BlackBerry PlayBook

Grab a bargain with a BlackBerry PlayBook at under 80 bucks

News & Rumors

Grab a BlackBerry PlayBook for $69.99 today only from eBay

Devices

From the forums: The BlackBerry PlayBook 10 concept and this one looks a real beauty

PlayBook Apps

CascaRun Sports Tracker Pro hits the BlackBerry PlayBook

Editorial

CrackBerry Mailbag: The Death of the PlayBook

Devices

BlackBerry PlayBook OS support officially ends this April

BlackBerry Tablet OS

BlackBerry PlayBook updated to OS 2.1.0.1917

CrackBerry Polls

60% of BlackBerry PlayBook owners are still perfectly happy using their tablets

BlackBerry Apps

BlackBerry still actively working on PlayBook OS updates, Bridge update now available

From the Forums...

What features would your ultimate BlackBerry PlayBook 2 have?

PlayBook Games

Flappy Herbie makes his way to the BlackBerry PlayBook

BlackBerry Apps

View phone call notifications on the PlayBook with the latest update to BlackBerry Bridge

CrackBerry Polls

CrackBerry Asks: Do you still use your BlackBerry PlayBook?

BlackBerry Accessories

Sky Drone aims to give BlackBerry 10 device and PlayBook remote aerial viewing

Devices

Get a 64GB BlackBerry PlayBook for just $130, but you have to act fast!

CrackBerry Polls

CrackBerry Asks: Are you picking up a new tablet or sticking with your BlackBerry PlayBook?

Editorial

CrackBerry Report Card: PlayBook owners' plea

Interviews

BlackBerry CEO on BB10 for PlayBook: "It was one of the toughest decisions I had to make"

Devices

RIP BlackBerry PlayBook: 2011 - 2013

BlackBerry Tablet OS

BlackBerry announces BB10 is not coming to PlayBook

< >

BlackBerry PlayBook rooted yet again, after RIM security patch issued

DingleBerry
By Bla1ze on 6 Dec 2011 10:27 pm EST
5
loading...
13
loading...
72
loading...

Well that didn't take long. Only a few short hours after RIM released the latest BlackBerry PlayBook OS to help fight off the DingleBerry exploit, the BlackBerry PlayBook has once again been rooted making use of another exploit known by Chris Wade. RIM did in fact patch the previous security matter as suggested in their security article on the matter but where this makes use of a different exploit within the QNX system, it's not as-of-yet known how this one functions.

Source: @cmwdotme

40 comments

XPEH

Hilarious! Great job, Dingleberry developers!

sk8er_tor

I still don't get the big deal with this. First you have to enable developer mode. Then you have to connect the PB using a USB cable to a computer. Then you have to have File Sharing enabled. And then you have to know the PlayBook password. I don't see this as a security vulnerability. More of a tinkering around/having fun with the QNX OS. I guess looking at the bright side, it helped push out an OS update!

PlaybookPlayboy

yeah, its hardly a root if you need the password FIRST! rofl. someone needs to go to a SANS training course or two.

Kennedy.L

Was their confirmation that the security update this afternoon was set out to disrupt the rooting?

Pootermobile

Haha oh man that was quick

ciscobear

Why not just hire the guy LOL probably could get features implemented faster than RIM, like the NEVER TURN OFF MY PB OPTION on battery or power.

Lead_Express

OS 2 had better be air tight. How can you call this thing "professional grade" with holes like this?

Jerky223

The iPad is in the enterprise space now and it's been jailbroken, I don't think DingleBerry will effect PlayBook.

For DingleBerry to work you need to know the password of the PlayBook and turn on Developer Mode.

borisporosin

true for DingleBerry, but there are as well other ways to attack Playbook... stay tuned... ;)

ekafara

He is doing all the hard work finding the exploits and then RIM just has to patch it. It will probably continue until there are no more exploits.

mercenarycat

And there in lies the fun. 2600 all the way

portal

Fantastic! My suggestion would be to keep this exploit a secret and let RIM try to work out what it is. That way, we can continue to enjoy the soon to come many options with a rooted device!

wxmancanada

Not quite how it works - once a rooting tool is released - it's pretty easy to monitor how it's doing what it's doing.

Vanti

These Devs are damn sure hard at work!!! Rim should hire them and put them into some division because they would surely get something done

BB_Bmore

I do believe he probably had this up his sleeve.He knew rims next move and prepared in advance.This id becoming a chess game and it is very interesting. LETS GO BOBBY FISCHER!!!

shootsscores

l'm enjoying the contest.

Gotta love the differentiated updates QNX facilitates.

Frankly, I don't think the hackers are going to get too far.

pbfan

This proves nothing.

CrackBerryTorch9800

BB10 is the future of blackberry. Blackberry is known for security as is QNX. It's amazing to me that this can even be happening. If RIM knew about this months ago it should have never been allowed to last over a week.

Governments, big business don't want a product that can be rooted and the security broken. If one person can do it then multiple people can. RIM is going to have to rely more and more on enterprise and governments for cash flow and if the product is broken they wont buy.

If I was one of those Co-CEO's i'd say goodbye security director for the playbook. See ya later

the_sleuth

Exactly, why would enterprise or government purchase BBX or PB over iOS or Android devices now. RIM's levy has broken. It will taken on more water. This is not good news for RIM. This will go viral in the biased media against RIM.

DBX00

Please remember that the Playbook doesn't talk to the NOC, so assuming Blackberry can verify rooted devices it can just elimintate your access to BES/BIS. That's where the real enterprise security is for RIM; anyone can hack any independent device because no system is perfect, but combine that with network verification and it becomes a tad more difficult to maintain.

DatBoyHam

I don't want my PB rooted but if they continue to root the patches maybe they'll have RIM push 2.0 out the door early with a patches in tac LOL..........hmmm your move RIM :)

BigBallsB

I'm not sure what exactly all the implements of rooting your playbook can do but having hulu and netflix is nice. I wonder if this exploit will hold back rim since this is taking people away from their task of pushing os2 out the door.

KQ17

Can you say RIM will hit their Waterloo?

ksean007

OK I used the dingleberry release previous to this one and decided I would try a security wipe after a back up of course, and guess what it still keeps OS2.0 beta without downgrading it so I'm assuming if you really want to go back to release 1.08 it will have to be done using DM or am I wrong?

DBX00

Having these roots come out is just taking developer time away from meaningful OS updates and don't really give you access to anything meaningful. Is there really anything you can't just develop using the NDK that this would allow you to develop? I get that it opens up the gate for an illegal app store, but that's not good for developers or the ecosystem given the lack of current apps.

BigBuffBerry

Exactly. Hope these asses don't delay os2 even longer. If that happens then lets see how pro root you guys are.

MrFuts

RIM's reputation for having a secure OS also goes down the drain by ignoring the problem.

They should do a quarterly security gathering, much like Pown2Own where ladies and gentlemen are allowed to come in to exploit QNX.

Winners get a free Playbook and $10g's, first place gets a trophy for cracking it the fastest.

Once the OS gets harder and harder to crack, up the pot, and media blitz the event.

joski

NEWSFLASH: DingleBerry is STILL a joke. And Chris Wade is STILL a DingleBerry. Zing!

PlaybookPlayboy

No doubt. Hey wanna root my PC? here lemme give you the FDE password first! lol these guys should be embarrassed.

canbbguy

As a security professional, this is the definition of irresponsible disclosure. The "researcher" should first disclose the vulnerability to the supplier (RIM) and give them an opt to resolve it. This flies in the face of years of responsible disclosure amongst the security community.

See http://en.wikipedia.org/wiki/Responsible_disclosure

EchuOkan1

This is impressive. These guys are awesome! Congratulations.

Shlooky

LOL!!!!!!! RIM got owned :-)

landorghini

I have a question? If RIM implemented a icloud based service for all bb products to push out updates will that be more of an ideal resolution to the rooting? Since synching it to a PC opens up its exploit...I was just wondering..its probably why apple went that route to avoid jailbreakin it...then what can the dingleberry team do then? Probably give up at that point especially if those delta updates comes into play then they would be stuck with an outdated OS lol

landorghini

I was wondering if RIM implemented delta updates and a icloud structure to synching will that be the best solution for the dingleberry exploit? I'm assuming that's why apple did it so it can workaround the jailbreakin, epecially if you wanted to push to the masses enticing updates like PIM, bbm video chat, etc.

mooda

theres an even simpler fix for rim to clear this up

bye bye developer mode. its only really needed for developers to load apps for testing the regular consumer really doesn't need it

titanjhb

I would just make it so that with OS 2.0 you can disable developer mode from BES/policy. So consumers can hack the playbook as much as they want, but businesses are confident their playbooks remain secured until RIM can patch any vulnerabilities.