Earlier today there was a report coming from the Infiltrate Conference that the Intrepidous Group had given a talk on security issues surrounding the BlackBerry PlayBook. The group claims to have discovered “several high risk vulnerabilities with RIM’s Blackberry Playbook that allows malicious applications to access personal information, contacts, and emails from connected Blackberry phones.” Now this is a worrying concern, especially since the PlayBook has been marketed as an enterprise device. RIM was quick to the take and has made a statement regarding the claim made by the Intrepidous Group.
Media Statement: Infiltrate conference
“The BlackBerry PlayBook issue described at the Infiltrate security conference has been resolved with BlackBerry PlayBook OS 2.0, which is scheduled to be available as a free download to customers in February 2012. There are no known exploits and risk is mitigated by the fact that a user would need to install and run a malicious application after initiating a BlackBerry Bridge connection with their BlackBerry smartphone.”
It is good to see that RIM has identified the security issue, and that they have fixed it in the PlayBook 2.0 update that we should see sometime in early February. However this does mean that consumers not running 2.0 are at risk if they manage to install a malicious app. Given this is not exactly easy, and I am sure that the average consumer would not be installing anything that they did not find in Appworld, but the possibility is there.