Another day, another nasty Android vuln The security researcher who last year sucked thousands of IDs out of Apple's Developer Centre site has turned his gaze onto Android and turned up a bug that Trend Micro says is exploitable. According to Ibrahim Balic, the bug causes memory corruption on Android 4.2.2 , 4.3 and 2.3 at least, but he suspects all Android versions …
on any computing device, there is always the potential for problems. Obviously instead of the proliferation of adware, etc. the Android ecosystem needs to grow up; with repositories either run by entities that can be held legally liable for their wares, or opensource with active community oversight and trusted signatures.
" If the attacker were to create malware that auto-started on power-up, the user's only option would be to completely wipe the device via a boot loader recovery."
Isn't it possible to boot with a known good image, then mount the bad partition and fix it. This is pretty normal when the boot system gets screwed, or to repair a damaged filesystem, etc. Or the bad filesystm/SD card could be removed an mounted on a PC, where the offending configuration can be edited -- that's what I do when playing with my tablets.
Android gives you the right to install unsigned 3rd party apps without jailbreaking and rooting the device. IMO this is much safer than the Apple approach, that forces you to effectively jailbreak and root the device, if you want to install anything they don't like you to have. (Like emulators, UI tweaks, Wifi scanners or other evil things).
Of course that doesn't mean you are always 100% protected. No security system is ever 100% safe. Stick to official appstores like Google's playstore or the Amazon Appshop, and you can be reasonably sure, you are safe, download dodgy apps from warezsites and live with the consequences.
"...to brick the target ... the user's only option would be to completely wipe the device via a boot loader recovery."
So not bricked at all then. If it were bricked, even the bootloader would be broken.
If it is just causing a crash during bootup, then it may even be possible to uninstall the offending app via ADB in between reboots, if you timed it right.
Amusing bug though.
If you've enabled ADB......
However, I'm struggling to see the point of this exploit. Yes, it can cause your phone to endlessly reboot, but that isn't going to make money for the hacker is it? It's also relatively easy to fix by wiping the device from recovery - ok, so you'll lose your data, but we're all backing our data up these days aren't we? ;) (Helium backup FTW!)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
