Slashdot Mirror
Exploitable Backhole Accidentally Left In Some MediaTek-based Phones (ndtv.com)
Lirodon writes: MediaTek has confirmed findings by security researcher Justin Case, who discovered that some devices running Android KitKat on MediaTek processors (often used in lower-cost devices) had a debug function, meant to be removed on production devices, accidentally left in by their manufacturer. This hole could be used to trivially gain root access, among other possibilities.
Did you mean backdoor? Black hole?
It's called a "backdoor" and here is a link to more information (the link posted in the summary has nothing to do with the backdoor): http://androidcommunity.com/se...
I had a sig once, but someone stole it.
Makes it sound like the device has an anus! I don't want that in my pocket!
I figure you guys have no idea what slashdot is about. Let me give you a brief history:
2.5 million B.C.: OOG the Open Source Caveman develops the axe and releases it under the GPL. The axe quickly gains popularity as a means of crushing moderators' heads.
100,000 B.C.: Man domesticates the AIBO.
10,000 B.C.: Civilization begins when early farmers first learn to cultivate hot grits.
3000 B.C.: Sumerians develop a primitive cuneiform perl script.
2920 B.C.: A legendary flood sweeps Slashdot, filling up a Borland / Inprise story with hundreds of offtopic posts.
1750 B.C.: Hammurabi, a Mesopotamian king, codifies the first EULA.
490 B.C.: Greek city-states unite to defeat the Persians. ESR triumphantly proclaims that the Greeks "get it".
399 B.C.: Socrates is convicted of impiety. Despite the efforts of freesocrates.com, he is forced to kill himself by drinking hemlock.
336 B.C.: Fat-Time Charlie becomes King of Macedonia and conquers Persia.
4 B.C.: Following the Star (as in hot young actress) of Bethelem, wise men travel from far away to troll for baby Jesus.
A.D. 476: The Roman Empire BSODs.
A.D. 610: The Glorious MEEPT!! founds Islam after receiving a revelation from God. Following his disappearance from Slashdot in 632, a succession dispute results in the emergence of two troll factions: the Pythonni and the Perliites.
A.D. 800: Charlemagne conquers nearly all of Germany, only to be acquired by andover.net.
A.D. 874: Linus the Red discovers Iceland.
A.D. 1000: The epic of the Beowulf Cluster is written down. It is the first English epic poem.
A.D. 1095: Pope Bruce II calls for a crusade against the Turks when it is revealed they are violating the GPL. Later investigation reveals that Pope Bruce II had not yet contacted the Turks before calling for the crusade.
A.D. 1215: Bowing to pressure to open-source the British government, King John signs the Magna Carta, limiting the British monarchy's power. ESR triumphantly proclaims that the British monarchy "gets it".
A.D. 1348: The ILOVEYOU virus kills over half the population of Europe. (The other half was not using Outlook.)
A.D. 1420: Johann Gutenberg invents the printing press. He is immediately sued by monks claiming that the technology will promote the copying of hand-transcribed books, thus violating the church's intellectual property.
A.D. 1429: Natalie Portman of Arc gathers an army of Slashdot trolls to do battle with the moderators. She is eventually tried as a heretic and stoned (as in petrified).
A.D. 1478: The Catholic Church partners with doubleclick.net to launch the Spanish Inquisition.
A.D. 1492: Christopher Columbus arrives in what he believes to be "India", but which RMS informs him is actually "GNU/India".
A.D. 1508-12: Michaelengelo attempts to paint the Sistine Chapel ceiling with ASCII art, only to have his plan thwarted by the "Lameness Filter."
A.D. 1517: Martin Luther nails his 95 Theses to the church door and is promptly moderated down to (-1, Flamebait).
A.D. 1553: "Bloody" Mary ascends the throne of England and begins an infamous crusade against Protestants. ESR eats his words.
A.D. 1588: The "IF I EVER MEET YOU, I WILL KICK YOUR ASS" guy meets the Spanish Armada.
A.D. 1603: Tokugawa Ieyasu unites the feuding pancake-eating ninjas of Japan.
A.D. 1611: Mattel adds Galileo Galilei to its CyberPatrol block list for proposing that the Earth revolves around the sun.
A.D. 1688: In the so-called "Glorious Revolution", King James II is bloodlessly forced out of power and flees to France. ESR again triumphantly proclaims that the British monarchy "gets it".
A.D. 1692: Anti-GIF hysteria in the New World comes to a head in the infamous "Salem GIF Trials", in which 20 alleged GIFs are burned at the stake. Later investigation reveals that mayn of the supposed GIFs were actually PNGs.
A.D. 1769: James Watt pate
Copyright (c) 1990 - 2014 Dice. All rights reserved. Use of this comment is subject to certain Terms and Conditions.
Justin Case, we should patch it anyway.
Have you ever fallen asleep at the keybhanusdiog?
LOL, I let Chrome translate it for me, and I got this:
Which tells me letting Chrome translate stuff from Japanese is a terrible idea.
Lost at C:>. Found at C.
What devices are affected?
Is this something actually dangerous, or something that only a security researcher can exploit in theoretical conditions?
Because they haven't progressed to contextual translation yet, which includes phrases and grammar structure translation. Any multi-lingual person will be able to tell you that they do not translate word for word, they need the full phrase or more to go from language a to b, especially if those languages have varying grammatical structures and rules governing things like adverb and adjective placement. Also note that phrases like "top of the morning to you" should be translated to an appropriate (morning) greeting and not some nonsensical word for word replacement scheme.
The cesspool just got a check and balance.
In some ways yes, but apparently in some ways no.
Years ago a friend was taking German classes, and apparently it has subject/verb stuff which can be at the end of sentences.
So one example of how it fell apart was a place in which the speaker went on for a long time, and the translator just stopped ... because without knowing what was at the end of the long-winded sentence it was impossible know what to say next. It was a lot of stuff which couldn't be translated into English until it was all done -- and it took a VERY long time for that speaker to be done.
I got the impression that are still enough structural differences that it's more than a little challenging for skilled humans to do it.
So, if translating in real time can be near impossible, then I assume it's still damned easy for static translations to get mired down into stuff it can't handle well.
Lost at C:>. Found at C.
Really? Justin Case? If that's not a clearly fake name, I don't know what is. And a link to a completely unrelated non-english article? Whoever the hell submitted this spam should never be allowed to submit again and whoever posted it should be fired.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.