-
Article | 4 min ago BlackBerry Q1 2014 fiscal results to be announced on Friday, June 28th, 2013 -
Article | 9 min ago Ten Important Observations from BlackBerry Live 2013 -
Article | 9 hours ago Deal of the Day: Save 42% on the Incipio OVRMLD Flexible Hard Case for BlackBerry Z10 -
Article | 2 hours ago Have you checked out our BBM Channels forum yet? -
Article | 4 hours ago How does the Q5 add to the BlackBerry story? -
Article | 5 hours ago Bored with a buddy? Why not get it on with Pool Two Player for BlackBerry 10
Topics
-
- BlackBerry 10
- BlackBerry Z10
- BlackBerry Q10
- Editors' Choice Apps
- BB10 Apps
- BB10 Games
- Z10 Accessories
- The CrackBerry Forums
- Latest Forum Posts
- Popular this Week
- Contests - Win free stuff!
- CrackBerry Apps
- Join CrackBerry Today!
- Getting Started Guides
- BlackBerry 10 How-Tos
- PlayBook How-Tos
- BlackBerry OS How-Tos
- Product & App Reviews
- BlackBerry Support Forums
- Popular Destinations & Topics
- BlackBerry 10 Forums
- PlayBook Forums
- CrackBerry Unlocking
- Wallpaper Maker
- Download CB10 App
- Rumored Devices
- BlackBerry 7
- Latest OS Updates
- BlackBerry Messenger
- Sideloading Android Apps
- Instagram for BlackBerry
- Rogers
- AT&T
- Verizon
- Sprint
- BBRY News & Stock Talk
- Thorsten Heins
- QNX
Related Stories
-
Article | 3 months ago Goodbye RIMM, Hello BBRY! - Research In Motion ticker change happens Monday, February 4th - Article | 3 months ago Research In Motion rebranded to BlackBerry
- Article | 3 months ago Highlights from the opening of RIM's Tech Centers in Brazil
- Article | 4 months ago The Mobile Shop joins the growing list of Canadian retailers offering BlackBerry 10 preorders
- Article | 4 months ago UK fans go hands on with BlackBerry 10 - The BlackBerry Elite Program gets an explosive start
- Article | 4 months ago RIM still pushing BlackBerry 7 as two new promo videos hit the web
- Article | 4 months ago RIM takes BlackBerry 10 development to new heights - quite literally
Essential Reading
-
Article | 3 days ago BBM has a real shot at consolidating the global mobile messaging market - Article | 2 days ago Control your Tesla Model S via your Z10 or Q10 with the Model S for BlackBerry app!
- Topic | 1 day ago BlackBerry Formula 1
- Article | 1 day ago Calling the CrackBerry Community: We want to feature YOUR awesome photos in our articles!
- Article | 3 days ago Introducing CrackBerry's new Editors' Choice App Gallery!
- Article | 1 day ago Neil Gaiman's amazing A Calendar of Tales now available
- Article | 1 day ago BlackBerry Accessory Roundup - Enter to win a Z10 case of your choice!
- Article | 9 min ago Ten Important Observations from BlackBerry Live 2013
RIM advises disabling JavaScript in your BlackBerry browser after exploit discovered
By Bla1ze on 15 Mar 2011 08:12 pm
0
43
245
In light of the exploit found during the most recent Pwn2Own convention Research in Motion has introduced a new article to the RIM knowledge base advising users of OS 6 capable devices on how to avoid having their BlackBerry browser exploited. While the potential for someone actually attempting the exploit still remains small, the fact the information is out there is reason enough to protect yourself against it.
RIM KB26132 is the article in place to prevent the exploit from running on your device -- the process is simple really. Just disable JavaScript for the browser while RIM works on hotfix for it. As noted, if you are a BlackBerry Enterprise Server administrator, you can turn off JavaScript support using the Disable JavaScript in Browser IT policy rule. Just remember, in doing this you'll end up having a less than optimal browsing experience. If you're not running BlackBerry 6 this is not needed.
vx1 Mar 15, 2011 at 8:26 pm
huh only BB 6 needs to disable javascript ? well either way its cool RIM came out and said so .. working on hot fix.
Bla1ze Mar 15, 2011 at 9:05 pm
The exploit is a WebKit issue, not BB. OS 5 lacks webkit, thus not needing it.
mssca Mar 15, 2011 at 10:25 pm
Here is my RANT!!!
I don't know what's wrong with RIM, they should be able to make a good working browser using their top of the line high paid programmers. This browser was made by open software development teams and Apple Inc had a huge hand in developing this browser. WHAT WERE they thinking when top engineers at RIM approved implementation of this browser? I am a Canadian student and RIM's software engineers are the best paid software engineers in CANADA. Why the hell then these losers at the top cannot develop their own browser?
Just to get a student software engineering position at RIM, they what my GPA to sit above 3.7/4.0 and YET, the they cannot built their own browser. Even IBM Canada hired me with 3.0/4.0 GPA!!!
I think, RIM needs to change its business philosophy. I am thinking about promoting iPhones over BBs. May be I should join Apple with my 3.0 GPA!!!
RIM, you lost me as a customer!
mnemonicj Mar 15, 2011 at 10:33 pm
chill dude. even open sourced, secured, and highly developed software (including linux) has flaws. exploits are commonly uncovered in linux, but they are almost immediately patched to prevent dangers.
mssca Mar 15, 2011 at 11:41 pm
Yes, you are right... Even according to my textbooks, ANY software can be hacked. I am mad at RIM because they turn me down on a student position.
BUT... RIM should stay away from open source stuff because their competition like Apple may use them to attack RIM.
trentoncampbell Mar 16, 2011 at 9:56 am
3.0 is not that great of a gpa. Most engineering masters programs require no less then a 3.0. Most schools will kick you if you get less then a 2.0. What would RIM take the top 31% of students when they could have the top 4% that get a 3.7.
kcl929 Mar 15, 2011 at 11:55 pm
You mad?
Its no wonder they didn't hire you with your exceptional spelling and grammar skills.
vx1 Mar 15, 2011 at 10:48 pm
k, makes sense - thanks.
jcastilloalonso Mar 15, 2011 at 9:11 pm
I wonder if the fix will be a hotfix or if it will require a new OS build? One of the reasons I hate OS control for BB are in hands of carriers and not RIM....
datta72 Mar 16, 2011 at 9:20 am
True, carriers won't release it until there's more changes that need to be made, which can take forever.......
djkbb Mar 16, 2011 at 11:06 pm
The official AT&T approved OS update for the 9800 with this hole patched will be out Q4 2013.
phone9 Mar 15, 2011 at 9:20 pm
It would be nice if it were as simple as downloading one replacement COD file to install over the existing OS, but have they ever done that before? How else could a hot-fix be done?
Bla1ze Mar 15, 2011 at 9:22 pm
Sadly.. OS Updates.
Culex316 Mar 15, 2011 at 11:10 pm
I agree..the Webkit engine isn't in any COD file but in the radio (.sfi) itself so a whole OS update will be needed.
ignites Mar 15, 2011 at 9:37 pm
wonder if it will be a pb issue... pb is using webkit.....
wizmillso Mar 15, 2011 at 9:43 pm
RIM knows what they're doing, the've been the most secure for a while now. I believe they have this completely under control. They most like know exactly what they're going to do to fix this problem, which I'd like point out is an Apple product flaw and not a RIM product flaw.
boman06210 Mar 15, 2011 at 9:44 pm
But that was on a .2xx os, would newer versions have this issue? Or would only new ones released after this was known about?
papped Mar 15, 2011 at 9:59 pm
They never knew about the issue before. So all current OSes and previous OS6 versions will have it.
wizmillso Mar 15, 2011 at 10:46 pm
OS 5 wont have this problem, because it wasn't using Apple's security week WebKit
jasonvw Mar 15, 2011 at 9:59 pm
Glad to see Rims not trying to sweep this under the rug and pretend it never happened. Still want to see how they fix the issue. If it will be a simple patch or a full os upgrade. If its an os upgrade do they force carriers to release it immediately or continue doing what theyre doing and let the carriers decide.
miamimanu86 Mar 15, 2011 at 11:04 pm
and cripple my browser... nope!
miamimanu86 Mar 15, 2011 at 11:04 pm
and cripple my browser... nope!
ron87#cb Mar 15, 2011 at 11:17 pm
It's already crippled. It's a Blackberry.
sk8er_tor Mar 15, 2011 at 11:49 pm
Do us all a favor and go troll some place else.
black.berry.black Mar 17, 2011 at 10:14 pm
SERIOUSLY NO HATERS ALLOWED HERE!!
JRSCCivic98 Mar 16, 2011 at 12:40 am
Lol, RIM needs to reword that last part as "By disabling Java, you're basically breaking your Crackberry webpage functionality". :p
So let's see, if the bug in WebKit that allows this sort of hack to happen are really Java Script based ones, people with Safari can disable Java on their devices and fix their issues as well. ;)
noTh1ng Mar 16, 2011 at 1:41 am
This is the most ridicolous solution i have ever heard. If you disable javascript you can stop browsing anyway, cause there wont be much to browse to. Have they thought one second about the browsing experience without js?
This is just plain stupid. Instead of publishing rubbish like that RIM should concentrate on fixing the issue.
lycafe Mar 16, 2011 at 2:54 am
Well said.
I tried turning off JS but couldn't deal with it when browsing the web... so JS is back on.
daveshiz Mar 16, 2011 at 2:00 am
wot a load of crap disable javascript and wait on a hot fix ?
so have a shitty browser until rim able to rectify?
come on crackberry i know you are only passing on info
from rim but grow a pair o balls do you really recommend
to all youre loyal followers disable bear with it and rim will sort
come on !!
FlyHigh365 Mar 16, 2011 at 4:06 am
Yeah I'm most definitely not turning off my JS. I browse way too much.
nls Mar 16, 2011 at 5:03 am
Hotfix? And how they intend to release it? My carrier does not release every fw version, I always hated this way of distribution...
a77boy Mar 16, 2011 at 6:21 am
Are you guys dumbasses? So a problem was found and RIM is doing what it needs to do to fix it. It's no big deal. Disable java for a few days and your fine. Don't disable it and I'm sure your still gonna be fine. You act like it's the end of the world. Windows has a million security flaws! How often is your shit being stolen and jacked. seriously.... And no they are not gonna write a whole new os and run it through the carriers. A hot fix generally implies that they will post up a file for you to download and execute. Just chill already, use some common sense. You wanted a better browser so rim gives it to you, so this is the price you gotta pay. Not the end of the world.
The Consigliere Mar 16, 2011 at 7:59 am
One of my favorite quotes is "Common sense isn't so common." This is probably one of those times, I agree with you, it's not the end of the world though I can't really speak on this issue because I'm running 5.0 but it does sound like RIM is on it & doing what they can do fix this issue. They could have done what other companies do & simply deny but no, they've admitted it and seem to be working on fixing this issue. Everyone just needs to relax, here's another quote for ya "the world went & got itself in a big damn hurry."
yacoby54 Mar 16, 2011 at 9:04 am
I would like you to tell me when is the last time that there was an OS "hotfix" where they offered you a file to download to fix a problem?
I am really curious to hear your answer because this has never been done and will never be done with a core function of the BB OS.
It will require an OS upgrade, granted this upgrade may not take 6 months to get approved by the carriers but it still will have to get their approval.
dodger_moore Mar 16, 2011 at 9:37 am
Well said. It was getting quite painful reading the 'oh noes!!' kneejerk reactions above.
zainalrockyou Mar 16, 2011 at 6:39 am
@a77boy:I'm a newbie, just got my 9780 a few days ago...I've got a question, where to get the hotfix? Where will RIM post this file you've mentioned that we can download and execute? Thanks...
JonB74 Mar 16, 2011 at 1:22 pm
"Just remember, in doing this you'll end up having a less than optimal browsing experience"
BWAHAHAHAHAHA like the BB browsing experience is even close to 'optimal' Too funny