Related
Being a fan of Linux, and an Ubuntu user, I guess I thought Android was going to be a lot more openly tweakable, but from looking over these threads it looks like it's actually not that easy to do things that I would have assumed would be easily accessible tweaks... like theme/appearance/fonts/icons, etc... In fact it looks like some pretty intense hacking is going on with slow progress in bypassing , etc...
Maybe I'm not understanding correctly. I don't have the G1, but my girlfriend does and I've been enjoying it from over her shoulder... I guess I just expected something more 'open' along the lines of what I've become used to with Ubuntu.
I kind thought Android would be to iPhone, what Linux OS is to Apple OS, but it definitely doesn't seem like that's the case. It seems like Android is just as locked down as iPhone but with fewer apps and not-as-slick interface for the same price as an iPhone.
I had been thinking about getting this phone... maybe I just need to wait for more apps to come out?
Any thoughts?
As of right now we do have a little more opensource than anything else. And like all new software it will take time to learn what to do. Obviously people didn't get Mac OS 3 and immediatly know how to hack it so they could do things they weren't meant to do. And of course same goes with mobile phones. When WM5 came out they had to learn about the new OS and it takes awhile.
So far the freedom we have already surpasses that of any other. We have internet sharing (for those with root) that is far better than the old USB or BluetoothPAN method(which btw is going to be a new profile, it is in the source)
I am willing to bet that as soon as it hits 1.0 that we will see it go entirely open with the ability to flash the rom and all.
That makes sense... I just have to be patient Thanks for the reply!
Open source != open system.
Open source means just that... you can see the source code. That's it. It doesn't imply or confer any other right of access, and with most open source licenses the licensor (Google & HTC) is free to build closed systems just as locked down as one based on proprietary code. Many commercial systems (Android included) are underpinned by open source code for cost savings or stability/security reasons.
Edit:
what Linux OS is to Apple OS
Click to expand...
Click to collapse
That's comparing apples to oranges. Linux is not an operating system; it is an open source kernel on which an operating system can be built.
Fact of the matter is, OS X's Mach kernel is partially descendant from BSD, so you could say the center of OS X is open source as well. More info at wikipedia's Darwin entry. For being a "fan of Linux" you don't seem to understand some of the core principles.
If I am not mistaken Mac's are unix based right? many the kernel is similar to linux... which is why the filesystem structure is similar as well.
But you are correct open source means you can see the source... but usually when someone can see the source they find a way to get around security holes that lock down the system.
With open source and developers an open system is possible. And we already know we can do it because we have modified the updates that are sent which change the system files. so all you need to do is put a new boot.img and a new recovery.img and replace the root system directory... before you know it you can have this running any version of android and/or anything else that will run on an ARM6 device.
Don't make it so complex. It's meaningless to play the words game.
To make it simple:
As a developer, on G1, we are not able to do what we can do on a linux PC, and that was my understanding about the open source smartphone OS.
To be practical, for the same project I ported for Android, Windows Mobile and iPhone, I would say: Windows Mobile is the most open one (friendly) for developer. You can even make your own driver on it. So I would say Windows Mobile = smart version of Windows Desktop. But I cannot say Android = smart version of linux.
I really hope Google can push a little bit to the carriers to open the root for us. Android really needs to be more developer friendly. Otherwise, it is hard to compete with iPhone, since the key part of Andorid was "openess".
jashsu said:
Open source != open system.
Open source means just that... you can see the source code. That's it. It doesn't imply or confer any other right of access, and with most open source licenses the licensor (Google & HTC) is free to build closed systems just as locked down as one based on proprietary code. Many commercial systems (Android included) are underpinned by open source code for cost savings or stability/security reasons.
Edit: That's comparing apples to oranges. Linux is not an operating system; it is an open source kernel on which an operating system can be built.
Fact of the matter is, OS X's Mach kernel is partially descendant from BSD, so you could say the center of OS X is open source as well. More info at wikipedia's Darwin entry. For being a "fan of Linux" you don't seem to understand some of the core principles.
Click to expand...
Click to collapse
As a developer, on G1, we are not able to do what we can do on a linux PC, and that was my understanding about the open source smartphone OS.
Click to expand...
Click to collapse
It's like you've never even heard of embedded linux before. Show me where on the G1 advertising or packaging it claims to be a Linux PC.
To be practical, for the same project I ported for Android, Windows Mobile and iPhone, I would say: Windows Mobile is the most open one (friendly) for developer. You can even make your own driver on it. So I would say Windows Mobile = smart version of Windows Desktop. But I cannot say Android = smart version of linux.
Click to expand...
Click to collapse
WM gives the developer deeper system access. That's awesome for developers maybe, but calling it a "smart" is probably going a bit too far.
I really hope Google can push a little bit to the carriers to open the root for us. Android really needs to be more developer friendly. Otherwise, it is hard to compete with iPhone, since the key part of Andorid was "openess".
Click to expand...
Click to collapse
Android's security framework design is solely Google's responsibility. Tmo doesn't even remotely factor into it. If you don't like the default Android system lockdown then download the codebase and compile it yourself without the security settings. Security is there to prevent neophytes from opening shell and f__king their phones up.
jashsu said:
Android's security framework design is solely Google's responsibility. Tmo doesn't even remotely factor into it. If you don't like the default Android system lockdown then download the codebase and compile it yourself without the security settings. Security is there to prevent neophytes from opening shell and f__king their phones up.
Click to expand...
Click to collapse
And run it, how?
From my understanding, the only way to get a firmware onto the phone ATM is from the recovery menu, which will only install signed updates from Google. Yes, we've got a way around that for now, but it requires root access.
How would you install a self compiled version of Android onto the G1 on the official RC30?
Gary13579 said:
And run it, how?
From my understanding, the only way to get a firmware onto the phone ATM is from the recovery menu, which will only install signed updates from Google. Yes, we've got a way around that for now, but it requires root access.
How would you install a self compiled version of Android onto the G1 on the official RC30?
Click to expand...
Click to collapse
No clue. I'd probably do it with a Freerunner or something that is specifically designed as an open system. The recovery menu is not the only way to write to internal memory; i'm sure the HTC bootloader has some provision for usb access.
You have all of the Android operating system at your disposal in the form of source code (provided you agree to the license). If you want to write/port low level drivers for it go right ahead. You just can't run it on the G1. They chose to lock down the Android implementation on G1 and you're dissatisfied with that. That's like being dissatisfied that a house has locks on it when the architect gave away the blueprints and floor plans for free.
jashsu said:
That's like being dissatisfied that a house has locks on it when the architect gave away the blueprints and floor plans for free.
Click to expand...
Click to collapse
Except when you buy a house, they generally give you the keys.
Gary13579 said:
Except when you buy a house, they generally give you the keys.
Click to expand...
Click to collapse
Yeah I know, it's a flawed analogy.
If you want to have free reign over your Android, I suggest you get a Neo Freerunner to play with. I say play because the open source portion of Android is missing a lot of closed source Google added value apps (Maps, Gmail, etc) that define the G1. Also the porting process is still ongoing.
Android's security framework design is solely Google's responsibility. Tmo doesn't even remotely factor into it. If you don't like the default Android system lockdown then download the codebase and compile it yourself without the security settings. Security is there to prevent neophytes from opening shell and f__king their phones up.[/QUOTE said:
Stop playing the work game and understand the simple Thing that Developers want full Access to device in order to build Software Beyond Generalised Application, like bluetooth drivers, codecs, themes, different home shell the way we do in Windows Mobile
You said take OpenSource and Customise the OS by bypassing some security for shell access. Now Lets understand 98 % device get automatically f**ked with RC30 and there is no Reversal!!! If you can build any Customised Android Package which can bypasss Security for shell access and also Bypass Signature checking just do it for me so i can Revert to Shell Access from f**king RC30.
Click to expand...
Click to collapse
hetaldp said:
Stop playing the work game and understand the simple Thing that Developers want full Access to device in order to build Software Beyond Generalised Application, like bluetooth drivers, codecs, themes, different home shell the way we do in Windows Mobile
You said take OpenSource and Customise the OS by bypassing some security for shell access. Now Lets understand 98 % device get automatically f**ked with RC30 and there is no Reversal!!! If you can build any Customised Android Package which can bypasss Security for shell access and also Bypass Signature checking just do it for me so i can Revert to Shell Access from f**king RC30.
Click to expand...
Click to collapse
98% of G1s might get derooted with RC30, but guess what? 99% of users don't need root or don't care. Tmo and HTC didn't build the G1 as a device for devs to hack and play with. That's why its a subsidized $179 phone and your unlimited dataplan is $25.
99% Percent people dont want it but if we develop some Application which is beyond the SDK thing we must have to have root access to all device in order to Install it.
Adobe is releasing Flash Plugins for Browser lets see they can do it by just releasing APK Package in Market or a Pushed OTA Update. If Adobe requires OTA Update then Smaller Company and Developers see hard time to develop such Extension without Googles Permission.
Just make your Science clear before commenting it
hetaldp said:
99% Percent people dont want it but if we develop some Application which is beyond the SDK thing we must have to have root access to all device in order to Install it.
Click to expand...
Click to collapse
Of course. I am just saying that there is a sense among some people that they are entitled to root access simply because G1 is built on Linux. You are not entitled to anything of the sort. If root is important to you then sell your G1 to someone who doesn't care about root (there are a lot of these people) and buy a Freerunner.
Every OpenMoko phone I have seen looks like they are competing for ugliest phone ever. I know the G1 isn't that pretty, but oh my god, I would be embarassed to carry that in my pocket.
I already own more then 6 Smartphone. And i don't use G1 also becuase of Microsoft Exchange things. I dont have any Complaint for Exchange Connectivity.
Here the Question is how can i develop some more powerful Application / extension / core Part and Distribute it across all G1 users the way we do it in Windows.
This means my core Application can run in free Runner (OpenMoko) but it will not be available in G1 user group. There will be handfull user who may use free Runner but its not my Market. I require bigger community to sell the Software buddy.
Here the Question is how can i develop some more powerful Application / extension / core Part and Distribute it across all G1 users the way we do it in Windows.
Click to expand...
Click to collapse
If you need to get below the VM on stock ota G1 then most likely your product will need to become a part of the Android platform (meaning open sourcing). The integrity of the os and user data is one of the main reasons the Android sdk only supports the VM.
I'll be interested to see how Adobe's flash implementation for G1 works. Flash is closed source, and Google has explicitly stated that the entire Android platform is open source. My guess is they will patch the Browser to accept signed binary plugins. Perhaps Google's signature will require a peek at the source. I'm only speculating though...
Yeah using SDK we can only Develop Application which run itself in the Sandbox cna they can communication with other Application using intents, you can share Data using content Provider, share the Setting using Preference. We can develop some services in apps to handle Asynchronous process.
We we ca not do is recompile the Whole Modded Source, replace or test drivers, codec, low level binaries.
The SDK is fairly powerful out off the Box for Standalone things. !
Thats why i have made a different demand to google in this thread
http://forum.xda-developers.com/showthread.php?t=444893
The only thing tmobile is worried is tethering, as they give unlock code after every 90% day Subsidized Handset unlocking is not a big worry for them.
Just think If you want to develop On Screen keyboard it require more powerful access to core system and its beyond Google Sandbox approach.
jashsu said:
It's like you've never even heard of embedded linux before. Show me where on the G1 advertising or packaging it claims to be a Linux PC..
Click to expand...
Click to collapse
Show me where did I say Android = a linux pc. Same, I didn't say Windows Mobile = Windows XP/Vista.
I hate to play the word game.
jashsu said:
WM gives the developer deeper system access. That's awesome for developers maybe, but calling it a "smart" is probably going a bit too far..
Click to expand...
Click to collapse
That's why I thought very high with Android. But the limited development access makes it worse than WM.
jashsu said:
Android's security framework design is solely Google's responsibility. Tmo doesn't even remotely factor into it. If you don't like the default Android system lockdown then download the codebase and compile it yourself without the security settings. Security is there to prevent neophytes from opening shell and f__king their phones up.
Click to expand...
Click to collapse
Could you please show us how to get the root from the f__king rc30?
Do you rebuild the whole linux on your pc if you just want to make a simple application?
Hi,
I've buy from at lest one mont a surface rt, i've jailbreak it and install filezilla and notepad+++ so.... but i'd like anymore. Like many people i'd like to install a linux distribution on it but i dont really understand what is the problem...
I've know about:
Surface get a secure boot (EFI) and we can't disable the secure boot on surface RT caused windows need a valid key (?). I've read that linux got some distributions arm based (ubuntu, debian, fedora) and i think i've understand about ubuntu got a valid microsoft signature with a ssl provider that can bypass the useless verification... am i right?
So, if ubuntu (or another distro), got a valid sign for bypassing the limitation to due EFI why can't we normal install linux such like surface pro??
Best regards and sry for my bad english ^^'
----------------------------------------------
Some distros has keys to X86 UEFI. No one (other than Microsoft) has keys for ARM.
And (afair) due to some limitations of jailbreak we have no way to execute linux kernel.
This applies to any RT device.
kitor said:
And (afair) due to some limitations of jailbreak we have no way to execute linux kernel.
Click to expand...
Click to collapse
Is this true for sure? I figured especially since we have driver-level access we could possibly tear down the Windows kernel in reverse and start execution of arbitrary code. But I might have missed something.
The bigger issue about trying to port Linux to any device without official Linux support is usually in getting the kernel to boot and then making the hardware itself useful after that. This usually means you have to work "blind" and rely on some kind of low-level serial output to monitor the kernel boot to see where it panics. Only after getting a successful kernel boot can you even begin to think about drivers for the display, touch screen, etc.
So the prerequisites to even beginning to port to e.g. a Surface would be to find some way to kick out Windows and start arbitrary execution, enable some kind of low-level serial debugging for the would-be kernel, and then tediously poke and prod until it can successfully start. I'm not sure anyone knows of a dependable way to get serial debugging information.
Embedded devices on the whole are a lot more finicky and a lot less tolerant than normal PCs, generally due to their proprietary nature requiring a lot of hardware knowledge to initialize everything properly. About the only thing we'd have going for us is that it's a Tegra chipset, so if you can get the underpinnings working, you can probably at least get the basics like video and USB working without too much trouble.
I think the biggest thing about it is like the rest of RT ... there's just not enough interest in those with the skills to even attempt this because this is such an extreme minority platform. I imagine a Surface RT would make an excellent little Linux tablet, but I'm not holding my breath.
Well, If somebody would write something like WinKExec, or HaRET (haret allowed to analyse gpios and memory on WinCE/WM devices) then things may be possible. I own XPS10, so quite different device (as it has Snapdragon CPU), but I have some (small) experience on porting Linux on ARM devices - some time ago I was able to get Linux working on Bsquare Maui: http://pdasite.pl/kitor/maui_linux/ (including hardware reverse engineering - tracking gpios using multimeter - this way i found hidden usb host )
There's been talk of a WinKExec-like approach for months. Nobody has attempted it yet, though, or if they have they kept quiet about it.
One of the problems getting something like that working on RT is that it blocks kernel debugging, so you have to work pretty blindly. Then there's all the driver issues.
What about getting android to boot on it? There's drivers and such for tegra 3. I think its possible to build and deploy if we can get a kernel exploit. Am I wrong?
Android depends on Linux. If you can't get a Linux kernel booted, you won't be able to get Android to start up either.
skiman10 said:
What about getting android to boot on it? There's drivers and such for tegra 3. I think its possible to build and deploy if we can get a kernel exploit. Am I wrong?
Click to expand...
Click to collapse
The kernel by itself would be *relatively* easy (translation: still quite hard, but we could probably do it if people cared enough). However, getting all the other hardware (you know, things like the touchscreen, WiFi, and such) would likely be difficult, and without all that, it's pretty useless as a tablet. This is true for both Android and "desktop" Linux.
Where should I start to get a kernel to boot? I'm an android exploiter trying to dabble in Windows exploitation.
Sent from my HTC6500LVW using Tapatalk
Well, unless you think you can break Secure Boot, you should start by writing/porting a way to use the NT kernel to launch the Linux kernel. That probably means a lot of NT driver development stuff (done without the aid of a kernel debugger, just for extra fun).
There's a doc on internet from the blackhat usa 2013 seems to be interesting.
The man from the pdf get the exploit of injecting some code from the boot, so i think we can done this, no ?
If anyone tried and arrive he'll get amout of money from me
graphsys said:
There's a doc on internet from the blackhat usa 2013 seems to be interesting.
The man from the pdf get the exploit of injecting some code from the boot, so i think we can done this, no ?
If anyone tried and arrive he'll get amout of money from me
Click to expand...
Click to collapse
Can you PM me the article?
---------- Post added at 10:59 AM ---------- Previous post was at 10:57 AM ----------
GoodDayToDie said:
Well, unless you think you can break Secure Boot, you should start by writing/porting a way to use the NT kernel to launch the Linux kernel. That probably means a lot of NT driver development stuff (done without the aid of a kernel debugger, just for extra fun).
Click to expand...
Click to collapse
I think there is an exploit for Secure Boot, it just hasn't been shared yet...
If you mean the exploit I think you mean (discovered by an XDA member), it's a Windows bug, not actually a Secure Boot bug. It doesn't actually allow booting a different OS directly, just messing with Windows after bootup. We already have the jailbreak (for 8.0), which is pretty much equivalent.
GoodDayToDie said:
If you mean the exploit I think you mean (discovered by an XDA member), it's a Windows bug, not actually a Secure Boot bug. It doesn't actually allow booting a different OS directly, just messing with Windows after bootup. We already have the jailbreak (for 8.0), which is pretty much equivalent.
Click to expand...
Click to collapse
Im researching the doc i've found to provide you it.
Its not the jailbreak done by clockr ported by neman its another jailbreak who's available from the boot, but if remember they dont give sources... search in progress i'll post the link
There is one theoretical way to remove secureboot on a jailbroken device. It is rather easy: write a driver that reads/writes physical RAM. Find EFI_RUNTIME_SERVICES in memory and look for SetVariable function. Patch it so that it does not check for a valid signature. Than write your own certificates to UEFI with this patched function. Profit.
I've already done the first part - wrote a driver and found the table in memory (this is really an easy part). But my device died before I was able to successfully overwrite the certificates.
As far as I know similar method was once demonstrated for an x86 UEFI, just noone made it for ARM.
That... is a rather clever option too, although I'm tempted to avoid things which require modifying the firmware (too much option for future updates to break things). Still, a good option for those of us with gen1 devices who would like to be able to upgrade without losing the jailbreak, and also a good option for those who would like to install different OS images...
mamaich said:
There is one theoretical way to remove secureboot on a jailbroken device. It is rather easy: write a driver that reads/writes physical RAM. Find EFI_RUNTIME_SERVICES in memory and look for SetVariable function. Patch it so that it does not check for a valid signature. Than write your own certificates to UEFI with this patched function. Profit.
I've already done the first part - wrote a driver and found the table in memory (this is really an easy part). But my device died before I was able to successfully overwrite the certificates.
As far as I know similar method was once demonstrated for an x86 UEFI, just noone made it for ARM.
Click to expand...
Click to collapse
Can we get in contact? I'd love to get a more detailed plan that I can try. Gen 1 Surface RT on Windows 8 RT.
One demo about bypass: youtube.com/watch?v=i9ULYwRK1iU searching again the pdf mens
GoodDayToDie said:
Well, unless you think you can break Secure Boot, you should start by writing/porting a way to use the NT kernel to launch the Linux kernel. That probably means a lot of NT driver development stuff (done without the aid of a kernel debugger, just for extra fun).
Click to expand...
Click to collapse
About the only way you could possibly break secure boot is possibly by spoofing a key or potentially modify the UEFI to have secure boot disabled. While both are technically possible, you'd have to find an exploit to do it because I'm sure the UEFI probably can't be easily flashed
ThatGuy94 said:
About the only way you could possibly break secure boot is possibly by spoofing a key or potentially modify the UEFI to have secure boot disabled. While both are technically possible, you'd have to find an exploit to do it because I'm sure the UEFI probably can't be easily flashed
Click to expand...
Click to collapse
if you got a device with a jtag interface left open, that should be easy enough. The problem is that EPROM "fuses" are usually burned on the SOC. The secureboot check is hardcoded check that flag. You can't alter the bootloader without invalidating its signature, and it's practically impossible to unset an EPROM fuse.
Hi,
I'm kinda new to android, I've rooted my phone and I'm ready to flash a custom rom (SlimKat to be specific). I feel the stock rom can be "trusted", but can a custom rom be trusted to be secure and have privacy? I'm concerned that a custom rom dev may have added anything to the rom to be a security or privacy issue (where they can listen in on texts or phone calls, steal contacts or even steal passwords).
What are your thoughts?
p.s because I have limited knowledge of android I can't look through the code to inspect it.
You can consider the "safest" Roms to be built on AOSP, and have their own open source code repository where you can build from. Something like cynaogenmod comes to mind.
Source code is not available for all parts of most stock Roms for non-nexus phones (Sense, touchwiz, etc). But many stock-based Roms such as what I use (insert-coin), have completely open codebase with the base ROM files copied in (and certain files modified / deleted--these changes visible in the source tree). So using a ROM with a large development community probably isn't much more risky than using stock (especially since many stock phone manufacturer include spyware on the phone)
The big problem is closed source firmwares. This is unavoidable when you consider the radio--even on nexus phones. As far as I know, the radio firmwares are completely opaque on every since phone available, which ****ing sucks.
You can take steps to make sure the phone isn't doing weird ****, like configuring a VPN to send all phone data thru a firewall appliance which does packet inspection. A device like Sonicwall would do nicely. This will also warn you if any apps are misbehaving (unexpected p2p, TOR, i2p, DHT, or anything weird)
At this time I believe phones are inherently insecure, but the best you could do is a nexus device with stock Google OS.
If you want a completely secure computer, check out libreboot (open bios), only a few models compatible. And a good OS like hardened Gentoo or openBSD.
Source code source code source code ...
Anytime I'm hearing this I must be laughing. The code is useless if most of people are not able to read and understand it and also not if nobody really makes a proper audit (which means that it usually takes some hours/days and a lot of knowledge). OpenSSL was also vulnerability for years and it is open source.. So stop telling the people any myth about that open source is a benefit. It could but mostly nobody cares much since nobody want's always spent hours/days for every new release to re-audit everything.
I guess every guy that care much about secure something must read, read and read. There is no common setup or tool or guide, stay up-2-date, try to update things asap and inform yourself about known attacks. It's aslo a known myth that changing any rom more secure anything. There are rare roms/OS which are build to be "more secure" but in fact such mentioned attacks like Openssl affects a lot of OS and apps even if they are build with more security inside.
If you want a completely secure computer, check out libreboot (open bios), only a few models compatible. And a good OS like hardened Gentoo or openBSD.
Click to expand...
Click to collapse
Nothing is "completely secure" as long the user without knowledge controls it or if there are attacks which can't be controlled easily ...e.g. if you are already infected since the first day/boot with malware which the av or you can't access/scan that easy (for example usb firmware malware or hdd boot partition malware which are locked because no tool can't access it under a booted up os).
If you'll remember the April Fools joke on Lineage OS's website, there was this fake program called Br0Zip:
We know our users; their biggest desire is to be able to get a stable custom rom on their device. Painlessly.
Lineage supports a lot of devices, but this big number is still small when compared to the amount of the devices available in the market.
One of our main goals is to bring the latest Android version to all those forgotten devices, but we also focus on user experience and security improvements.
The main problem with this cool thing is that you need a developer that builds and fixes all the bugs. It’s a pain, we’ve done it many times.
But these days are gone now. We’re deprecating maintainers. Yeah - you read it right.
We’re proud to annouce our AI-powered revolutionary product called Br0zip.
Br0zipperEngine, is a powerful AI that powers Br0Zip. Given any .zip ROM or .img kernel of any device (yeah - any device) it’ll be able to generate a properly working ROM.
It’s cool, isn’t it? But wait - there’s more: we believe customization is important, and that’s why we implemented a feature selector in the ROM builder wizard, so you can make your ROM truly yours.
Anyone, including those who have never touched a single line of code now can be a talented developer and create their own bugless custom ROM for their device in seconds.
The best thing? It runs directly on your phone - you don’t even need a supercomputer.
Br0zip trial will included for free in the LineageOS builds.
We can’t wait to see what you’ll build with it.
Keep romming,
The Lineage Ink. team
Click to expand...
Click to collapse
Despite the obvious fact that no such thing had been developed, it's actually a good idea.
Picture this: instead of flashing a ROM that adjusts itself (option 3 in the poll - imagine how large that would be if it had support for EVERY SINGLE FEATURE ever developed for Android devices!), have a program which, after the initial setup wizard, detects and downloads the necessary components for your device over the internet via some cloud-based server, then installs those components, restart if needed, and voila! You have a working ROM installed on your Android device. Very much like what Ubuntu, Debian, Mageia, and other Linux-based OSes do when not all the components required are supplied by the live CD or USB image.
What do you all think?
Ah, yes. this old thread. How popular it was back then... Well, at least I got an avatar out of that April Fool's joke.
'Mutagen Astronomy' Linux kernel vulnerability sighted
A new Linux kernel vulnerability that can only be locally exploited is nonetheless proving a bit of a nuisance.
The CVE-2018-14634 vulnerability relates to a local privilege escalation bug in the Linux kernel, and creates a means to obtain root (administrator) privileges on a hacked system.
Security researchers at cloud security firm Qualys discovered the vulnerability, which stems from an integer overflow in the Linux kernel's create_elf_tables() function. It's not remotely exploitable, thanks heavens, but on a vulnerable 64-bit system, a "local attacker can exploit this vulnerability via a SUID-root binary and obtain full root privileges," Qualys warns.
Security researchers at Qualys explain: "Even though all Linux kernels are technically vulnerable, this issue is mitigated by a one-year-old patch that was backported to most long-term kernels and makes exploitation impossible."
Click to expand...
Click to collapse
Just thought you guys would want to take a look at this. Not sure if it applies to our tablets, but it looked interesting.
DragonFire1024 said:
'Mutagen Astronomy' Linux kernel vulnerability sighted
Just thought you guys would want to take a look at this. Not sure if it applies to our tablets, but it looked interesting.
Click to expand...
Click to collapse
In order to exploit this bug, a system must have 32GB of RAM to allocate in false pointers according to Qualys' analysis of an implementation. It also requires that a normal user have access to call a root-owned binary that has this method in it. It's possible that one could be found in the files of some of the tablets, but it could also be locked away. Regardless, we don't have 32GB of RAM in any Fire tablets
Cool find though!