Slashdot Mirror
T-Mobile G2 'Permaroot' Achieved
VValdo writes "After over a month of relentless hacking, genius scotty2 has finally smashed the G2's notorious emmc-read-only-on-boot mechanism, which had been incorrectly characterized in the press as a 'rootkit.' The hack involves several steps — first achieving 'temp root' through a fork bomb exploit, then running a specially crafted kernel module that power-resets the read-only emmc to bring it up in read-write mode. Finally, the bootloader is re-flashed, which permanently removes the read-only on subsequent boots. The whole process is expected to be automated by tomorrow."
Security is in order, sure, but should the end user wish to assume direct control then it should be a trivial process that requires the user be in physical contact with the device (such as holding down a button.) Not requiring the user to find a local exploit to grant them shell or terminal access like a 3rd party attacking the system.
But between the carrier and the vendor, you are a 3rd party attacker. This is why I have no respect for most vendors nor for any of the carriers.
So what then is your suggestion?
Continue to pay for something you can never really own?
Demonstrating that any lock down can be broken does exert pressure for the companies to stop wasting their resources.
Bringing a phone to market has real costs associated with it.
If they know it will be hacked (often before its official release date) why bother trying? Why spend all that money and time dicking around with some cat and mouse game where you are always the mouse, when your competition can get there quicker by avoiding the effort.
All they really need is an indicator that it WAS hacked so they can choose to honor the warranty or not, (Like the Nexus One, which gives you root at the press of a button, but makes it obvious you chose to take it).
Sooner or later we should start pushing for lock downs to be made illegal, and demonstrating that they are ineffective is as good a first step as any.
Sig Battery depleted. Reverting to safe mode.
Donate to scotty2 (for root): walker.scott@gmail.com (PayPal)
Because these are not phones. These are miniature computers that handle phone calls as a subset of their capabilities.
The software that controls my engine/drive-by-wire has a singular purpose, and is basically a bunch of tables with a bit of microcontroller code to flip through them. Smartphones are much, much more and tend to play a greater role in people's day to day activities.
And if you ask Apple and Microsoft, mobile is where the market is going to be moving heavily. Not necessarily to the exclusion of the desktop market, but still heavily. And, frankly, I don't see the mobile space being controlled so heavily by vendors with vested interests in controlling what you do and how as a good thing.
Brilliant suggestion: buy a Nexus One. Best phone you can get right now. If you buy one of these locked down Android phones and whine about it, it's your own fault, and you are voting with your dollars for carriers to lock phones down. You are now part of the problem. Be part of the solution instead.
My G2 was rooted the day I got it and will soon be permarooted. This time, Google's weak kneed posture with respect to HTC's and T-Mobile's mean spirited abuse of the open source gift they have been given will come to no harm. Next time might be different. All the ISP's, the Android manfacturers, and especially Google, need to be put on notice that their open source rocket may fizzle and fall back to earth if they don't get a clue.
Why not get a Nexus one? It doesn't satisfy my hardware needs.
Have you got your LWN subscription yet?
Enables you to install a kernel with proper support for Bluetooth HID, so you can use a folding keyboard and/or bluetooth gamepad with the phone.
Enables you to create a swapfile and use virtual ram. See, Android has an official mechanism for reclaiming memory used by suspended apps, but it's not instantaneous. If you buy Class-6 (or faster) microSD flash, it's faster to just swap a chunk of ram to the flashcard than it is to wait for the app to shut itself down, save its state, and release its memory so something else can use it. If you use class 4 flash, it'll be roughly the same speed either way. If you use class 2 flash, swapping is slower. As you've probably guessed, the free microSD card that comes with most Android phones is only class 2.
Tether for free. Sprint charges $30/month extra if you want to tether without rooting.
Run the CPU faster. Unlike (Intel) desktop CPUs, phone CPUs don't really have a hard upper speed limit. They just go through a point where your battery life totally goes to hell, then a zone where they're kind of flaky and it crashes a lot, then finally a zone where it's almost impossible to use for more than a few minutes WITHOUT crashing. A rooted G2 can run at 1GHz without breaking a sweat, and I'm pretty sure I read that they're generally stable up to around 1.6GHz. The catch is, your battery will last about an hour at that speed.
You can use Samba to make your /sdcard filesystem accessible over the network as a normal Netbios share.
You can use OpenVPN. Unrooted Android can't use it, not even as a client.
You can install sshd and use SSH to securely connect to a root shell on your phone.
You can install thirdparty SSL root certs.
You can use Tor.
Those are just a few things off the top of my head. There are a lot more.