Welcome to the CrackBerry Forums Create Your Account or Ask a Question Answers in 5 minutes - no registration required!
Results 1 to 24 of 24
  1. HaTaX's Avatar
    CrackBerry Master

    Posts
    1,400 Posts
    Thread AuthorThread Author   #1  

    Default Apps on the PB without AppWorld? Not so much... But getting them off the PB??

    Seems getting them off the PB isn't too huge a task... :P

    Take a look at the screenshot below...

    Additionally if I take the SWF file and host it on a web server, the application is fully playable in the browser!! (Tested People on my lawn and Doodle Blast)

    This isn't as useful as being able to load applications people in the community have made and wish to release on their own timetable vs App Worlds approval process... Hopefully RIM will go the same was as Google and their BB OS and allow us to download installation packages from sources outside App World.

    Would make it MUCH easier for enterprise customers to develop their own internal apps and roll them out to employees on a quick easy basis...
    Attached Thumbnails Attached Thumbnails Apps on the PB without AppWorld?  Not so much... But getting them off the PB??-extracted-air-doodleblast.png  
  2. Chipchop's Avatar
    Banned

    Posts
    96 Posts
    #2  

    Default

    cool story dude
  3. TheMarco's Avatar
    CrackBerry Addict

    Posts
    647 Posts
    Global Posts
    1,347 Global Posts
    #3  

    Default

    url or it didn't happen.
  4. HaTaX's Avatar
    CrackBerry Master

    Posts
    1,400 Posts
    Thread AuthorThread Author   #4  

    Default

    Quote Originally Posted by TheMarco View Post
    url or it didn't happen.
    Open this on your PB.... Double tap to make them full screen...

    *REMOVED*

    *REMOVED*

    Can we be done with the posts like this now?

    (I will be removing the links and files shortly, and both are free apps...) (Links are now removed as promised)
    Last edited by HaTaX; 04-29-2011 at 02:00 PM.
    Thanked by:
    howarmat (04-29-2011) 
  5. p9v4's Avatar
    CrackBerry Newbie

    Posts
    9 Posts
    #5  

    Default

    I just copied a SWF (splashback.swf a game) to downloads (on the playbook), navigated from the browser on the playbook to file:///accounts/1000/shared/downloads/splashback.swf and was able to play the game!

    Cool...

    Posted from my CrackBerry at wapforums.crackberry.com
    Thanked by:
    boman06210 (04-29-2011) 
  6. HaTaX's Avatar
    CrackBerry Master

    Posts
    1,400 Posts
    Thread AuthorThread Author   #6  

    Default

    Now all we need to do is have someone whip up a nice file browser in javascript or something simple that we can put in the storage area and bookmark it... Could be used as a cheap & dirty launcher for stored files...
  7. peter9477's Avatar
    CrackBerry Genius of Geniuses

    Posts
    5,216 Posts
    Global Posts
    5,218 Global Posts
    #7  

    Default

    Is there any evidence these were "taken off" a PlayBook?

    Or were the downloads intercepted? Apparently the App World data downloads (as opposed to the metadata and other interactions with the server) are done over HTTP. This is an issue some of us have just been analyzing in the dev forums.

    Would be nice to see confirmation that this was the approach used. Anyone know? I'd be surprised if this really came off the PlayBook after it was installed there.
  8. Technerd.McLeod's Avatar
    CrackBerry Master

    Posts
    1,421 Posts
    Global Posts
    1,422 Global Posts
    #8  

    Default

    Quote Originally Posted by HaTaX View Post
    Open this on your PB.... Double tap to make them full screen...

    http://hatax.home.comcast.net/~hatax/bb/PeopleOnMyLawn.swf

    http://hatax.home.comcast.net/~hatax/bb/DoodleBlastBB.swf

    Can we be done with the posts like this now?

    (I will be removing the links and files shortly, and both are free apps...)
    You can even play them on your computer from the .swf files. I'm doing that right now.
  9. TheMarco's Avatar
    CrackBerry Addict

    Posts
    647 Posts
    Global Posts
    1,347 Global Posts
    #9  

    Default

    I'm sorry if my remark came across as snarky. I guess i had trouble believing it was this easy to get stuff off a PlayBook. Which isn't a good thing at all. These swfs can be run through a decompiler which means it's apparently super easy to steal someone else's code.
  10. Marc_Paradise's Avatar
    CrackBerry Addict

    Posts
    501 Posts
    PIN
    PMMe
    #10  

    Default

    Confirmed. It appears that performing a full backup using DM creates a ".bbb" file. The bbb file is a zip archive, and it contains not only app data, but also application binaries.

    Reference:
    Last edited by Marc_Paradise; 04-29-2011 at 10:03 AM.
    Try BBSSH, an open source SSH and Telnet client for Blackberry devices.
  11. tensioncore's Avatar
    CrackBerry User

    Posts
    11 Posts
    #11  

    Default

    They really ought to step up the security game for us Devs.

    I dislike this - damn there's no dislike button
    Bold 9900/Z10 Special Edition
    Playbook
  12. Bulldawg's Avatar
    CrackBerry Abuser

    Posts
    265 Posts
    Global Posts
    266 Global Posts
    PIN
    32FB78E5
    #12  

    Default

    Yeah, this is not cool. I wonder if the paid apps have some kind of better security on them. Stuff like this will discourage developers from writing apps for the PlayBook.
  13. tensioncore's Avatar
    CrackBerry User

    Posts
    11 Posts
    #13  

    Default

    No this applies to all apps available on the device....

    The only step of security further than *none* is protecting your app via licensing....
    Bold 9900/Z10 Special Edition
    Playbook
  14. Smiley88's Avatar
    Developer - ToySoft

    Posts
    3,715 Posts
    #14  

    Default

    Quote Originally Posted by Bulldawg View Post
    Yeah, this is not cool. I wonder if the paid apps have some kind of better security on them. Stuff like this will discourage developers from writing apps for the PlayBook.
    There isnt anyway to protect PB apps like BB dynamic key generation. If rim doesnt fix this soon we will see all the paid apps on pirate sites.
    BB10 Native Developer. Web www.toysoft.ca BBM Channel bbm:///C00445C5A
    Follow us @ http://twitter.com/toysoft or BlackBerry World
  15. EveryApp Mobile's Avatar
    CrackBerry Master

    Posts
    1,001 Posts
    Global Posts
    1,013 Global Posts
    #15  

    Default

    Quote Originally Posted by tensioncore View Post
    No this applies to all apps available on the device....

    The only step of security further than *none* is protecting your app via licensing....
    That still wouldn't protect the files. Someone could still just modify the swf so the licensing doesn't matter.
    Currently Developed Apps:

    EveryLock
  16. tensioncore's Avatar
    CrackBerry User

    Posts
    11 Posts
    #16  

    Default

    well, you'd need to have a really good idea of swf decompiling to get this done.

    A lot of apps also have Playbook specific features (QNX) which takes away the ability to run in a browser...

    Its still a really bad thing either way.
    Bold 9900/Z10 Special Edition
    Playbook
  17. peter9477's Avatar
    CrackBerry Genius of Geniuses

    Posts
    5,216 Posts
    Global Posts
    5,218 Global Posts
    #17  

    Default

    FYI, the developer forum thread for this discussion is here. If you have technical information to add/suggest, that would probably be the better place to do it.
  18. GoldenJoe's Avatar
    CrackBerry User

    Posts
    44 Posts
    #18  

    Default

    +1 reason for developers to abandon the PlayBook. Thanks for sharing.
  19. HaTaX's Avatar
    CrackBerry Master

    Posts
    1,400 Posts
    Thread AuthorThread Author   #19  

    Default

    Marc is correct! That was the easy enough spot to snatch them from as it was very low hanging fruit... But it was also in the task of figuring out which other files have been not encrypted fully when on the desktop.... (Hint for people wanting to really get under the hood of it)

    TheMarco, I just got snippy because it was the second time you had followed up one of my posts with a throwaway statement of it being false. Thanks for the feelings behind the post, I personally would have thought things to be better wrapped then this as well.

    Not all of the applications are as exposed as these two, they just happened to have the raw SWF in the backup file created. Once I looked in the backup file and saw it started with hex: 504B, I knew it was just a renamed ZIP file...

    Even if it's a little disconcerting to people out there, the more knowledge we all have of the platform, the better... Only one way things like this can be fixed!!

    BTW, Flash files and links are dead now... Point proven...
  20. Earthbrain's Avatar
    CrackBerry Abuser

    Posts
    108 Posts
    #20  

    Default

    The sad thing is hackers and piracy will always exist.

    No matter what, the playbook will be hacked in the future (as it becomes more popular) and there will be some type of jailbreak method just like the iOS.

    Look at all the devices out there that have been jailbroken or hacked: PS3, XBOX 360, psp, nintendo ds, ipad, android, etc.....

    There are warez games/apps for the RIM everywhere. The Playbook is the next target.
  21. HaTaX's Avatar
    CrackBerry Master

    Posts
    1,400 Posts
    Thread AuthorThread Author   #21  

    Default

    Not sure there's much worth pirating at the moment.... But you're correct, it probably will be getting attention in the near future.

    Interesting thing is that with BBs, RIM has always allowed you to side load applications from any source. If you can't get it on App World, you can just go to an OTA site hosting the JAD and needed files, and load to your hearts content.

    With the PlayBook they don't seem to have that same ability to load applications from wherever... Kind of sucks when developing applications as its a pain to move them over to the tablet to test, with the BBs I could just throw them on a webserver, load them up and test. The tablet requires debugging tokens and all that fun stuff, need to get keys from RIM, etc...
  22. TheMarco's Avatar
    CrackBerry Addict

    Posts
    647 Posts
    Global Posts
    1,347 Global Posts
    #22  

    Default

    On the PlayBook you can also test with the files sitting on some server I've been told. You can specify the start page in your config.xml (for webworks anyway) and this can be on some other server. I haven't tried this myself yet though but a RIM rep said it should work on the dev forum.

    Also, RIM is working on a way to at least prevent code theft in the near future. This too was said on the dev forum. I've even shared some ideas there on how to do it that got picked up by a RIM rep. Hope they'll get it implemented soon!
  23. BBThemes's Avatar
    CrackBerry Genius of Geniuses

    Posts
    5,369 Posts
    #23  

    Default

    while this is true, so is if your on android get the .apk and you can open it up and have all the code, so same deal i guess

    Thorsten said ZED 10. deal with it
    My Apps in BlackBerry World
    My Platinum 9900


    For all my themes - BBThemes.co.uk and follow me on @BBThemes1
  24. TheMarco's Avatar
    CrackBerry Addict

    Posts
    647 Posts
    Global Posts
    1,347 Global Posts
    #24  

    Default

    Quote Originally Posted by BBThemes View Post
    while this is true, so is if your on android get the .apk and you can open it up and have all the code, so same deal i guess
    Yes. Which is why code theft is rampant on Android. I'm hoping for RIM to do better here. And it looks like they will. They seem to have made this a priority issue.

Posting Permissions