04-29-2011 09:31 AM - edited 04-29-2011 09:44 AM
I'm not sure if this is legitimate or not, but if it is.. Basically it looks like someone found a way to pull apps off of the playbook, extract the .swf and load them via a website.
edit - If the swf can be extracted, thats one steps closer to decompiling..
Solved! Go to Solution.
04-29-2011 10:01 AM
I posted a reply there asking this:
Is there any evidence these were "taken off" a PlayBook?
Or were the downloads intercepted? Apparently the App World data downloads (as opposed to the metadata and other interactions with the server) are done over HTTP. This is an issue some of us have just been analyzing in the dev forums.
Would be nice to see confirmation that this was the approach used. Anyone know? I'd be surprised if this really came off the PlayBook after it was installed there.
04-29-2011 10:23 AM
04-29-2011 10:39 AM - edited 04-29-2011 11:04 AM
Confirmed. It appears that performing a full backup using DM creates a ".bbb" file. The bbb file is a zip archive, and it contains not only app data, but also application binaries.
04-29-2011 10:59 AM
04-29-2011 11:02 AM
At very least the backups should be encripted!
The brings up another interesting problem. I wonder how many enterprising individualks got a free PlayBookl by simply re-packaging freely available swf's. I don't want to accuse anyone but there are various versions of the Doodle Blaster game in the wild. There is one here that looks identical to the app in AppWorld but with an introduction countdown sequence.
I worked damned hard on my app and I don't want some joker to repackage it as their own work.
04-29-2011 11:10 AM
04-29-2011 11:11 AM