So what does anyone at Central know about this?
Hackers urge all EVO 4G owners to root device citing security flaws ? Boy Genius Report)
Hackers urge all EVO 4G owners to root device citing security flaws ? Boy Genius Report)
EVO Vulnerabilities
- Thread starter barko12
- Start date
Why is the link disappearing on Chrome? I see the link for about a split second then it disappears.
Not sure why the link is disappearing. As Apple biased as BGR is, I'm hoping is propaganda trying to scare us EVO purchasers tomorrow. Just wanted to see if anyone else had heard about this.
I read somewhere that the only way those vulnerabilities could take place is if you download a malicious app onto your phone. That is.. an app that's not in the android marketplace. Soo.. just stick to the android marketplace apps, and you'll be fine. I can't find the exact news source I saw this at though..
I got it, had to look through the page source to find it though. It's the one about rooting your phone to make it safer right?
I don't plan on storing any "personal data" on my phone, so the most they'll get out of me(in the rare chance this is true) are friends phone numbers, which would be annoying to them I'm sure if they started getting random calls.......but I'm not gonna worry my head off about it till I see some more evidence of this issue.
Roots can be messy sometimes. *shrug*
Roots can be messy sometimes. *shrug*
I deleted links to their blog because I'm now with DIRK that this is all too convenient and likely an attempt to actually screw up your phone/Sprint's network/etc.
DON'T ROOT YOUR PHONE UNTIL YOU KNOW MORE INFORMATION. BE SKEPTICAL....
I'm trusting Sprint/HTC/Google rather than some random dude from Canada.
The title of that article says it all:
"HACKERS urge all Evo 4g..."
DON'T ROOT YOUR PHONE UNTIL YOU KNOW MORE INFORMATION. BE SKEPTICAL....
I'm trusting Sprint/HTC/Google rather than some random dude from Canada.
The title of that article says it all:
"HACKERS urge all Evo 4g..."
Last edited:
This is why I love open source. Instead of just apple developers, we have a community of experts looking through the code perfecting and finding security holes. I was on the edge for rooting tomorrow, but now I'm def in!
DirkBelig
Well-known member
Um, what holes? We don't know what holes are present, just some anarchist anti-Sprint (read: anti-capitalist/corporate) guys are shrieking that Sprint has an “anti-user approach” and thinks that we should be given root access out of the box. Yeah, that's a brilliant idea. Give every single person Administrator-level access to muck about in the phone's innards and if they brick it, then the carrier has to spend money supporting this user who was playing where they shouldn't oughtta.
I once had a user who nuked her Windows 98 PC after "trying to clear some space" on her hard drive and in the process deleted things like the boot.ini and config.sys files and then wondered why her system wouldn't start. Give every soccer mom and corporate suit root and they'll do the same damn thing while trying to install Vegetales cursors.
If people want to stroll the dark alleys of ROMs, hacks, roots, and patches, then they can do so after jumping thru a few hoops to keep the hapless at bay. These guys in the article are talking loud, but I'm suspicious of their agenda.
Don't forget that BGR did some heavy damage to the Pre by posting a "review" of a beta unit they'd gotten their hands on and bashed it for not being up to final retail snuff. Got them a ton of traffic and their specious complaints got echoed in the legitimate media, so it was a win for them, a loss for truth.
EDIT: This comment says it all: "And why should we trust the fagalumps who rooted the EVO? Why are they anymore believable than Sprint? Why are these people the best friends I never knew I had? Sure, let me go ahead and put an unsanctioned, untested, incomplete ROM on my new toy that costs me an extra $10 a month. Yes, I will trust complete strangers on the health and usability of my shiny happy. What was I thinking? Of course BGR knows best — the same blog that kowtows with blatant bias to all things Apple and suddenly advises any Sprint users to wipe their phones and go rogue."
The night before an important product launch, mysterious unknown people tell you of a dark conspiracy to expose you to harm and claim it's being run by the very carrier your new phone will run on. Unless the carrier accedes to the demands of these secret hackers, they will “hold the exploits close to [their] chest,” which sounds more like a threat than anything. But lookie lookie! They have a special root method that will protect the customers from the evil Sprint! All you need to do is install this Magic Fix from the people you don't know and you'll be safe from Dan Hesse's nefarious plan!!!!
This is a joke, right? You people are just gonna take the tinfoil hat words from unknown people quoted on a site with a known antipathy toward anything but their favored brand and who'd like to use FUD to slow the launch of the EVO until the next Jesus Phone is unveiled? They say "root" and you say, "How high?"
Good luck with that.
I once had a user who nuked her Windows 98 PC after "trying to clear some space" on her hard drive and in the process deleted things like the boot.ini and config.sys files and then wondered why her system wouldn't start. Give every soccer mom and corporate suit root and they'll do the same damn thing while trying to install Vegetales cursors.
If people want to stroll the dark alleys of ROMs, hacks, roots, and patches, then they can do so after jumping thru a few hoops to keep the hapless at bay. These guys in the article are talking loud, but I'm suspicious of their agenda.
Don't forget that BGR did some heavy damage to the Pre by posting a "review" of a beta unit they'd gotten their hands on and bashed it for not being up to final retail snuff. Got them a ton of traffic and their specious complaints got echoed in the legitimate media, so it was a win for them, a loss for truth.
EDIT: This comment says it all: "And why should we trust the fagalumps who rooted the EVO? Why are they anymore believable than Sprint? Why are these people the best friends I never knew I had? Sure, let me go ahead and put an unsanctioned, untested, incomplete ROM on my new toy that costs me an extra $10 a month. Yes, I will trust complete strangers on the health and usability of my shiny happy. What was I thinking? Of course BGR knows best — the same blog that kowtows with blatant bias to all things Apple and suddenly advises any Sprint users to wipe their phones and go rogue."
The night before an important product launch, mysterious unknown people tell you of a dark conspiracy to expose you to harm and claim it's being run by the very carrier your new phone will run on. Unless the carrier accedes to the demands of these secret hackers, they will “hold the exploits close to [their] chest,” which sounds more like a threat than anything. But lookie lookie! They have a special root method that will protect the customers from the evil Sprint! All you need to do is install this Magic Fix from the people you don't know and you'll be safe from Dan Hesse's nefarious plan!!!!
This is a joke, right? You people are just gonna take the tinfoil hat words from unknown people quoted on a site with a known antipathy toward anything but their favored brand and who'd like to use FUD to slow the launch of the EVO until the next Jesus Phone is unveiled? They say "root" and you say, "How high?"
Good luck with that.
Last edited:
/system/bin/sh is vulnerable to an exploit.
What those unrevoked jokers aren't saying is that /system/bin/sh is ALWAYS vulnerable to an exploit. They just found this one, and feel the need to beat their own drum a bit
What those unrevoked jokers aren't saying is that /system/bin/sh is ALWAYS vulnerable to an exploit. They just found this one, and feel the need to beat their own drum a bit
DirkBelig, you forgot the /rant
But in all seriousness, I totally agree. They have the cure all for my brand new $200 piece of tech? I think not. While I still might root, I will not use their method until it is tested and confirmed thousands of times.
But in all seriousness, I totally agree. They have the cure all for my brand new $200 piece of tech? I think not. While I still might root, I will not use their method until it is tested and confirmed thousands of times.
This unrevoked app is supposed to be a patch for an exploit they found. He says it is something Sprint did with the UI but Sprint doesn't have anything to do with the UI. It should be all HTC.
Matt Mastracci: "This is the author of the aforementioned post. As much as I’d love to be paid off by Apple, I have yet to receive my cheque.
I’m in the process of transitioning from iPhone to a Nexus One thanks to my overwhelmingly positive experiences with 2.1 and 2.2 and my general distate for Apple’s dev policies. I might have considered keeping this EVO, but Sprint doesn’t offer service in Canada, leaving me with a large (nice screen!) Wifi couch-surfing device.
As I mentioned in the post, Sprint and Google were fast to move on the issue we reported to them. Sprint should be releasing an OTA update at some point to fix the major bug we found.
I recommend installing the unrevoked root application we’re launching tonight to protect against one of the problems we’ve found. Not only does it give you control over your device, but it also makes your device slightly more secure in the process. It’s also a very minimal root: it installs the superuser application and the safe su binary that give you control over the device.
We’ll be releasing details of the exploit later on."
Matt Mastracci: "This is the author of the aforementioned post. As much as I’d love to be paid off by Apple, I have yet to receive my cheque.
I’m in the process of transitioning from iPhone to a Nexus One thanks to my overwhelmingly positive experiences with 2.1 and 2.2 and my general distate for Apple’s dev policies. I might have considered keeping this EVO, but Sprint doesn’t offer service in Canada, leaving me with a large (nice screen!) Wifi couch-surfing device.
As I mentioned in the post, Sprint and Google were fast to move on the issue we reported to them. Sprint should be releasing an OTA update at some point to fix the major bug we found.
I recommend installing the unrevoked root application we’re launching tonight to protect against one of the problems we’ve found. Not only does it give you control over your device, but it also makes your device slightly more secure in the process. It’s also a very minimal root: it installs the superuser application and the safe su binary that give you control over the device.
We’ll be releasing details of the exploit later on."
Last edited:
DirkBelig
Well-known member
No, because the rant never stops.
WTF is all this "give you control over the device" noise about. This smacks of Trustafarian, hippie, EFF, "information is meant to be freeeeeeeee, mang," codswallop in which we're apparently just carrying around a device we can't "control" meaning, I suppose, we can't make calls to the people we want to, install apps from the Marketplace, or have the assurance that our precious bodily fluids aren't being contaminated by the CIA, mang!!
Am I the only one who finds it REALLY hinky that we're supposed to believe that with all the devs who got swagged EVOs at I/O plus all the QA that goes on with HTC, Google, and Sprint that some supposedly devastating bug has slipped past everyone but these guys who just happen to have a Magic Bullet fix that - TRUST THEM - will protect you and empower you and make your manhood three feet longer and grow fangs if would you kindly make applying their "fix" the first thing you do with your new phone.
I know that legit security holes are found by solitary nerds all the time - like the vulnerability in DNS that could've caused the entire Internet to be hijacked - but so many aspects of this story and supposed solution have my BS Detector pegged so hard the needle's got a 45-degree bend in it.
What happens if this root is actually the exploit? Remember the chain email that went around several years ago telling recipients to delete standard Windows files on the pretense they were viruses? (The creator of that didn't have to code a thing to delete anything or forward it on; it was all social engineering: delete this because we told you to and pass it on.) So the spooked run the root, jack up their phones, mess up the network, leading to weekend headlines about how Google's Android phone is vulnerable to attacks and hey, look at this, Steve Jobs is coming on stage with a new toy and a speech about his his iron-fisted control of everything is in the consumer's best interest because, don't you know, those insecure Android phones had a massive virus attack over the weekend and that's what you don't have to worry about with Apple's locked-down and secure stuff.
How convenient.
100% agree and well said.
:::::TO ALL THE NON-DEV's THAT FOLLOW THIS SITE:::::
You're putting yourself at serious risk by believing this random guy in Canada. Don't just trust him because your blinded by your Evo obsession right now. BE SKEPTICAL. Don't just jump on the train and root your device unless you're willing to accept the consequences.
Proof will come if this is real or not...and if it IS real - Sprint/HTC/Google will fix it.
Be careful what you read on the internet.
Thanks for the input. I don't think this is a huge coincidence being released by BGR the night before a launch and no other sites are reporting this issue. I agree that I may still root my EVO, but not because of this article.
Great community! Thanks again. Now its time to get my EVO.
Great community! Thanks again. Now its time to get my EVO.
Similar threads
Trending Posts
-
[Chatter] "Where everybody knows your name ..."
- Started by zero neck
- Replies: 53K
-
Samsung watch6 or pixel watch 2 to use with pixel phone now that the GW6 is $239?
- Started by jcar302
- Replies: 0
-
Question sony xperia xz3 cannot detect usb(file transfer) android 13
- Started by kerokekerol
- Replies: 1
-
News Exclusive: Meta's upcoming glasses are the OMG moment that AR needs- Started by AC News
- Replies: 0
Facebook
Twitter
Instagram