Active Topics
-
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (4)
to SailfishOS by Maemish - 9 hrs, 26 mins ago -
The N900 is now 15 years old! (6)
to Nokia N900 by Macros - 2 days, 5 hrs ago -
F(x)tec Pro1x (QWERTY) for sale (0)
to Buy & Sell by aln00000 - 2 days, 18 hrs ago -
n770 youtube video (0)
to General by nmdv - 6 days, 17 hrs ago - more...
| The Following 4 Users Say Thank You to itsnotabigtruck For This Useful Post: | ||
|
|
2012-04-16
, 19:00
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#12
|
Originally Posted by itsnotabigtruck
sounds good
I'm not sure if something like Superuser for Android is practical given the way Aegis works, but the new version of INCEPTION will make opensh obsolete.
not sure if something like SuperUser control app is impossible, probably Inception would be a good place to do this. Lets say, Inception could install itself, close the 'vulnerability' and from that point take control on access to su.
|
2012-04-16
, 19:01
|
|
Posts: 1,539 |
Thanked: 1,604 times |
Joined on Oct 2011
@ With my N9
|
#13
|
Originally Posted by itsnotabigtruck
I assume everyone that uses inception knows how to flash their N9. I also assume the inception users are super users, that's why they are using inception, but I could be wrong.
As long as you already ran pasiv, yep. However, I still wouldn't recommend updating yet, in case you need to reinstall INCEPTION for some reason.
I'm not sure if something like Superuser for Android is practical given the way Aegis works, but the new version of INCEPTION will make opensh obsolete.
__________________
Arie|www.everythingn9.com|Nokia N9 64GB x2|Nokia N950
@everythingn9
Temporary Inception Fix
Times Banned from TMO: 4
Arie|www.everythingn9.com|Nokia N9 64GB x2|Nokia N950
@everythingn9
Temporary Inception Fix
Times Banned from TMO: 4
 |
|
2012-04-16
, 19:19
|
|
Posts: 1,389 |
Thanked: 1,857 times |
Joined on Feb 2010
@ Israel
|
#14
|
Originally Posted by rainisto
I would happy to see even this attention for this device, as you claim N9 to be commercial, don't see the tops of apps and upcomming features. So i don't see any problem. If Nokia ditched it, we would like to have at least access to be able things they wouldn't do and don't allow us to...
Your statement is not totally true (yes N900 didn't have many issues since it was IT nerds only device vs. N9 is more like commercial product).
Its good that end users haven't noticed any malware in N9.
But ovi store QA has already rejected or removed multiple malware applications from the store... so I wouldn't be surprised at all if someday at least deb packages from unknown origin would spread to user devices in some form of useful 'utility' or 'game'. Or some 'utility' or 'game' manages to hide itself long enough to spread in to high number of devices from the store.
But yes, might be danger only in theory, then then again, I wouldn't leave possible exploit hole unpached in my ubuntu system just because I know that 'most likely' no deb packages would exploit that hole.
 |
|
2012-04-16
, 21:07
|
|
Posts: 2,355 |
Thanked: 5,249 times |
Joined on Jan 2009
@ Barcelona
|
#15
|
Originally Posted by rainisto
Meh.
Feel free to update to latest version if you want to patch the security hole that inception currently is using (and if you want to protect your device against malware from using the same hole).
So the guy in the first post already found another hole in another script, the hole I was using back in PR1.1 has not been fixed yet despite the fact I reported it, and there are several applications in the Ovi Store that exploit lesser bugs giving a smaller set of privileges.
On some of those, the exploit is actually on the manifest file itself, which clearly QA isn't even looking at. Or maybe the official policy now is to allow everything Aegis-wise and QA "in some other mysterious way". I kinda deduced that when the FMRadio apps were approved...
So yes, keep thinking that Aegis protects you of anything other than accidental developer errors.... with the long delays between releases, that's impossible. And it doesn't even have anything to do with the design of Aegis.
And this is despite Nokia's "bug fixing" policy that basically consists in a bazooka. When I was hot-headedly arguing with itsnotabigtruck the futility of entering the cat and mouse race -- a race I eventually decided not to get in --, one of the arguments I trowed in was that with the little resources Nokia is putting into Harmattan, bugs would be squashed by just removing more and more of the liberties and allowances that closed mode has.
And that is exactly what happened with PR1.0, PR1.1, PR1.2, and now this, where CAP_SYS_CHROOT is now seemingly removed. Not that it was very useful, but I ponder what will be removed with the next PR?
In the meanwhile, openmode users still laughing at all this while freely using our devices... but worried that the fallout of this race will eventually result in yet another absurd restriction introduced with the next PR.
Or that Nokia will be bankrupt between the release of PR1.3 and the arrival of the first source code disks...
 |
| Tags |
| devmode, harmattan, inception |
«
Previous Thread
|
Next Thread
»
|
All times are GMT. The time now is 14:38.
Calendarrr | ad-hac | sparsify | aegisctl
MilkyTracker | Mosh
Firmware Flashing Guide
Last edited by itsnotabigtruck; 2012-04-16 at 17:10.