Forgot your password?
typodupeerror
Blackberry Hardware Hacking Security Build IT

PlayBook Jailbreak Tool Released 60

Posted by timothy
from the hacksaw-is-in-the-cake dept.
Trailrunner7 notes that some dedicated hackers who've been working on jailbreaking RIM's PlayBook tablet have now "posted a detailed walkthrough of how users can accomplish the same task on their own. The technique requires the use of a custom tool, but otherwise is fairly straightforward. One of the researchers, known as Neuralic, posted the walkthrough to Pastie.org Tuesday morning. In order to begin the process, a PlayBook user need to first install the beta 2.0 version of the PlayBook software and then install the Dingleberry tool, which exploits a weakness in the PlayBook architecture which stems from the fact that the backups the device takes aren't signed."
This discussion has been archived. No new comments can be posted.

PlayBook Jailbreak Tool Released

Comments Filter:
  • That's great but.... (Score:5, Interesting)

    by bigredradio (631970) on Tuesday December 06, 2011 @02:11PM (#38282532) Homepage Journal
    Hey, good job on the hack. But how many people own a PlayBook?
  • by Anonymous Coward on Tuesday December 06, 2011 @02:12PM (#38282542)

    I remember the days when you'd go buy a computing device and it would just be yours, without the need to "jailbreak" it.

    Guess it'll be a nice memory to tell my grandkids about someday: the time before megacorps took over our computing devices (and we all let them).

    • PCs still exist (Score:5, Insightful)

      by tepples (727027) <tepples@gmaiBLUEl.com minus berry> on Tuesday December 06, 2011 @02:15PM (#38282592) Homepage Journal

      I remember the days when you'd go buy a computing device and it would just be yours, without the need to "jailbreak" it.

      PCs still exist, as do Android tablets. Locked-down computing devices likewise have existed since the Atari 7800 and NES were introduced in the mid-1980s. The more things change, the more they don't.

      • by Pope (17780)

        The 7800 and NES were gaming consoles. WTF is a "computing device?"

      • by StikyPad (445176)

        Ataris and NESs weren't locked down, which is largely an advent of code signing and really only became popular within the last decade or so. It was somewhat impractical to write your own software, true, but if you wrote it, the system would run it.

        • by tepples (727027) <tepples@gmaiBLUEl.com minus berry> on Tuesday December 06, 2011 @03:18PM (#38283362) Homepage Journal

          Ataris and NESs weren't locked down, which is largely an advent of code signing

          Atari 7800 cartridges were signed.

          It was somewhat impractical to write your own software, true, but if you wrote it, the system would run it.

          NES and Super NES had an entirely separate bus for the CIC (checking integrated circuit) microcontrollers. This allowed a couple "lock-on" games to be published that have their own ROMs but connect the CIC bus to a passthrough cart slot to use a licensed game's key. A few other NES games had charge pumps to generate out-of-spec voltages that would stun the lock CIC in the console; the Super NES had a bit better protection circuitry to foil that. One company ended up getting slapped down in court for having defrauded the US Copyright Office to get the source code of the program that ran on the key CIC.

          • by StikyPad (445176)

            Ok, I learned something new (or maybe relearned something, since I recall there was something about an adult game being published on the 2600 which led to the protections on the 7800). At any rate, I stand corrected. Thanks for that educational post.

        • Ataris weren't, but the NES originally were. The 10NES chip was a lockout device protected by patent and copyright.
        • by DarkOx (621550)

          Actually the NES did have a crude DRM system, 10NES lockout, Nintendo might have invented the concept of DRM in consumer devices....

      • by sootman (158191)

        >> I remember the days when you'd go buy a computing device and
        >> it would just be yours, without the need to "jailbreak" it.

        > PCs still exist, as do Android tablets.

        Maybe he meant, like, earlier today. Though I don't see why remembering something from earlier in the day is worth mentioning on a public forum.

    • by Pope (17780)

      I remember the days when you'd go buy a computing device and it would just be yours, without the need to "jailbreak" it.

      Guess it'll be a nice memory to tell my grandkids about someday: the time before megacorps took over our computing devices (and we all let them).

      I see. And you wrote your own BASIC interpreter, machine language monitor and compiler, I/O drivers, and every application and game that you needed?

      Give me a break.

      • by DarkOx (621550)

        No that his point exactly. You'd buy the machine and the manufacturer would give you a BASIC interpreter, machine language monitor and compiler, I/O drivers.

        You were entirely free to develop any application you needed or source if from elsewhere, with no deliberately crafted impediments by the manufacturer. There were also no deliberate impediments to replacing the BASIC interpreter, monitor program, I/O drivers etc, but its equally unlikely they went out of their way to make easy to do so, by putting th

        • by Pope (17780)

          One can currently buy a computer to do all those things, and more, today. Buying a tablet assumes a trade-off in capabilities vs. a personal computer. GP is whining about an imaginary situation. I might as well complain about the lack of flying cars and rocket belts promised to my parents.

  • by gstoddart (321705) on Tuesday December 06, 2011 @02:15PM (#38282594) Homepage

    No wonder people are unwilling to use OSS tools when they have such horrible names.

    I mean, really, when you pick a word like that [urbandictionary.com] normal people are going to stay away from it.

    Seriously, that's just nasty.

    • In terms of preferred names of tools, groups, individuals, etc. the jailbreaking scene, whatever license they happen to release their software under, really seems to resemble the warez release guys more than OSS. The latter certainly have more than their share of ill-polished nerd jokes, and generally tend not to take marketing's advice on strategic blandness very seriously; but the former intentionally seek out and adopt directly offensive, tasteless, or vaguely threatening names for things.
      • by hxnwix (652290)

        In terms of preferred names of tools, groups, individuals, etc. the jailbreaking scene, whatever license they happen to release their software under, really seems to resemble the warez release guys more than OSS. The latter certainly have more than their share of ill-polished nerd jokes, and generally tend not to take marketing's advice on strategic blandness very seriously; but the former intentionally seek out and adopt directly offensive, tasteless, or vaguely threatening names for things.

        viz. Back Orifice [wikipedia.org]

    • by Baloroth (2370816)

      Well, Apple officially named their tablet device an iPad, and the oft used name for the iPod touch is the "iTouch."

      And, of course, there is the everpresent Nintendo Wii. Dingleberry is hardly alone in the odd, somewhat disturbing names in the tech world.

      • iPad was a pretty lousy choice, but iTouch isn't too bad on it's own. Now if they made a version designed for children ... Although it might allow them to get greater penetration in the Catholic priest market segment.
        • by TripleP (525879)
          Although it might allow them to get greater penetration in the Catholic priest market segment.

          Typically it isn't the priest being penetrated...
  • I am really wondering if the developers/hacking community were chomping at the bit to find an excuse to use the term 'Dingleberry'?

    Then again, they've probably used it on other occasions...
  • by ad454 (325846) on Tuesday December 06, 2011 @02:31PM (#38282788)

    If one is unfortunately enough to get a NFC capable Blackberry phone, such as the Bold 9900, from AT&T or T-Mobile, good luck trying to get NFC to work.

    Is it disabled within the Blackberry OS, based on Vendor ID, at the request of these horrible carriers, even though other carriers enable it for those exact same phones. And currently isn't any jailbreak or hack to enable it. (Older unbranding tools like MFI don't work on these newer phones.)

    Actually RIM is the worst smart phone company when it comes to deliberately disabling features and functionality at the request of carriers, especially compared to Apple, Google, and Microsoft. With that type of regard for their end users, I hope they continue imploding and go bankrupt soon.

    • by monzie (729782)
      BB OS 7 ( really OS 6.1 ) is a proprietary OS. Even if you jail-broke it I am not sure you could do much with it ( assuming it is technically possible to do so ) QNX is a Unix realt-time OS [wikipedia.org] and one could do potentially a lot more with a jail-broken Unix device. Let's wait for the QNX based Blackberry phones [cnet.com] ("BBX") to come out and then it could/would probably be jail-broken.

      On a side-note: The current BB OS 7 based phones are good, but I would rather wait till the QNX based phones come out and then start

      • According to their website, more reliable than Wikipedia, QNX is POSIX-compliant but very definitely NOT UNIX.

        It is also nice, and looks like a very solid platform for BB in future - if they are allowed to have a future.

    • by OlivierB (709839) on Tuesday December 06, 2011 @03:32PM (#38283548)

      Completely agree
      I have a Blackberry purchased SIM free (i..e without contract) and that I happen to use on Vodafone in the UK.
      Turns out that the Podcast app's auto-download and syncing function is disabled by Vodafone!

      WTF? My phone and my money; I pay for 1GB of data it should be my choice if I want to use all of that on Care Bears podcasts for all I know.

      I love my BB but RIM is just bending over backwards to carrier requests. The Storm was also a half-assed attempt at a touchscreen phone from a Vodafone request as they had missed out on the iPhone (o2 was exclusive at the time).

      RIM grew half a testi with the playbook's bridge function, but the operators gave them a black-eye and decided not to sell the tablet.

      Rim needs to realize that customers buy phones now, no longer just corporate purchase departments.
      I don't give a rat which network my phone's on, but I care about my terminal.

      I am your client RIM, listen to *me*, I'm your customer, the carrier's not your customer.

      • What's RIM got to do with your woes? Your carrier made a custom ROM image and loaded it on your phone. Shrug. You know... you could go ahead and load another carrier's ROM or any of a dozen hybrid custom ROMs on your phone. Either you get the functionality you're looking for or the carrier BLOCKS it.
  • by Anonymous Coward

    They should trumpet the jailbreak. It would help their sales on the playbook.

  • Am I the only one who initially thought that this was an instruction manual on how to break out of jail?
  • ???? I do not get it. I understand that bashing RIM is "a la mode" these days, but I think it is an overkill. Any device can be hacked when it is locally accessible. Any. There is no architecture that can withstand an attack if it can be performed while having physical access to the system. It is just a question of time and tools. And for many consumer devices it is just not practical - not too many people are interested in jailbreaking Panasonic microwaves.

    The quality of the architecture is determined how

    • by Anonymous Coward

      ???? I do not get it. I understand that bashing RIM is "a la mode" these days, but I think it is an overkill. Any device can be hacked when it is locally accessible. Any. There is no architecture that can withstand an attack if it can be performed while having physical access to the system.

      This isn't really true. Ever jailbreak I've investigated has been the result of a flaw or the security model or a bug in some trusted component. It's entirely possible to build a rock-solid system that takes insane levels to jailbreak it. The cost-benifit ratio works out such that it's never done for consumer level equipment, but there are absolutely bits of technology out there where all hacking it would result in is a pile of useless silicon.

      • by narcc (412956)

        Ever jailbreak I've investigated has been the result of a flaw or the security model or a bug in some trusted component.

        The "flaw" has already been patched in the latest OTA update.

  • by Linegod (9952) <pasnak@warpedsystems. s k .ca> on Tuesday December 06, 2011 @06:34PM (#38285718) Homepage Journal

    It is a privilege escalation to a 'root' user, which in this context is equivalent to an 'admin' user.

    In short, using an insecure backup/restore process, it changes the ability for root to login via ssh. No bootloader access, no 'jailbreak'. From there, all you get is what you could have done by developing an app.

    As you could always load an app directly onto your Playbook, this is not all that impressive.

    I have come to expect it from Crackberry, but though /. would have a critical eye.

  • Not a troll, I genuinely want to know what benefit it is. You can already load any software, there aren't custom distros of the OS to load, you aren't tied to an 'App Store', so how useful is this really? I also notice that it requires a beta of the OS, so how long-lived will this 'jailbreak' be? Is it something RIM can fix before releasing 2.0 to the general public?
    • by narcc (412956)

      so how long-lived will this 'jailbreak' be?

      It's already been patched.

      • by rikkards (98006)

        Don't know if it's patched but I tried it last night and it looks to be a conflict between DingleBerry and the Blackberry Desktop Manager. When one accesses the playbook the other can't see it. You also need to install the 2.0Beta before doing anything. Actually I look of it better than the production one.

    • by rikkards (98006)

      How do you load software without using the App Store? I didn't know you could do that.

  • It seems it didn't take long for RIM to take action: http://goodereader.com/blog/tablet-slates/rim-plugs-dingleberry-hole/ [goodereader.com]

    "RIM ensured DingleBerry did not get the chance to make merry for too long. For no sooner had the DingleBerry app come into existence, RIM is back to seize the initiative with a fix that effectively plugs the hole that the DingleBerry developers had exploited to sneak past the PlayBook defenses. So those who had sought to gain root access to their PlayBook tablets, well RIM ensured they

    • by rikkards (98006)

      Except that patch is for v1. You need to be running v2 to be able to use Dingleberry. Chances are there is a corresponding patch for 2 as well.

"Whoever undertakes to set himself up as a judge of Truth and Knowledge is shipwrecked by the laughter of the gods." -- Albert Einstein

Working...