Research in Motion just cannot catch a break with their tablet, the Playbook. Not only are sales lagging behind Apple and Android offerings, forcing RIM to cut pricing to $299; but now security researchers have discovered email and other personal information could be stolen via malware. The security weakness is exploited using Playbook Bridge, a software designed to link to a Blackberry phone via Bluetooth. While Bridge protects information in transit, a file readable by any native application on the Playbook contains the users BBM username and password. A rouge application could potentially read this file and use the contained credentials to retrieve any information stored in the user’s BBM account.
RIM has acknowledged the vulnerability and promised a fix in the upcoming Playbook OS 2.0 update, which is due to be released in early February 2011. RIM has also recommended that users avoid installing applications from untrusted sources, which will reduce the risk of exposure.