LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Recommended fix

Recommended fix

Posted Dec 19, 2012 0:25 UTC (Wed) by jimparis (subscriber, #38647)
In reply to: Recommended fix by job
Parent article: World-writable memory on Samsung Android phones

No, because Cyanogenmod uses the same kernel. This is the patch in their tracker: http://review.cyanogenmod.org/#/c/28568/

(Log in to post comments)

Recommended fix

Posted Dec 20, 2012 9:53 UTC (Thu) by job (guest, #670) [Link]

So Cyanogenmod has been backdoored all along, at least in all the Samsung builds? How is it possible no one noticed?

Somehow it seems like a backdoor from upstream is regarded less serious than if it originated from inside the Cyanogenmod project. I'm not so sure that is the case. All root exploits are equally serious.

I can think of a few possibilities where upstream would have interest in sabotaging downstream projects. Indeed most probably do, if you consider the locked boot loaders. If unlocked and reflashed devices are backdoored you can still reap whatever benefits locking them down gave you in the first place. And even if it is never used in nefarious ways it is still a PR win to scare people from unlocking. Stranger things have happened.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds