03-11-2012 02:24 PM
Just this morning I picked up on this new warning that just came out...
This has to do with being able to run Android from what I have interpreted.
03-11-2012 03:18 PM - edited 03-11-2012 03:21 PM
No, it affects non-Android as well.
As it says, "A successful attack could result in RCE in the context of the browser on a BlackBerry PlayBook using the BlackBerry PlayBook browser." That means that the exploit could get access to whatever the PlayBook browser has access to, which is probably the entire shared/ folder space, so it could read (or perhaps modify) any of your files there.
Likewise, it affects the browser inside the Android runtime, if you're using that browser to access the malicious website.
Note that, because of the "sandboxing" of apps within the OS, data that's inside other apps should be safe (unless one of those apps actually uses the QNXStageWebView component itself (many do) and allows you to visit the bad site, and you do so.)
03-11-2012 09:22 PM - edited 03-11-2012 09:24 PM
People like myself who do sensitive tasks that are web based must be very careful. With our tablets, when outside of our office we are doing investment management, and other critical business tasks. The solid reputation for Blackberry security is the primary reason why we use only Blackberry phones and the tablet for mobile use.
I rarely do browsing of many different web pages without looking for something specific for investment, or industrial, or scientific information and services. Normally I am using the same groups and types of web pages. But, I am conserned from that warning notice.
I am wondering if there is a way to block Android applicaitions from loading on their own, or at least have a warning that something is trying to install itself with the option to block it, as like we get with Windows 7.
03-11-2012 10:35 PM
03-12-2012 07:54 AM - edited 03-12-2012 07:57 AM
Thanks for the clarification. I re-read the article, and now with your explanation it's more clear to me.
Is possible that a malware type webpage can install something in to the Blackberry device without the user being aware? Or, does any installation have to have the user approve it no matter what?
I also realize that if the user visits reputable sites there is extremely low chance of having any problems anyway...