Update: I've released INCEPTION 0.1.1, an interim release that is fully compatible with today's developer mode update. The new version can be downloaded from the INCEPTION website. PR1.3 compatibility will be included in a future update along with significant new functionality. If you appreciate my work, any donations would be greatly appreciated.

Nokia recently released a series of updates to developer mode packages that prevent use of chroot from unsigned apps. Among other things, this interferes with INCEPTION. As a result, it will no longer be possible to set up INCEPTION with the new updates installed.

This does not affect users who have already enabled INCEPTION (using pasiv) - everything else will continue to work.

While a entirely new version of INCEPTION is awaiting release that averts this and other problems, in the meantime it's recommended to avoid upgrading developer-mode, develsh, and aegis-developer-unknown-source-policy.

In the event that you've already upgraded or that you hadn't previously enabled developer mode, you can install the downgraded packages using the following command:

devel-su -c 'apt-get install aegis-developer-unknown-source-policy=1.19+0m6 developer-mode=1.42+0m6 develsh=1.16+0m6'

If you know anyone who has an N9(50) but hasn't installed INCEPTION, please remind them. Thanks!

Feel free to update to latest version if you want to patch the security hole that inception currently is using (and if you want to protect your device against malware from using the same hole).

As qole argues, this is a fine argument if Harmattan is Nokia's flagship OS and has to worry about malware.

However, we didn't have a malware problem on the N900 and I suspect there are similar numbers of users of the N9 (if that)

Your statement is not totally true (yes N900 didn't have many issues since it was IT nerds only device vs. N9 is more like commercial product).

Its good that end users haven't noticed any malware in N9.

But ovi store QA has already rejected or removed multiple malware applications from the store... so I wouldn't be surprised at all if someday at least deb packages from unknown origin would spread to user devices in some form of useful 'utility' or 'game'. Or some 'utility' or 'game' manages to hide itself long enough to spread in to high number of devices from the store.

But yes, might be danger only in theory, then then again, I wouldn't leave possible exploit hole unpached in my ubuntu system just because I know that 'most likely' no deb packages would exploit that hole.

I guess I'd rather have it patched and use open mode kernel but that's not to talk down the efforts of inception

Does the hole enable anything else than circumvention of aegis? Because there is no aegis in ubuntu and I am happily using it, thus there could be a potential .deb file that has rm -rf / in postinst. But is that a real threat?

It enables stealing your lockcode, email login/passwords, and sms sending & calling to premium paid datanumbers (without you noticing, untill the next phonebill).

rm -rf / is not that harmfull since you don't lose money and you can reflash (or reinstall in ubuntu). But when your starting to lose your money and privacy details, then you might get a bit more worried.

@rainisto damn, i'm a IT nerd and did not even know it!
[/SARCASM]

I didn't quite understand it now... I already have installed inception using the method in your website, so does that mean I can update my device without losing inception and opensh?

It is definately a potential threat with malware on our devices, however, I dont consider Inception the problem. The problem is in the security hole now patched by Nokia. So this is all good really.
What we need is some control on su access.
Android have the SuperUser.apk, that permits the user to control root access, and disallow where user denies it.
Would be great to see this added to our devices.