Thread: QuadRooter: New Android Vulnerabilities
View Single Post
juiceme is offline juiceme
2016-08-09 , 09:24
Community Council | Posts: 4,920 | Thanked: 12,867 times | Joined on May 2012 @ Southerrn Finland
#15
Originally Posted by pichlo View Post
Originally Posted by juiceme View Post
On a more-or-less standard Android device this attack might be rolled into a generic package that can take control of the device and either used to leak data or use it as a part of a botnet.
But that's exactly my point! You do not need to exploit any vulnerability or become root to do any of the things you mention.

I know that especially Linux users like to think in terms of root vs non-root and yes, root can cause a damage to the system, but the days when the system was the part worth protecting are gone by at least two decades. Wake up to the 21st century, people. The system is replaceable. The bits that need protecting are your user data. Those do not need a root access to be compromised.
Actually, on an unrooted & uncompromised Android device you cannot do that much damage or leak personal information;

Case in point, something like an year ago a friend asked me to backup messages from her device. The phone was unrooted older Samsung Galaxy model, and I had really hard time breaking into the darn thing to gain access to the messages without wiping the device in the process. (when bootloader is unlocked it would wipe it, and have you ever tried rooting a device when bootloader is locked, hmm...)
Anyway, only signed and trusted applications can access the personal information storage which is root accessible only.


Originally Posted by pichlo View Post
Originally Posted by juiceme View Post
TLDR; probably you are safe in any case. If you do not install Alien Dalvik at all, you certainly are safe.
Again, my argument is that you are not safe. You might be safe from an overhyped threat of the week but you are totally unprotected against any potential malicious activity any native Sailfish application may want to do. (Case in hand: the flashlight app, the first Sailfish malware that sprung up just weeks after Sailfish was first released.)
On SFOS the thing is a bit different, all user private data is under the home directory and almost all of it is accessible with nemo user permissions. With a malicious application it is quite easy to mess up or exploit anything.
However you cannot (at least not easily) incorporate rootkit-like functionality into an application submitted to the Jolla Harbour as the needed library interfaces are not permitted in applications;
A rogue application might steal your data, but it cannot modify system so that it hides a backdoor and refuses to uninstall, for example.

All bets are off, of course when you install apps from other sources. That's why I have a simple rule for myself; only install what you yourself have built and check the projects for funny business before you do so.
 

The Following 3 Users Say Thank You to juiceme For This Useful Post: