Not so secure PlayBook say crackers

Three security researchers have created a tool called DingleBerry that lets users get root access on their BlackBerry PlayBooks. The exploit is not yet public, but the three promised to reveal the technique via the rooting tool within a week or so. BlackBerry maker Research in Motion is talking to the trio, and feverishly working on a fix.

This is a major issue for RIM, as “jailbreaking” the PlayBook would threaten the firm’s reputation for iron-clad security – the main differentiator that makes it attractive to its corporate customers. The PlayBook runs on a version of QNX that is legendarily secure, and is widely used by manufacturers of embedded controllers and in the automotive industry.

One video posted to YouTube by hacker Nueralic show him getting root access, which persists even after rebooting. The core work was done by the third dev, xpvqs, with the other two helping refine it. They plan to release DingleBerry “pretty soon” once they have it tidied up.

A second video shows Chris Wade (@cwmdotme) streaming content from online service Hulu, which normally will not run on the tablet.

RIM posted a statement:

“Research In Motion (RIM) is aware of a claim made on Twitter by security researchers working together that suggests the ability to “jailbreak” a BlackBerry PlayBook tablet. The term “jailbreaking” is commonly used to describe altering the software on a smartphone or tablet in order to obtain access to systems or applications not officially authorized or distributed by the manufacturer. BlackBerry smartphone users are not affected. RIM is currently investigating this claim and has been in contact with one of the security researchers to discuss it.

RIM is currently not aware of a jailbreak being leveraged by anyone other than the researchers, who claim to have performed a jailbreak on their own BlackBerry PlayBook tablets only. If it is determined that the claim is accurate, RIM will follow its standard response process to develop and release a software update that is designed to minimize adverse impact to our customers or carrier partners. RIM is aware that the security researchers have stated they intend to release a tool to jailbreak the BlackBerry PlayBook tablet. If such a tool is released, RIM will investigate it.

The security of mobile devices and major networked systems is tested by third-party security researchers every day. RIM also continually tests the security of its own products, and volunteers its products to recognized industry experts for security testing and certification to help identify possible issues. RIM is committed to the BlackBerry PlayBook tablet and to working with researchers to continue to protect our customers.”

CWM just tweeted this hack of a Dilbert cartoon.