Welcome to nsane.forums
Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.
- Access special members only forums
- Start new topics and reply to others
- Subscribe to topics and forums to get automatic updates
Search the Community
Showing results for tags 'Rooting'.
Found 2 results
Reefa posted a topic in Security & Privacy NewsMillions of Android phones, including the entire line of Nexus models, are vulnerable to attacks that can execute malicious code and take control of core functions almost permanently, Google officials have warned. The officials have already uncovered one unidentified Google Play app that attempted to exploit the vulnerability, although they said they didn't consider the app to be doing so for malicious purposes. They are in the process of releasing a fix, but at the moment any phone that hasn't received a security patch level of March 18 or later is vulnerable. The flaw, which allows apps to gain nearly unfettered "root" access that bypasses the entire Android security model, has its origins in an elevation of privileges vulnerability in the Linux kernel. Linux developers fixed it in April 2014 but never identified it as a security threat. For reasons that aren't clear, Android developers failed to patch it even after the flaw received the vulnerability identifier CVE-2015-1805 in February 2015. "An elevation of privilege vulnerability in the kernel could enable a local malicious application to execute arbitrary code in the kernel," an Android security advisory published Friday stated. "This issue is rated as a critical severity due to the possibility of a local permanent device compromise and the device would possibly need to be repaired by re-flashing the operating system." Google officials went on to say they are aware of at least one application that was available both within and outside of the official Play market place that exploited the vulnerability. Many users willingly install such rooting apps to give their phones capabilities that wouldn't be possible otherwise. Still, as Ars reported in October, the root exploits pose a danger to the entire Android user base, even when used openly by app developers to provide added functionality. Late last year, researchers from security firm Lookout found malicious apps available in Google Play that exploited unpatched rooting vulnerabilities to make them extremely difficult for average users to uninstall. Google said its Play marketplace prohibits rooting apps. Company officials also attempt to curb the installation of such apps available in other forums through use of the verify apps feature. Friday's advisory didn't identify the app that was exploiting the vulnerability except to say it was publicly available, both within and outside of Play, and worked on Nexus 5 and Nexus 6 phones. The vulnerability is present in all Android releases that use Linux kernel versions 3.4, 3.10, and 3.14. That includes all Nexus phones, as well as a large number of handsets marketed under major manufacturer brands. Android releases that use kernel versions 3.18 or higher aren't susceptible. Readers with a vulnerable phone should carefully consider the risks before knowingly installing a rooting app that exploits the flaw. They should also avoid apps available in third-party marketplaces, since they are more likely to host apps that exploit the vulnerability maliciously and without warning, and be on the lookout for updates in the coming weeks or months that patch the underlying security hole. The good news is that the flaw requires a local exploit, making remote drive-by Web attacks infeasible if not impossible. SourcE
Disclaimer: I am an old guy with messed up hands and not very good with touch screens, so I've resisted the whole idea for as long as possible, but finally events beyond my control have resulted in my getting a cheap Android phone. Having said that, as a (long, but part-time...) Linux user I know that having root access can be very helpful. Specifically with regards to Android apps it is also obvious that many require root access. So I've started looking at info about rooting and found references to the XDA dev forum right away that is way more complicated than my old brain can get itself around. I've seen ample mention of the Framaroot app by someone at that forum too. It has many versions - and looks enticing - but I'll need the specific model # from my phone (in transit) before I can tell if it can or will work. Found some nifty looking articles on the topic, like these: Fastest Method to Root any Android Phone Without a Computer http://techverse.net/fastest-root-android-phone-computer/ How to Root your Android Phone or Tablet and Why you Should http://techverse.net/how-to-root-your-android-phone-tablet-and-why/ Of course there's loads of references to using modded versions like Cyanogenmod too. Would some of the helpful & experienced folks here please share helpful pointers for easily & safely gaining root access on Android-powered devices, please ?? Thanks.