New Vulnerability Found On PlayBook OS 1.0 Bridge
Security researchers at this years Infiltrate security
conference have discovered a new vulnerability that has potential to allow malicious applications to access personal information. Zach Lanier & Ben Nell both of the Intrepidous Group are responsible for finding the vulnerability.
This particular vulnerability relates to the PlayBooks native applications. When a native application for the PlayBook is created the developer has access to a unique file called the .ALL file. This file on the QNK based system allows them access to shared data or files. In short, there is a flaw which allows native developers access to files they should not have access to.
The .ALL file when used security researchers allowed them to access a PlayBook owners bookmarks, Wi-Fi access points, BBM username and info, desktop manager token, and the BlackBerry Bridge token. This token is pretty much the key that connects the BlackBerry device to the PlayBook. The Bluetooth connection between the PlayBook and phone is secure, but the problem is that this token can be used by a native developer to query the bridge for data they should not have access to.
RIM has spoken out about this vulnerability in the following official statement:
Media Statement: Infiltrate conference
“The BlackBerry PlayBook issue described at the Infiltrate security conference has been resolved with BlackBerry PlayBook OS 2.0, which is scheduled to be available as a free download to customers in February 2012. There are no known exploits and risk is mitigated by the fact that a user would need to install and run a malicious application after initiating a BlackBerry Bridge connection with their BlackBerry smartphone.”
So there you have it. It looks as though RIM will not be fixing this, as they state that OS 2.0 has resolved the issue. It seems as though the PlayBook and its QNX based OS is getting its fair share of security testing.