The BlackBerry PlayBook is Research In Motion’s foray into a new mobile operating environment. Featuring TabletOS, built on the QNX RTOS and a user experience built predominately on the Adobe AIR platform, the PlayBook quickly stirred up critical reactions — but also praise, having been certified for use by the U.S., Australian, and Russian governments. But what *is* the PlayBook? QNX? TabletOS? What, from a security perspective, makes it so special?
In this talk, we will present our objective security analysis of the BlackBerry PlayBook, exploring network and application attack surfaces, documented and observed security controls, and findings from our initial assessment. We will go on to discuss how existing application assessment methodologies can be applied to mobile applications designed to run on the PlayBook platform.