We have noticed that things tend to move really fast with Android, Google pumps out updates like there is no tomorrow. Google has found out about our jailbreaking ways, they have already started pushing out an update, RC30, to prevent anyone from gaining root access using telnet. Users can expect an update in the next few days.
Gaining root access means getting into the core functions of Android itself, giving developers the ability to create more useful applications or even port Android to another phone. Google has commented on the issue, “We’ve been notified of this issue (Jailbreaking of Android) and have developed a fix. We’re currently working with our partners to push the fix out and updating the open source code base to reflect these changes.”
This means that, even being open source, Google has to have some sort of control over Android itself. What does this mean for Android, will it really be open source or will it be monitored closely? This situation is being handled a lot like the way Apple has handled similar situations in the past. Do you think Google will take drastic measures in the future?
[Via XDA]
i am not against google for pushing out OTA after OTA..
But these are trivial things compared to the glaring problems the phone currently has.
FIX the freaking issues, and make ur customers happy.
3 OTA's have come out since the phone's debut, yet my battery life still sucks, i cannot close applications when i want, and the phone is severe memory leaks.
Yes I would love to see great apps but I know how much I had to install the OS on my Iphone because of bad apps from hacked developers.
Yes my iPhone was jailbroken.
So I rather have a safe phone than a jailbroken phone. Unlike the iPhone, there is no limitations on Dev anyways so why are they looking to dev apps for jailbroken phones?
i am not against google for pushing out OTA after OTA..
But these are trivial things compared to the glaring problems the phone currently has.
FIX the freaking issues, and make ur customers happy.
3 OTA's have come out since the phone's debut, yet my battery life still sucks, i cannot close applications when i want, and the phone is severe memory leaks.
Android is already open source, the G1 on the other hand is a closed device which happens to run an open source operating system. If people want a open phone then they should buy a Freerunner and flash it with Android. I'm happy with my closed G1.
Wow, that's just ignorant.
One way this could hurt you very much:: Any market application could use this hole to root your device, and brick it. (run telnetd, automate telnet back to the device) You'd be stuck with a bricked phone until you got a replacement, which you'd probably have to pay for. I think that'd hurt.
mods: instead of worrying about people posting links to compeditors, why dont we regulate these multiple threads on the same topic?
and furthermore, instead of bashing google saying its open source and they shouldnt close the hole. the hole is an exploit! its not an app designed to give root access, and google is disabling it. its a flaw!
people are ignorant.
go get an iphone.1
LIES!
I was also unaware of the thriving application market for jailbroken Android devices, seeing as how Google makes it next to impossible to install applications from sources other than their own application store.
Perhaps you can fill the rest of us in on both of these topics.
LIES!
Please inform the rest of us as to how Google releasing the source code for Android fails to make it "open source".
and they are going to release the updated code that fixed the flaw.. its opensource but if you understand it.. its the code google released & is build by HTC and put onto our phones.. if you want unsecured code you can buy n OpenMoko or something and run it on.. you are free to do that. but for a consumer phone its so very nessasary to close these holes..
If anything this "jailbreak" is a gaping security hole that should be closed ASAP.
..doesn't stop google from pumping them out...
If anything this "jailbreak" is a gaping security hole that should be closed ASAP.
1) use Any Cut to create a new Shortcut on your desktop
2) pick Activity
3) pick Device Info
4) Tap on the new icon, scroll to the bottom and select Check for upgrade
5) Phone will automatically download & install RC30
6) Enjoy a safer phone
One upgraded earlier this evening, the second I AnyCut shortcut for "Device Info" and selected "Check for Upgrade" and it pushed it to the phone right away (you will see continuos data activity then the message to upgrade)
The build is RC30 (116143)
Also I don't see ANYTHING postponed.... They may have had a halt on OTA for a short time but it seems to be over.
In short, while OTA update for RC29 was being pushed, someone found a security exploit that compromised data and operational security on the phone, so Google stopped pushing RC29 and instead worked on a fix, i.e. RC30, which is being pushed out as we speak.
The only people who are therefore impacted by the security vulnerability are people who updated to RC29.
1) use Any Cut to create a new Shortcut on your desktop
2) pick Activity
3) pick Device Info
4) Tap on the new icon, scroll to the bottom and select Check for upgrade
5) Phone will automatically download & install RC30
6) Enjoy a safer phone
Typing this from my g1 so sorry for any errors or typos
octoberriot wrote:
But, WTH, why are we talking about this? I mean, I like Android. I think it's a kick-ass start for a killer Linux-based mobile OS. Let's work on that and not waste time and effort on stuff like Debian-on-G1.
...
Besides, if a DEVELOPER is SMART they'll write a Linux distro custom-compiled for the G1 that isn't risky for average dullards like me, and I'd PAY MONEY to have a nice KDE or Gnome desktop. HINT HINT!
rc29!!! =)
in order for this to become a security problem you would have to turn on telnetd and forget to turn it off.
Because telnetd does not auto start a simple reboot would be enough for even a lazy person to "re-secure" their phone.
Google wasted time stopping people from using their own device with no security gain.
There is no gain from either the providers or Google by locking users out of the filesystem.
in order for this to become a security problem you would have to turn on telnetd and forget to turn it off.
Because telnetd does not auto start a simple reboot would be enough for even a lazy person to "re-secure" their phone.
Google wasted time stopping people from using their own device with no security gain.
There is no gain from either the providers or Google by locking users out of the filesystem.
- And remember if your G1 is NOT rooted, well then My g1 can kick your G1s a## any-day-of-the-week!
Bye bye now!