Apps on the PB without AppWorld? Not so much... But getting them off the PB??
Seems getting them off the PB isn't too huge a task... :P
Take a look at the screenshot below...
Additionally if I take the SWF file and host it on a web server, the application is fully playable in the browser!! (Tested People on my lawn and Doodle Blast)
This isn't as useful as being able to load applications people in the community have made and wish to release on their own timetable vs App Worlds approval process... Hopefully RIM will go the same was as Google and their BB OS and allow us to download installation packages from sources outside App World.
Would make it MUCH easier for enterprise customers to develop their own internal apps and roll them out to employees on a quick easy basis...
Last edited by HaTaX; 04-29-11 at 03:00 PM.
- CrackBerry Newbie
04-29-11, 08:06 AM #5
- 9 Posts
- 0 Post(s)
- 0 Thread(s)
I just copied a SWF (splashback.swf a game) to downloads (on the playbook), navigated from the browser on the playbook to file:///accounts/1000/shared/downloads/splashback.swf and was able to play the game!
Posted from my CrackBerry at wapforums.crackberry.com
- 04-29-11, 09:57 AM #7
Is there any evidence these were "taken off" a PlayBook?
Or were the downloads intercepted? Apparently the App World data downloads (as opposed to the metadata and other interactions with the server) are done over HTTP. This is an issue some of us have just been analyzing in the dev forums.
Would be nice to see confirmation that this was the approach used. Anyone know? I'd be surprised if this really came off the PlayBook after it was installed there.
- 04-29-11, 10:14 AM #9
I'm sorry if my remark came across as snarky. I guess i had trouble believing it was this easy to get stuff off a PlayBook. Which isn't a good thing at all. These swfs can be run through a decompiler which means it's apparently super easy to steal someone else's code.
- CrackBerry Addict
04-29-11, 10:44 AM #10
- 502 Posts
- 0 Post(s)
- 0 Thread(s)
Confirmed. It appears that performing a full backup using DM creates a ".bbb" file. The bbb file is a zip archive, and it contains not only app data, but also application binaries.
Last edited by Marc_Paradise; 04-29-11 at 11:03 AM.
- 04-29-11, 11:55 AM #12
Yeah, this is not cool. I wonder if the paid apps have some kind of better security on them. Stuff like this will discourage developers from writing apps for the PlayBook.
- 04-29-11, 11:58 AM #14
- 04-29-11, 12:01 PM #16
well, you'd need to have a really good idea of swf decompiling to get this done.
A lot of apps also have Playbook specific features (QNX) which takes away the ability to run in a browser...
Its still a really bad thing either way.
- 04-29-11, 12:35 PM #17
Marc is correct! That was the easy enough spot to snatch them from as it was very low hanging fruit... But it was also in the task of figuring out which other files have been not encrypted fully when on the desktop.... (Hint for people wanting to really get under the hood of it)
TheMarco, I just got snippy because it was the second time you had followed up one of my posts with a throwaway statement of it being false. Thanks for the feelings behind the post, I personally would have thought things to be better wrapped then this as well.
Not all of the applications are as exposed as these two, they just happened to have the raw SWF in the backup file created. Once I looked in the backup file and saw it started with hex: 504B, I knew it was just a renamed ZIP file...
Even if it's a little disconcerting to people out there, the more knowledge we all have of the platform, the better... Only one way things like this can be fixed!!
BTW, Flash files and links are dead now... Point proven...
- CrackBerry Abuser
05-07-11, 12:27 PM #20
- 108 Posts
- 0 Post(s)
- 0 Thread(s)
The sad thing is hackers and piracy will always exist.
No matter what, the playbook will be hacked in the future (as it becomes more popular) and there will be some type of jailbreak method just like the iOS.
Look at all the devices out there that have been jailbroken or hacked: PS3, XBOX 360, psp, nintendo ds, ipad, android, etc.....
There are warez games/apps for the RIM everywhere. The Playbook is the next target.
Not sure there's much worth pirating at the moment.... But you're correct, it probably will be getting attention in the near future.
Interesting thing is that with BBs, RIM has always allowed you to side load applications from any source. If you can't get it on App World, you can just go to an OTA site hosting the JAD and needed files, and load to your hearts content.
With the PlayBook they don't seem to have that same ability to load applications from wherever... Kind of sucks when developing applications as its a pain to move them over to the tablet to test, with the BBs I could just throw them on a webserver, load them up and test. The tablet requires debugging tokens and all that fun stuff, need to get keys from RIM, etc...
- 05-07-11, 01:29 PM #22
On the PlayBook you can also test with the files sitting on some server I've been told. You can specify the start page in your config.xml (for webworks anyway) and this can be on some other server. I haven't tried this myself yet though but a RIM rep said it should work on the dev forum.
Also, RIM is working on a way to at least prevent code theft in the near future. This too was said on the dev forum. I've even shared some ideas there on how to do it that got picked up by a RIM rep. Hope they'll get it implemented soon!
- 05-07-11, 05:54 PM #24