I've just received my monthly copy of BlackBerry Connection.

This issue's lead article is about Smart Card security, as practiced by the U.S. Department of Defense.

Inside, there are pieces about ensuring your BlackBerry changes its time settings to Daylight Savings Time, BlackBerry solutions for various industries, and even how to play Tetris on your BlackBerry.

Well, it should come as no surprise that we are starting to see anti-spam filters for BlackBerry.

I mean, only a matter of time before the spam mills discovered mobile devices, right?

Antair Spam Filter 1.3 lets you adjust filters for the strength of anti-spam protection you want on your BlackBerry.

I'd choose Normal. Strong, and you might get some false positives. That's when non-spam gets caught in the filter and when the person you sent you that like totally legit email pings you with "did you get my email," and then you see it is in your junk email.

From developer Antair Corporation, the Blackberry flavor of Antair Spam Filter costs $49.95. Club Handango Members pay $44.95.

Clicking Read below this post will get you to Handago.com's Antair Spam Filter order and download page.

BlackBerry Forums member Andrew Palmer writes this morning that Verizon Wireless sent him a reworked, second-hand 8703e, or "Field Replacement Unit" (FRU) BlackBerry 8703e8703e, to replace his 8703e that melted down after just 60 days use. Yet the Verizon replacement arrived -- "and this I find alarming -- with the previous owner's private data STILL ON IT."

Ooh, that doesn't sound good.

Here's the personal data the replacement unit contained:

A BlackBerry Patent application filed with the Canadian Intellectual Patent Office points to a new method for a BlackBerry to work within a a Virtual Private Network.

That's not all, but we're talking working within a VPN for secure exchange of real-time data.

You're looking at what I consider the Patent app's key image above.

"But what do all these numbers mean," you ask.

This is one of these cases where the Abstract does a fine job explaining what's goin' on. And what all those numbers and arrows mean.

The BlackBerry Technical Knowledge Center has just posted a valuable document entitled "Protecting the BlackBerry device program against malware."

Among several other points, the document (linked below) notes that when a BlackBerry Enterprise Server admin pushes trusted third-party apps to BlackBerry devices, the device is designed to thwart malware attacks in the following ways:

• When trying to download any kind of application, by default the BlackBerry device first downloads a small portion of the application to determine the hash and verify whether the application is permitted on the BlackBerry device.
• BlackBerry Enterprise Server administrators can set IT policies and application control policies in the BlackBerry Manager to control the manual or automatic installation of third-party applications on BlackBerry devices and third-party application access to their organization's BlackBerry device resources and applications.
• IT or BlackBerry Enterprise Server administrators can also place the BlackBerry Enterprise Solution in multiple network segments by installing each component on a remote computer and then placing each component in its own network segment.

The document then goes on to explain rules-related safeguards available to control third-party apps.

I just came across this story on my BlackBerry. John O'Connor who is a researcher on Symantec's security response team claims hackers can pay $100 for an API developer key. With this he says a hacker can gain access to information on a BlackBerry.

Apparently the information was posted on a blog and then pulled off, but not before eWEEK Security Watch got a peek. Ultimately it sounds like O'Connor thinks RIM has made it too easy to get a code-signing key without having to reveal who you really are.

He cautions about text messaging weaknesses as well as malicious applications being able to access email and contact information. Then these programs would be able to send out the stolen information via email or data.

What do you think?

A BBHub reader, Rogers Wireless employee and BlackBerry subscriber named "Gexxy" says he (maybe a she but for consistency will refer to Gexxy as "he") tells me he's just received an email from Rogers about new anti-spam measures being undertaken for their BlackBerry Internet Service Accounts.

"In response to the increased amount of SPAM e-mail that has been showing up in the Inbox @rogers.blackberry.net) of BlackBerry Internet Service customers, RIM will be implementing additional improvements to the BIS anti-spam filters to reduce, but not eliminate, the number of unwanted and unsolicited e-mails starting on December 2, 2006," the letter reads. "Also, RIM will be implementing additional enhancements to BIS in upcoming releases to further reduce the amount of SPAM messages."

The letter then goes on to say that this update to the BIS Anti-SPAM solution will be based on a Reputation Scoring System, and will require no end-user interaction, acceptance, or configuration by customers. There will be no charge for the Anti-SPAM solution on BlackBerry Internet Service.

Gexxy has also provided the text an FAQ that was included with the letter.

While we tend to avoid cut-and-paste jobs here like the plague, I think you will agree with me this new anti-spam policy is important enough to justify us replicating Rogers' FAQ about the subject.

S here goes:

Phonemag notes that in a survey of 85 taxicab companies serving the San Francisco-Oakland and the Washington-Baltimore metropolitan areas, 6,102 phones and PDAs were lost in taxis in the Washington-Baltimore area and 2,754 lost in SF region cabs within the last six months.

The good news is that mobile devices, including BlackBerrys, have a tendency to be returned: some 80 percent return rate in DC and 65 percent in SF.

But just having your device returned may not be enough for a reassuring feeling.

"It is good news that most of the lost devices were eventually returned to their owners. However, simply recovering the lost equipment may not be enough for all organizations," said Marty Leamy, president of Pointsec Mobile Technologies (which commissioned the study). "Corporations and government agencies need to know what happened to their sensitive data while it was out of their hands.

"Without proper safeguards and data encryption," Larny addedit may be impossible to tell whether the information was improperly accessed before the lost equipment was returned."

From time to time, I notice threads on the BlackBerry forums about remote unlocking for various BlackBerry models. We even receive some questions about these services as well.

After reading Boy Genius' favorable remarks about GSM Phone Source yesterday, I was once again reminded to tell you about this remote unlocking service and how it works.

Let's take the T-Mobile BlackBerry Pearl 8100 for example.

You pay $42.95 for the unlocking service, and when you submit your order you include the IMEI number for the BlackBerry you are unlocking in the notes section when you are making your PayPal payment. On this device you can locate your IMEI number when you enter *#06# from your phones keypad. It is a 15-digit number.

If you place your order by 3 p.m. Pacific Time, you'll typically receive your unlock code the same business day.

Anyone else notice spam sent directly to your BlackBerry BIS email account? I just started getting it this past weekend and its still coming.

I find it odd because I don't usually give out the email address as it is too confusing. I send stuff to my yahoo or gmail address that gets sent on to my BlackBerry.

What I also noticed today was the to address isn't even my address, but it is still coming into my BIS email account. I have T-Mobile, but the spam I received today was addressed to a Melissa with Rogers.

I found a thread on Pinstack where other people are complaining about the spam as well and I was curious to see if anyone else was having the same problem.

Dutch intelligence service AIVD has told Dutch MPs to stop using the Blackberry to access their email because their messages are prone to interception, The Register newspaper reports today.

In 2003 one hundred Blackberry handhelds were given to leading politicians and campaign workers from the Dutch CDA (Christian Democratic) party. The concept was that they could access their e-mail wherever they were on the campaign trail.

"Being able to react to and agree on things rapidly is essential," Dutch Premier and leader of the CDA Jan Peter Balkenende told Dutch newspaper De Telegraaf when the devices are received.

Now almost every Dutch MP owns a Blackberry. However, last year Dutch intelligence service AIVD had already warned MPs not to discuss anything important through the device because theoretically every message can be intercepted, despite the fact that the Blackberry is capable of using Triple DES encryption for data transmission. Unfortunately, end-to-end encryption (where both parties are secured) cannot always be guaranteed.

The Dutch Department of Defense is sticking with BlackBerrys, saying it is using its own solution for securing data transmission

There's more than one solution that lets you use your BlackBerry to retrieve and view documents from your enterprise file server.

Condor File Explorer is a thrid-party solution that uses the MDS featur eon your BlackBerry Enterprise Server to perform these functions.

This is done via a connection to the Active Directory. When the directory structure is published to the BlackBerry handheld, approved file type directories and related file lists are tramsmitted, secured by AES/3DES encryption. Once the BlackBerry device receives these files, they are cached on the handheld and canonly be updated upon user request.

Additionally, the administrator may customize which files will be displayable on users' devices.

VaporStream is a new type of email service that leaves no traces.

The concept is, you use your own email address send a message through the secure VaporStream server. This ensures there is no relationship between your message header and the body of your message.

Your recipient can only view the message once. Then, it disappears from the server, automaticlaly and without a trace.

Void Communications, which makes the $40 VaporStream utility, says they are developing a BlackBerry edition. It should be out in the next few months.

Solution Technology said it will debut an all-in-one integrated ArmorPlus for BlackBerry 7200 utility.

To be rolled out at the upcoming Emergency Technology Business Showcase in Fort Lauderdale, Fla., a week from today, the application will include functionalities for for Barcode Scanning, GPS, Touch Screens with eSiguature and Secure Data Memory Card capability.

Specific components include:

• Class 2 laser barcode scanner from Symbol Technologies;
• ArmorPlus for BlackBerry GPS, with off-road and off-net capabilitiesm abd
• Touch Screen Window option with signature capture capabilities and a touch-sensitive window;

Even if just for an excess of caution, some security experts advise BlackBerry users to change their passwords from time to time.

Before some of you utter a collective "why is Russ writing about something so simple," let me tell you why I have chosen to do so.

That's because the BlackBerry Technical Knowledge Center -probably via internal memos from Tech Support- has decided this question is common enough to work up and post a new document describing how you should do this.

Essentially, you have two choices:

Your first alternative is type an incorrect password ten times. The data on the BlackBerry device will be erased and the password will be reset. After your BlackBerry is resent, you'll see a prompt for a new password.

The document notes that During the process of typing an incorrect password ten times, you may be prompted to type blackberry a few times.

But what if you don't want to go through that error-and-trial process to change your BlackBerry password? You have an alternative.