It really has been an embarrassing week for RIM. Besides this Playbook hack, there was the incident a few days ago in which two RIM executives (they are now former executives) were arrested for being drunk and disorderly on a flight to China.
I hope RIM again finds its footing in 2012.
Honestly, RIM is hanging on by a thread. Once they lose their security trust/cache in the corporate space, no one is going to lay their device next to an Apple device and say, "Yup, RIM wins this battle." Do you know anyone who chooses RIM for a personal device?
Sorry, why is it embarassing, or even a concern for RIM how Playbook owners use their devices?
A jailbreak tool is a bugfix: correcting the manufacturer's failure to provide the owner with full access.
For the business user, RIM's security is one of its big selling points. I doubt that many of those customers will think that the ability to exploit a security hole in the crypto is a bug fix!
Ask any corporate IT manager how he/she feels about users getting root access to company-owned IT assets and let us know what kind of replies you get.
RIM is certainly going downhill. They couldn't even secure the name of their next generation operating system, being force to change it from BBX to BlackBerry 10. This is a real bad oversight from the management team. RIM needs a huge overhaul of their management team if they want to stay in the game with Apple and Google.
In fairness to RIM, recent FORTUNE article clearly chronicles their arduous decisions to stick with their enterprise knitting at the expense of the hip smartphone market.
Yet, if RIM loses the faith of the IT dudes (as Frank Eory points out, above), they are yesterday's toast. Even though my corporate-issued Curve works pretty darn well. (I know: this hack is about a tablet, not a phone, yet guilt by association...or credibility lost...)
"RIM had previously stated that all of its mobile devices were rigorously tested by third-party security researchers every day"
It'll be interesting to know who the third-party are. It appears the third-party did a lousy job.
This is an important point, often overlooked: if you have physical access to a system, there are a lot more attacks that you can try than if you're trying to do it remotely. I'd really love for the writer to have followed up that aspect of the story. Does the security flaw they exploited even imply that it could be forcibly done to your device? now THAT would be newsworthy and relevant to RIM security in a way that this exploit really isn't.