|
QuadRooter: New Android Vulnerabilities
Quote:
|
Re: QuadRooter: New Android Vulnerabilities
Now if we only had Android root for Jolla C and Intex Aqua Fish.
Did someone installed the QuadRoot scanner on Jolla phones yet? |
Re: QuadRooter: New Android Vulnerabilities
Somebody have already did it:
https://together.jolla.com/question/...by-quadrooter/ |
Re: QuadRooter: New Android Vulnerabilities
wtf, where are exploits? i want to root my phone :)
|
Re: QuadRooter: New Android Vulnerabilities
What's is most secure: jPhones, iPhones or a random androids.
|
Re: QuadRooter: New Android Vulnerabilities
Had some complaints....
Keep it on-topic Dan, be respectful of the intent/focus of peoples threads. Consider this your first & last non-infraction warning... Not following this thread & most others, so rely on PMs or Post Reports of folks that play up. Thank-you. |
Re: QuadRooter: New Android Vulnerabilities
Instead of complaints. Can you bring anything good. When can we exclect Jolla to work this issue out with 3rd parties?
Or any link to patch. https://www.checkpoint.com/downloads...rch-report.pdf |
Re: QuadRooter: New Android Vulnerabilities
Dave, "exclect"?
Pardon the silly question, but what's all the fuss anyway? If I understand it correctly, all that QuadRooter can do is obtain a root access. Sure, it means it can alter or remove some of the preinstalled bloatware that you cannot remove by standard means but isn't it about it? All the sensitive stuff (your address book, photos, videos, other personal data, network access (that could cost you money if used maliciously)) is in the userland and you grant apps access to those willingly. At least on Android. On Sailfish, there is no such protection at all to start with. |
Re: QuadRooter: New Android Vulnerabilities
QuadRooter it's about Qualcomm drivers (blobs) that are used by SailfishOS and Android at the same time.
My understanding is that a malicious user may gain root access at your SailfishOS as well. Or I'm wrong ? |
Re: QuadRooter: New Android Vulnerabilities
The vulnerabilities seem pretty clear from the Checkpoint report, however this is also partly scareware; their business just is more or less bullying people into buying their intrusion deterring solution.
On a more-or-less standard Android device this attack might be rolled into a generic package that can take control of the device and either used to leak data or use it as a part of a botnet. However, if a poisoned application is run in Alien Dalvik on a SFOS device I believe it might have a hard time operating correctly since the Android layer is not similar to what is used in native Android devices. It would probably (but I cannot be 100% sure of course) need to have a specially tailored version to be effective against SFOS devices. However, if such tailored attack is created, then it could also affect the native part of the system and not only the AD part of the system. TLDR; probably you are safe in any case. If you do not install Alien Dalvik at all, you certainly are safe. |
| All times are GMT. The time now is 00:18. |
vBulletin® Version 3.8.8