BlackBerry 10 OS must prohibit wireless remote access connections for media sharing

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-38322	BB10-00-000420	SV-50122r2_rule		Medium

Description
The device acts as a personal hotspot when it accepts remote connections on a local area network interface for the purposes of routing traffic to a wide area network interface. The most common implementation is to accept local area Wi-Fi connections to reach ISP service provided by a cellular data carrier. The objective is to ensure the remote devices are not able to access any applications, data, or other operating system functionality on the device. A core assumption of the MOS SRG is that mobile devices do not serve applications to remote devices. If remote access to applications and data were feasible, this would open up a wide variety of vulnerabilities in which an adversary with a remote wireless capability could breach system security. Precluding this possibility greatly mitigates the risk of such an attack.

Description

The device acts as a personal hotspot when it accepts remote connections on a local area network interface for the purposes of routing traffic to a wide area network interface. The most common implementation is to accept local area Wi-Fi connections to reach ISP service provided by a cellular data carrier. The objective is to ensure the remote devices are not able to access any applications, data, or other operating system functionality on the device. A core assumption of the MOS SRG is that mobile devices do not serve applications to remote devices. If remote access to applications and data were feasible, this would open up a wide variety of vulnerabilities in which an adversary with a remote wireless capability could breach system security. Precluding this possibility greatly mitigates the risk of such an attack.

STIG	Date
BlackBerry 10 OS Security Technical Implementation Guide	2014-08-27

Details

Check Text ( C-45869r3_chk )
From either the Work Space or Personal Space, navigate to "Settings -> Media Sharing" and ensure all of "Share Music", "Share Pictures", and "Share Videos" are set to "Off". Otherwise, this is a finding.

Fix Text (F-43260r3_fix)
From the Work Space, navigate to "Settings -> Media Sharing" and set all of "Share Music", "Share Pictures" and "Share Videos" to "Off". NOTE: This fix procedure affects the Personal Space.