Qualcomm BREW

BREW, or Binary Runtime Environment for Wireless, is a software development platform developed by Qualcomm. The runtime was originally intended for CDMA devices, but it also can be found on GSM phones as well. Feature wise, BREW has the potential to be very powerful as it uses C/C++ for development, but the brutal DRM tactics put in place make it unsuitable for developing homebrew applications on a BREW enabled phone.



DRM
BREW has multiple application signatures in place. When it comes to commercial game/app signing, one signature verifies the developer of the program and another verifies that the program has passed "True Brew" testing. These signatures are protected using the phone's ESN or MEID which is in place to prevent sideloading of BREW applications.

There are ways to circumvent BREW DRM to run unsigned code, but do note the current ways range from running a phone firmware through a disassembler to remove the signature checks entirely, to just changing the ESN of the phone to match a once-valid test signature.

Running unsigned code on BREW devices

Currently, the only known example of a BREW exploit is this, which "bypasses security features easily using a loop hole in the certificate expiration process". The actual usefulness of this is questionable though, as modified drivers aren't needed to perform the actions shown in the PDF, and the mention of the BREW SDK Simulator has no connection to the exploit itself.