 times, said Gunasekera, director of security at Hermis Consultancy in Jakarta, Indonesia. He currently makes software only for the BlackBerry, but is starting to dabble with the iPhone. He couldn't say when Kisses might be ready for Apple users.

It's a wonder Gunasekera is working on an iPhone version of Kisses because the BlackBerry one has already embroiled him in controversy.

Prior to releasing Kisses, he released a piece of spyware called PhoneSnoop, software he'd developed as a proof-of-concept to show people how easily smartphones could be used for spying. The pair of apps caused an uproar among users and at least one U.S. government office, apparently with fears of a Mission Impossible II-style plot.

"On a fundamental level, I am not sure I would trust a spyware detector created and distributed by the same guy that created spyware, even if that spyware was a 'proof of concept.' It's like Lilly's or Pfizer creating nasty bugs in the lab as 'proof of concept' to sell more nasty bug fighting drugs," said one user on BlackBerryForums.com.

The U.S. Computer Emergency Readiness Team (US-CERT), under the Department of Homeland Security, also weighed in, warning users "to only download BlackBerry applications from trusted sources and to password protect and lock BlackBerry devices."

It's a fair warning for security purposes. The BlackBerry is the favorite of President Barack Obama, and is widely used in business. Considering that Iraqi insurgents were savvy enough to hack into U.S. spy drones to see what they see using $26 off-the-shelf software, according to The Wall Street Journal, there's reason to be wary since BlackBerry spyware is so easy to buy, too.

The IDG News Service is a Network World affiliate.