Research in Motion is recommending that IT departments and users disable JavaScript on their BlackBerry devices, citing a vulnerability unearthed at this year's Pwn2Own hacker challenge.
RIM may rip a page from Google for PlayBook
According to RIM, the vulnerability could allow a hacker to access a device's user data through the BlackBerry Browser if the user visits a "maliciously designed" Web site. The vulnerability only affects devices that have BlackBerry OS 6 installed, since it can only be exploited in devices that utilize the WebKit browser engine. RIM first started remaking its browser for BlackBerry OS 6 in 2009, when it purchased open source Web browser developer Torch Mobile, whose flagship Iris Browser is based on the open source Webkit browser engine. Any BlackBerry devices that contain older versions of the BlackBerry operating system will not be impacted.
RIM says the vulnerability will only allow hackers to gain access to data stored on devices' media cards and built-in media storage and that it will not give hackers access to data on the application storage portion of the phone, such as user data stored by e-mail, calendar and contact applications. So far, RIM says it has seen no actual cases of anyone exploiting this vulnerability outside of a test environment.
RIM is providing IT departments with guidelines to disable JavaScript on several BlackBerry devices, including the Torch 9800, the Bold 9700 and the Curve 9300. If this fails, RIM recommends disabling the BlackBerry Browser on devices altogether until the vulnerability can be patched.
While RIM has traditionally made its name by providing airtight security to enterprise users, it has been forced in recent years by the success of Apple's iPhone and Google's open-source Android operating system to allow more open-source and third-party applications onto its devices. In addition to its use of the open-source WebKit browser engine, RIM is also reportedly weighing whether to let its upcoming PlayBook tablet run applications designed for the Android platform.
Mobile applications have become an increasingly popular feature of smartphones over the past couple of years, especially with the high-profile launches of application shopping centers such as Apple's App Store and Google's Android Market. The most recent survey data from research firm ChangeWave shows that 14% of smartphone users said that applications were what they liked best about new smartphones, followed by ease of use (12%) and Internet access (12%). Corporate e-mail access, which has long been RIM's bread-and-butter application, was considered the most important feature by 10% of users, the survey showed
