Forgot your password?

RIM Recommends Disabling JavaScript in BlackBerry 6 for Security

BlackBerry Browser Vulnerability

I knew the exploit found in the BlackBerry 6 Browser at Pwn2Own would get a nice knee jerk reaction from RIM security. RIM was supposed to investigate to see if the vulnerability in the new BlackBerry 6 WebKit browser existed in new releases and it looks like they have. They have posted up a new Knowledge Base article talking about the new CVSS Score 6.8 vulnerability. The crazy thing is that RIM suggests and instructs users to disable JavaScript in the WebKit browser to protect themselves from this vulnerability.

That is a pretty tall order from RIM. The new BlackBerry 6 WebKit browser is THE best part of the BlackBerry 6 experience and it would not be so without JavaScript. I dare you to try it out. You will suddenly notice websites stop working left and right. Buttons you click on will stop working along with many other functions that require JavaScript.

I think this is a perfect chance for RIM to treat their actual customers right and run around the carriers with a quick marginal OS upgrade to fix the issue. RIM has for awhile had the ability to perform marginal updates compared to total OS updates. What do you think? The other option is for RIM to continue to recommend disabling JavaScript until every carrier puts out an updated OS build sometime in 2013.

Thanks Tim for the tip! via PocketBerry

7 total comments on this postSubmit your comment!
  1. Oh oh oh, next thing you know it, the “Torch” name will change…lol
    The glory of the BlackBerry OS 6 is in the web browser and it’s amazing abilities and features and now, they’re asking users to disable them, sounds more like riding a car without and engine to me…

  2. It is a sad day when a Blackberry gets hacked. Hopefully they will manage to patch this and any other vulnerability that might exist in the new Webkit browser.

    However, it’s not like rising a car without an engine. It’s more like riding in a car without power windows and doors. It still works, but it’s a little less user-friendly.

  3. Wtf having java script enabled is the best part of this phone. I love home seamless websites work. For all the readers of sites like BR it won’t be so bad as we get those beta OS’ but the regular folks that still have there head in the sand are the ones who are going to suffer waiting for an official version of a New OS. Rogers still hasn’t even released a new OS other then the first one that came with the phone.

    • There’s hardly any risk for consumers leaving JS enabled…

      It’s more of a corporate recommendation to protect corp data. It’s not like there are rampant attacks on random consumers through the BB6 browser, and even if there were, in most cases there is very limited useful information that could be stolen.

      Also rogers just recently released .448…

  4. I think RIM is missing the point here. As long as code exists, there will be hackers to get through it. Removing the software is not the fix, just make your device more secure. Improvements to software all over the world are made based on hackers. Granted, Java improvements have nothing to do with RIM, but how they implement/use Java is.

  5. This one’s a know brainer. It’s time for RIM to step up to the plate and start issuing point patches to fix this problem; disabling JavaScript is a bandaid solution and a bad one at that.

  6. “You will suddenly notice websites stop working left and right. Buttons you click on will stop working along with many other functions that require JavaScript.”
    So in other words, it’ll act like BlackBerry 5.0 browser which NEEDED JS disabled to have even marginal performance…

BlackBerry© is a registered Trademark of BlackBerry Limited. BerryReview is in no way affiliated with BlackBerry Limited though sometimes their lawyers send us love letters...

Copyright © 2007-‘2016’ BerryReview LLC