BlackBerry 6 Browser Gets Hacked, RIM Suggests Turning off Javascript

At the CanSecWest security conference in Vancouver, some well-intentioned hackers broke into a BlackBerry handset through the WebKit browser in OS 6.0 (found on the Torch, Style, Bold 9780, and others). Vincenzo Iozzo, Willem Pinckaers, and Ralf Weinmann were able to access the phone’s contact list and files stored on the microSD memory card, as well as write a file to the BlackBerry through “a separate integer overflow flaw”. Whatever that means. After seeing the successful attack, RIM’s Adrian Stone said, “It happens. It’s not what you want, but there’s no such thing as zero code defects.” RIM has posted a lengthier response to the attack in their knowledge base, that essentially tells folks to turn off Javascript if they’re worried about being a victim of the exploit. Interestingly, the KB article denies that the flaw allows access to contacts.

Research In Motion prides itself on enterprise-grade security, but from a programmer’s perspective, that security is achieved by RIM mostly through a lack of documentation rather than using the latest and greatest techniques, such as Address Space Layout Randomization and Data Execution Prevention (which are both present in the iPhone). That’s not to say the BlackBerry browser was the only one to emerge from the Pwn2Own competition with a few scratches; Safari on the iPhone also succumbed to hackers. Those assigned to tackle Android never showed up, apparently. Too bad, I would have liked to see all three of the big players get knocked down a peg.

Security remains one of BlackBerry’s few selling points left in relatively high esteem; device specs don’t compete at the higher end, app quality and quantity don’t match the other platforms, but enterprises still love the extensive management infrastructure RIM provides. I’m sure the issue will get patched up quickly enough, but BlackBerry really can’t afford to take too many knocks against its reputation for security.

[via ZDNet]