Feeds

Meet the BlackBerry wizardry that created its 'better Android than Android'

The ingenious hack that throws the company a lifeline

Internet Security Threat Report 2014

Exclusive Some remarkable technical wizardry lies behind BlackBerry’s Android coup. When it was launched in January, BlackBerry’s new OS was brand new BlackBerry 10 and largely app-less. But today it can execute Android apps at impressive speed. How did they do it? Thanks to some helpful inside knowledge, The Register will reveal it all.

Android runs Java applications on a JVM called Dalvik, which runs on a Linux kernel. As it's open source, Dalvik was straightforward to port to QNX, the sophisticated embedded Unix that RIM acquired in 2010, and which powered its PlayBook tablet (released the same year).

RIM promised that this Android Player would also appear on its first QNX-based phones. But not all apps could run, and there was an insurmountable stumbling block in the way. Android apps may also call native extensions, which are ARM Linux binary libraries. And there was no way of running these on the phones - so the apps couldn’t run either.

At first, RIM’s engineers attempted to support native extensions by making BB10 another build target for extensions developers. They would choose BB10 as a target at compile time. But this required persuasion. And unless the developer bought into the idea, Android apps that called these Linux ARM extensions wouldn’t run. Even then, the BlackBerry system could not allow side-loading of native apps. It didn’t look like the Android Player would ever be truly worthwhile.

'Binary blobs'? No probs

But one or two RIM engineers were convinced they could bridge this gap between native QNX and Linux code. They would attempt to run the Linux extensions natively on QNX, without recompilation or pre-processing. Nobody was quite sure it would work - one source says he was “90 per cent sure” - but management supported the gamble, and the team set about their work in the summer of 2012.

While Linux and QNX are “Unix like”, that hardly helped. The Linux extensions looked like “binary blobs”, so the RIM engineers couldn’t be sure what was code and what was data. Which meant they couldn’t inspect and patch the Linux libraries on the fly, something called opcode substitution. It also ruled out pre-processing.

"We had to let the SWIs trigger live and discern whether it came from a Linux binary or a QNX binary at runtime, without sacrificing performance of QNX code," a source familiar with the work told us:

“Our work used a wide, labour-intensive component: dynamic cross linking, validating and shimming of the Linux APIs on QNX, and a really deep and tricky hack: catching syscalls in apps that bypassed libs, or had libs statically linked.”

"Linux and QNX used the same ARM SWI instruction, but passed the syscall number in different registers.”

Surprisingly, perhaps, gaming applications proved the easiest to get running smoothly. There were more hurdles, however.

"Skype and Instagram were much more insinuated into Android services and required a lot more work. I believe one of Skype or Instagram even had self-modifying code as part of its security obfuscation, which would have killed any strategy that involved translating the binaries,” our source told us.

Nevertheless the team could demonstrate unmodified Skype, Instagram and Angry Birds Android apps to management and got the green light to productise their work. In BB 10.2.1, which is currently in beta testing, we can start to see the benefits.

As I wrote here modern BlackBerry machines will be able run Android apps in place without side-loading. Users can download Instagram and it works. The miracle of compatibility is thanks to the extensions support.

It’s an ambitious “hack” - in the old-school sense of the word, an ingenious piece of wizardry - that has thrown BlackBerry a lifeline. And just when it needs it. Here’s hoping it’s a reminder to BlackBerry’s new management to appreciate the talent of its engineers. ®

Remote control for virtualized desktops

More from The Register

next story
Euro Parliament VOTES to BREAK UP GOOGLE. Er, OK then
It CANNA do it, captain.They DON'T have the POWER!
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Post-Microsoft, post-PC programming: The portable REVOLUTION
Code jockeys: count up and grab your fabulous tablets
Twitter App Graph exposes smartphone spyware feature
You don't want everyone to compile app lists from your fondleware? BAD LUCK
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
prev story

Whitepapers

Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
5 critical considerations for enterprise cloud backup
Key considerations when evaluating cloud backup solutions to ensure adequate protection security and availability of enterprise data.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.