Attacks/Breaches
12/7/2011
11:20 AM
Eric Zeman
Eric Zeman
Commentary
50%
50%

RIM's PlayBook Security Patch Doesn't Last Long

Research In Motion hoped to close a security breach with a software update to its PlayBook tablet, but coders cracked the patch in only a few hours.

Research In Motion provided a system update to the BlackBerry PlayBook tablet late Tuesday. According to the changelog, the primary purpose of the update was to plug a security hole being exploited by the Dingleberry Playbook jailbreak tool.

The log said that version 1.0.8.6067, which is only 5 MB in size, "offers support for Flash 10.3 and updates to Adobe AIR to support developers in addition to DST and security fixes."

Researchers had recently released a tool--called Dingleberry--that unlocks the PlayBook, a first for RIM's tablet, which included government-grade security features. Once unlocked, PlayBook users are granted access to the entire PlayBook codebase, allowing them to do a lot more with it than through the generally available tools.

For example, the Android Market--and its hundreds of thousands of apps--is available for the first time on the PlayBook. While RIM is still developing PlayBook OS 2.0, which will bring support for Android apps in an emulator, impatient PlayBook owners can dive in now if they don't mind cracking the tablet's code. (The patch isn't yet available to developers already using the PlayBook OS 2.0 beta.)

[ No doubt, RIM's had a bad year. Will RIM Make It To 2013? ]

RIM responded to the news of a jailbreak for its beleaguered tablet. "RIM will follow its standard response process to develop and release a software update that is designed to minimize adverse impact to our customers or carrier partners," RIM said in a statement last week. "RIM is aware that the security researchers have stated they intend to release a tool to jailbreak the BlackBerry PlayBook tablet. If such a tool is released, RIM will investigate it."

As stated, the security patch was able to close up the breach discovered by the Dingleberry developers--but not for long.

Chris Wade, one of the researchers behind the rooting tool, released a new version of Dingleberry that uses a different exploit to punch through the PlayBook's security to achieve jailbreak.

RIM has yet to make any statements about the new jailbreak, but surely it is cursing and already looking at ways to plug the new hole.

Earlier this year, the PlayBook was awarded FIPS certification by the National Institute of Standards and Technology (NIST). It is the only tablet that has received this level of security certification.

FIPS certification is required for devices to be used by the federal government. This clears the PlayBook for use by government agencies, and means the PlayBook meets RIM's own stringent security requirements for features such as native email and contact management.

RIM has to stand by the PlayBook, especially with respect to security. I'd expect RIM to distribute a new security update as quickly as it can.

Database access controls keep information out of the wrong hands. Limit who sees what to stop leaks--accidental and otherwise. Also in the new, all-digital Dark Reading supplement: Why user provisioning isn't as simple as it sounds. Download the supplement now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9710
Published: 2015-05-27
The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL settings and gain privileges via standard filesystem operations (1) during an xattr-replacement time windo...

CVE-2014-9715
Published: 2015-05-27
include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via outbound network traffic that trig...

CVE-2015-2666
Published: 2015-05-27
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header and leveraging root privileges for write access to t...

CVE-2015-2830
Published: 2015-05-27
arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the (1) fork or (2) close system call, as demonstrate...

CVE-2015-2922
Published: 2015-05-27
The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

Dark Reading Radio
Archived Dark Reading Radio
After a serious cybersecurity incident, everyone will be looking to you for answers -- but you’ll never have complete information and you’ll never have enough time. So in those heated moments, when a business is on the brink of collapse, how will you and the rest of the board room executives respond?