Sunday, November 9, 2008
Epic Android bug inteprets your typing as system commands
The philosophy goes something like this: the great thing about Linux is that it's secure, and the great thing about open-source software is that it's thoroughly and constantly vetted for robustness. So to that end, Android should be pretty rock solid, right? Perhaps, but the overwhelming enormity of this particular bug definitely gives us pause. It turns out that G1 firmware revisions RC29 and earlier literally interpret everything you type as command-line operations, so if you happen across a legit command, it's going to get executed -- with superuser permissions, no less. No, seriously. Just go to the messaging app, the browser, or anywhere else a text box is convenient, type "reboot," press the enter key, and watch magic happen. We've tested this on two G1s, both with RC29 firmware, and have gotten this to consistently work on one of the two, so your mileage may vary -- but either way, this needed to get patched on the double. Fortunately, Google's been quick about it, rolling a fix into the RC30 build that's being rapidly pushed to users as we speak, but man... how did that get through?