1. Are you ready for the Galaxy S20? Here is everything we know so far!

UPDATE : Android security bug fix thanks to teddyearp!

Discussion in 'Android Lounge' started by badblue1, Jul 9, 2013.

  1. badblue1

    badblue1 * TRUCKS ARE BEAUTIFUL *
    Thread Starter



    funkylogik likes this.
  2. teddyearp

    teddyearp Android Expert

    This is interesting information. I should look into it more.

    But AFAIK, the only way an application can modify anything in the /system partition is if it has root access. And AFAIK the only way to have root access is if your device is rooted. Since the method(s) to root our devices sometimes vary widely from device to device, I find it hard to believe that the 'security bug' could be used to first root any device and then make the modifications described.

    But I don't know everything, not at all. I found more articles including a patch added by Steve to the latest CM10.1 (which of course you cannot run unless your device is rooted first):

    The truth about the latest Google Android security scare (Updated) | ZDNet

    https://groups.google.com/forum/#!topic/android-security-discuss/OurJQ5JzXos

    https://jira.cyanogenmod.org/browse/CYAN-1602

    https://www.blackhat.com/latestintel/05292013-mobile-exploits-oh-my.html

    It might be done. But hey, maybe we can exploit this to easier root any android device and (hehe) unlock the stinking bootloader on any android device!
     
    funkylogik and badblue1 like this.
  3. badblue1

    badblue1 * TRUCKS ARE BEAUTIFUL *
    Thread Starter

    I don't think it has anything to do with the app obtaining root access, it steals your passwords and login info, thus being able to steal whatever it needs.
     
    funkylogik likes this.
  4. badblue1

    badblue1 * TRUCKS ARE BEAUTIFUL *
    Thread Starter

    UPDATE :
    @ teddyearp ... Without knowing it you have helped fix the android security bug for CM7.2 IHO. When you posted this link https://jira.cyanogenmod.org/browse/CYAN-1602 i passed it on to a developer for the LG optimus v as well as others .Well Mrg666 the developer of this rom [ROM+Kernel] MiRaGe-CM7.2-IHO (07132013) - Android Forums at AndroidCentral.com that alot of us use, in fact most stable rom for our phone right now, well he was able to create the security patch for the rom from the link you posted.

    Thank you so much and thanks to Steve our phones will be free of the security bug. Android security fix 8219321(cyan -1602)
    Again, can't thank you enough! :)
     
    Rxpert83 and funkylogik like this.
  5. teddyearp

    teddyearp Android Expert

    Wow, who woulda thunk. This guide got lucky that's all. Glad to be of service.
     
    funkylogik and badblue1 like this.
  6. funkylogik

    funkylogik share the love peeps ;)

    They should name a build after you :D
     
    badblue1 likes this.
  7. awriternot

    awriternot Well-Known Member

    Ugh, what about non-rooted Razr Maxx? It's saying it hasn't been patched. How would I find out when they plan on fixing?
     
  8. badblue1

    badblue1 * TRUCKS ARE BEAUTIFUL *
    Thread Starter

    As long as you download apps from Google playstore your golden.

    The bug, supposedly comes from apps that are not downloaded from a trusted source.

    Download from Google play or Amazon.
     
    awriternot and funkylogik like this.
Loading...

Share This Page

Loading...