Bug In Android Passes Keystrokes To Root Shell

pasokon writes "ZDNet reports on an Android bug in T-Mobile G1s with early versions of the firmware: 'When the phone booted it started up a command shell as root and sent every keystroke you ever typed on the keyboard from then on to that shell. Thus every word you typed, in addition to going to the foreground application would be silently and invisibly interpreted as a command and executed with superuser privileges. ... open the keyboard tray on your G1, ignore anything you see on the screen, and type these 8 keystrokes: (enter)-r-e-b-o-o-t-(enter). Poof, your phone will reboot.'"

Life under the thumb of cellular phone companies..

[Rahga]

Are we really that messed up as a society?

If I type "Reboot" and the device actually reboots, doesn't that mean it's working?

Seriously Google...

[yttrstein]

That's some amateur shit to have made it beyond beta 1. What the hell are your programmers doing all day?

I'm starting to get a little suspicious, to be frank. You've existed for many, many moons, Google...you have over 20,000 employees. You have computing capacity that's normally limited to that of small countries. Shouldn't you be a little further along by now?

Scary

[flawd1]

I'm on firmware 1.0 and TC4-RC29 and it works. That's kind of scary... Especially because I SSH'd into a friend's server and wrote out rm -rf / ... just to be funny ... I didn't hit enter of course but if I did...

Re:Open source, remember? fix already out

[Khyber]

Bingo - You won't see this sort of turnaround time for a fix for the iPhone.

and this is why FOSS is a champion to me - the community fixes the issue and everyone else can check the fix to make sure it's not malicious.

And this is why all gov't entities in the USA should use FOSS. The people/community as a whole can do a better job of keeping the government secure than corporations can.