Thanks to the explosion of iOS and Android phones and tablets in the consumer and enterprise markets. Now, the spotlight is slowly beginning to turn in the direction of RIM, and specifically its BlackBerry PlayBook tablet.
The first dings in the PlayBook's armor came last month when a group of researchers published a tool that could jailbreak PlayBook tablets through the exploitation of a bug they'd discovered in the operating system. RIM later issued a fix for the jailbreak, but that was just the start of what may end up being a long road for the company's security efforts.
The latest indication is work done by a pair of researchers who found a series of problems and weaknesses in PlayBook, including one that enables an attacker to listen in on the connection between the tablet and a BlackBerry handset. That connection, which is done via Bluetooth in the company's Bridge application, is designed to allow users to access their corporate email, calendar and other data on the tablet.
How The Attack Work :
In order for their attack to work, certain conditions must be present. For example, an app that can access the token must be installed on the PlayBook. A malicious mobile app would satisfy that requirement. Or, if an attacker was able to exploit another flaw on the tablet, he would be able to access that token as well.
RIM is touting the PlayBook as the enterprise-ready tablet, and marketing it aggressively to its large installed BlackBerry customer base. The tablet doesn't currently have a native email client, so users who want to read their corporate email on the PlayBook either need to use a webmail client or connect to their BlackBerry handsets using Bridge.
In addition to the Bridge vulnerability, there are some interesting issues with the BlackBerry AppWorld app store. For one,file names in the store are sequential and therefore predictable, so a user could simply increment the file name to a desired number and download whatever app he chose.