Blackberry PlayBook Tablet Security Flaw Discovered
An exploitable connection between the PlayBook tablet and handheld BlackBerry devices poses a risk to users.Research in Motion (RIM), the company behind BlackBerry smartphones and the struggling PlayBook tablet, faces a new security threat after Ben Nell, a consultant with the Intrepidus Group, and colleague Zach Lanier, a principal consultant with Intrepidus, announced the flaw during the Infiltrate Security Conference in Miami this week. The security flaw allows hackers to tap into a connection made between the tablet and handheld devices, according to a report on ThreatPost, a Kaspersky Lab security news site. The report said the authentication token for BlackBerry Bridge, which uses Bluetooth technology to connect the two devices, could be located and acquired, allowing a hacker to access sensitive information, including email accounts. ThreatPost quoted Lanier, explaining while the Bridge is active, the token is in a place that is essentially world-readable, and the file being in a place that is world-readable is the issue that causes the problem with the Bridge sessions.
"The BlackBerry PlayBook issue described at the Infiltrate security conference has been resolved with BlackBerry PlayBook OS 2.0, which is scheduled to be available as a free download to customers in February 2012," RIM said in a statement published on ThreatPost. "There are no known exploits, and risk is mitigated by the fact that a user would need to install and run a malicious application after initiating a BlackBerry Bridge connection with their BlackBerry smartphone."