LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Recommended fix

Recommended fix

Posted Dec 18, 2012 23:24 UTC (Tue) by job (guest, #670)
Parent article: World-writable memory on Samsung Android phones

I take it the simple fix to recommend people is to install Cyanogenmod instead?

(Log in to post comments)

Recommended fix

Posted Dec 19, 2012 0:25 UTC (Wed) by jimparis (subscriber, #38647) [Link]

No, because Cyanogenmod uses the same kernel. This is the patch in their tracker: http://review.cyanogenmod.org/#/c/28568/

Recommended fix

Posted Dec 20, 2012 9:53 UTC (Thu) by job (guest, #670) [Link]

So Cyanogenmod has been backdoored all along, at least in all the Samsung builds? How is it possible no one noticed?

Somehow it seems like a backdoor from upstream is regarded less serious than if it originated from inside the Cyanogenmod project. I'm not so sure that is the case. All root exploits are equally serious.

I can think of a few possibilities where upstream would have interest in sabotaging downstream projects. Indeed most probably do, if you consider the locked boot loaders. If unlocked and reflashed devices are backdoored you can still reap whatever benefits locking them down gave you in the first place. And even if it is never used in nefarious ways it is still a PR win to scare people from unlocking. Stranger things have happened.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds