bit-tech.net

Android flaw executed typed text

Android flaw executed typed text

The Android-based G1 has had an embarrassing string of security flaws since its release only a few weeks ago.

With the news that Google's Android shipped with an embarrassing security hole being followed by a simple two-step method to 'jailbreak' the OS, you'd think that the company had ironed out most of the remaining bugs – but you'd be wrong.

According to ZDnet's Ed Burnette, the open-source Linux-based smartphone platform recently shipped in T-Mobile's G1 handset contains a real doozy of a back door: it would appear that absolutely anything you write, at absolutely any time, will be evaluated as a system command.

The bug, which affects handsets running Android 1.0 TC5-RC29 or earlier, can be demonstrated in a simple way: in any text entry box – even on a webpage or in the address book – hit the 'enter' key and type 'reboot' followed by 'enter' again. If your handset is vulnerable, you'll see it suddenly decide to restart the OS.

The flaw is even more of an embarrassment when you learn that commands executed in this way run as the 'root' user, with complete system access. If you happen to be typing a document on how to hose a Linux system by typing in inadvisable commands, you can expect to learn about this one the hard way.

The plus side for G1 owners with handsets that mysteriously execute typed commands is that this makes the jailbreak we reported last week even easier to carry out: you can skip the 'install Pterminal' step and simply type 'telnetd' at any time to launch the root-level telnet daemon.

A Google coder has described the problem as being “already fixed and is going out in the RC30 build which will be pushed to users very soon.

Is this the straw that broke the camel's back for security on the Android platform, or are little niggles like this to be expected on a 1.0 platform – even one from the giant that is Google? Share your thoughts over in the forums.

18 Comments

Discuss in the forums Reply
Bauul 10th November 2008, 15:01 Quote
Lol, that's quite funny! I'm impressed it took this long to be noticed though.
plagio 10th November 2008, 16:48 Quote
This is just crazy.
Hope nobody had a friend called "rm -rf /"

http://xkcd.com/327/
dyzophoria 10th November 2008, 17:25 Quote
lol, I think android's OS was pretty much , whats the term.. RUSHED
Nexxo 10th November 2008, 18:26 Quote
So... still think the Apple iPhone is overhyped junk? :p
Flibblebot 10th November 2008, 18:57 Quote
Yup, it's just that Apple's now got a partner up there at the top of the hype list :p
C-Sniper 10th November 2008, 20:06 Quote
"rmdir / " weeds out the stupid users :)
Woodstock 10th November 2008, 20:54 Quote
Quote:
Originally Posted by C-Sniper
"rmdir / " weeds out the stupid users :)

no it wont, it will say directory not empty.
shomann 10th November 2008, 21:10 Quote
Its a 1.0 release. Yes, it was rushed, but one thing about Google is that they seems to be very quick to fix broken software.

It will be fun to sit back and watch pundits start claiming this will somehow help the iPhone (it's won't). All it will do it inconvenience a few people until the OS is patched.
Nexxo 10th November 2008, 21:15 Quote
Er, yeah. Kind of a big boo-boo though isn't it? I can't help but thinking that if this was an iPhone bug people would have been ready to burn effigies of Steve Jobs. But because it's Google Android it's all: "Oh, at least they fixed it quickly... it's just a minor inconvenience...".

Sorry, no. Google Android is a device with great potential and more power to its elbow, but for all people's moaning about Apple, it shows what Apple does best: deliver a quite polished product, first time around. You get what you pay for. Google Android has some growing up to do.
shomann 10th November 2008, 21:19 Quote
Quote:
Originally Posted by Nexxo
Er, yeah. Kind of a big boo-boo though isn't it? I can't help but thinking that if this was an iPhone bug people would have been ready to burn effigies of Steve Jobs. But because it's Google Android it's all: "Oh, at least they fixed it quickly... it's just a minor inconvenience...".

Sorry, no. Google Android is a device with great potential and more power to its elbow, but for all people's moaning about Apple, it shows what Apple does best: deliver a quite polished product, first time around. You get what you pay for. Google Android has some growing up to do.

This is all true. In fact, I would make the argument that the iPhone 1.0 OS is better than the current one (2.1). I should have mentioned I am an iPhone user and it is the single best mobile platform I have used - by far. This is mostly due to Apple's tight integration of hardware and software. Well, that and a OS that makes sense.

Still, competition is a good thing and Android could be a real winner. Will people put up with a troubled infancy? Time will tell.
Jojii 10th November 2008, 22:08 Quote
What happened to "OPEN." Wasent that a selling point of android?
TheoGeo 10th November 2008, 22:40 Quote
and you wonder why most of their software and services stay in beta so long
Impossible 11th November 2008, 00:33 Quote
Whats hard to figure out is the rc30 thats touted above seams to be the US version....

The UK model has TC5-RC7 on is.. I cant find any info if its 23 releases behind or a seperate fork for the UK version.

=(

Imp
desertstalker 11th November 2008, 02:37 Quote
Quote:
Originally Posted by TheoGeo
and you wonder why most of their software and services stay in beta so long

Because it doesn't come out of beta till it works properly :)
dyzophoria 11th November 2008, 16:20 Quote
honestly, I would accept the "atleast google fixes its bug more quickly" argument, but what troubles me is the severity of the bugs, atleast other developer's bug includes deep exploits on system files, buffer overflows, etc, but look at the android's early bugs, a simple run a program to enable another program and viola, root access, type enter-reboot-enter anywhere while these are run with full root access, is it me or is it just too obvious how sloppy the development team at google is. :(
Spaceraver 12th November 2008, 07:00 Quote
Hmm. So the coders at Google forgot they were developing for an out of the house application so to speak?

TheoGeo. At least Google has the balls to keep calling it beta untill it works. Microsoft does not.
notatoad 12th November 2008, 08:08 Quote
Quote:
Originally Posted by Jojii
What happened to "OPEN." Wasent that a selling point of android?

what does that have to do with anything? are you saying that open software shouldn't have any bugs, or that open software should execute everything that is typed into it?
Gareth Halfacree 12th November 2008, 09:10 Quote
Quote:
Originally Posted by Spaceraver
TheoGeo. At least Google has the balls to keep calling it beta untill it works. Microsoft does not.
Except, of course, Android - which is version 1.0 and has enjoyed a full retail release. Ironically, Google seems to have fewer issues with the stuff it does label as beta.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums