Joined: Aug 07, 2001
Posts: > 500
From: Oslo, Norway
Both Apple iPhone and BlackBerry Torch 9800 was hacked at the pwn2own hacker contest last week. The new iOS 4.3 solved the problem for Apple but RIM, the BlackBerry manufacture has not managed to release a security fix. Research in Motion acknowledge the vulnerability but has not received any reports that the vulnerability has been successfully exploited and BlackBerry smartphones.
The WebKit engine is to blame for the vulnerability. A BlackBerry must browse to a website maliciously designed by an attacker. The WebKit engine is also used by Apple iOS and Android operating system. The result of a successful exploit would let the attacker access user data stored on the media card and in the built-in media storage, but email, calendar and contacts would not have been accessible.
RIM has later released an updated version of the BlackBerry OS for the phone models having the security issue, but the new update did not solve the problem. RIM has two temporary solutions for those owning one of either Torch 9800, Style 9670, Bold 9700, Bold 9650, Curve 9300 or Pearl 9100 models.
- Disable the BlackBerry browser. This solution is for BlackBerry Enterprise Server administrators.
As of March 15th 2011 no permanent solution to the security issue has been release by RIM