Two researchers have demonstrated how they were able to sniff email messages and other data sent to a PlayBook tablet from a Bridge-connected BlackBerry smartphone. This is news given RIM's (NASDAQ: RIMM) marketing of the PlayBook as an enterprise-ready tablet, as well as its portrayal of the Bridge functionality as being a more secure option than what is offered by cloud-based rivals.

Using an app installed on the PlayBook, researchers Zach Lanier and Ben Nell of the Intrepidus Group were able to retrieve the authentication token sent between a paired BlackBerry smartphone and PlayBook. This was then used to connect to the PlayBook as an unprivileged user. While the additional step makes an attack cumbersome to implement, hackers could theoretically compromise a vulnerable PlayBook using a mobile exploit or by means of a Trojan horse.

As reported by Threatpost, the task of snatching the authentication token was made easy given the fact that it was placed in a known location and globally accessible. RIM has countered that the seriousness is mitigated by the inherent complexity, and the fact that there is no known exploit at the moment. In a statement issued by the company, RIM also says that the Bridge flaw will be fixed in PlayBook OS 2.0, which is currently scheduled to be released sometime in February.

This latest weakness comes on the heels of a jailbreak tool that was released for the PlayBook last month. While a fix was swiftly released to address the flaw used by the jailbreak, it has drawn attention to how the PlayBook is not impervious to security problems.

For more:
- check out this article at Threatpost
- check out this article at PC Mag

Related Articles:
PlayBook OS 2.0 with Android capability coming soon
RIM gets good marks for PlayBook 2.0 at CES