BlackBerry 6 Browser Hacked, RIM Provides Workaround

Advertisement

At the recent CanSecWest digital security conference in Vancouver, BC, a team of hackers was successfully able to compromise security on a BlackBerry device through an exploit in the recently added WebKit browser. The hack is particularly impressive as there is little to no documentation available about how the internals of the BlackBerry OS work.

Vincenzo Lozzo, Willem Pinckaers, and Ralf Weinmann made up the team of hackers that accomplished the exploit. Iozzo and Weinmann were the winners of last year’s Pwn2Own contest for hacking into the iPhone. They were able to access the phone’s microSD storage, write a file to the phone, copy images from the device, and access the contact list. RIM had their security response team on hand to witness the attack.

The hack was tested against BlackBerry firmware 6.0.0.246. A firmware update has since been shipped, but the WebKit flaw remains unpatched. RIM suggests disabling javascript in the BlackBerry browser as a workaround to being vulnerable to this attack. While javascript is not the area of vulnerability, it is required to accomplish the hack. RIM relies largely on “security by obscurity” and does not utilize some of the advanced protection features of other platforms such as data execution prevention.

Source: BlackBerry

Via: IntoMobile

Advertisement
What's your reaction?
Love It
0%
Like It
0%
Want It
0%
Had It
0%
Hated It
0%
About The Author
GabePeters