As the article says: Worst. Bug. Ever.

damian, 666
Short version: for Android phones with firmware version 1.0 TC4-RC29 or earlier,

There's a root shell using the console as stdin, so all input on the physical keyboard on the phone is being interpreted by that shell (regardless of what application is being displayed, and regardless of whether it is responding to those keyboard presses itself).


In other words: you type 'reboot' on any bundled Android application, the phone reboots. Type 'telnetd', and you get a telnet daemon up and running as root.

Yes, I can't quite wrap my mind around it either.

If this is true (jwz post here, cf the link referenced there), this has to be one of the most embarrassing security bugs in the history of IT.

There's only one possible label for this: EPIC FAIL.

Tags:

Flying cars are boring.

damian, 666
India's use of brain scans in courts dismays critics.

In my opinion, the specific technology used here isn't credible (no peer review or independent replication), but

a. It's possible that at some point there will be a forensically useful brain scanner of some sort.
b. I had wrongly assumed that scientific/technological barriers would fall before legal ones (but then, polygraphs have never been scientifically validated either -in fact, they are quite discredited- but this hasn't made them less popular among law enforcement groups). I vastly underestimated the power over governments of the illusion of control.

Most of the time I whine about the world not being strange enough for my tastes, but there are fleeting moments of sanity in which I wonder what the heck is wrong with me.

They pass away quickly, though.

Tags:

Latest Month

July 2014
S M T W T F S
  12345
6789101112
13141516171819
20212223242526
2728293031  

Tags

Syndicate

RSS Atom
Powered by LiveJournal.com
Designed by Tiffany Chow