Google Gets to the Root of the Problem
It was this time last year — almost to the day — that Google revealed their plan for gaining a share of the ever-so-profitable mobile phone market. Though we all thought it would be a true gPhone — designed, manufactured, and marketed entirely by Google — we were nonetheless excited and intrigued by what was actually revealed: Android, an Open Source, Linux-based mobile OS.
The path through Android's development to the eventual release of the first "Googlephone" — the T-Mobile G1 — had its fair share of bumps and potholes. Post-release is proving to be rather rough as well: A high-profile vulnerability discovered in late October and patched last week brought the company criticism not only over the flaw itself, which involved a long-since-patched vulnerability, but more so over Google's response to security-researcher Charles Miller's public disclosure of the vulnerability. Now, a new vulnerability has come to light and has drawn the search giant even more fire.
The latest flaw — which is in the process of being patched via an over-the-air and reportedly involuntary update — was disclosed last week in what was characterized as a "jailbreak" of the G1. At first glance, most sources believed the glitch to allow as-needed root access to the phone, providing users with the opportunity to bypass limitations on the phone and run applications outside the "sandbox" designed by Android's developers. However, it was quickly discovered that the issue was not a "jailbreak," but rather a serious flaw in Android's code which caused a root shell to run invisibly on the device — a root shell which received and executed every keystroke entered on the device. rm -rf, anyone?
Though obviously embarrassing for Google, the bug is not out-of-the-ordinary, and was likely a debugging hack that failed to find its way out of the production release. Some — presumably before learning the full extent of the vulnerability — were quick to criticize Google, comparing the company's actions to Apple's ironfisted control of the iPhone. Questions were raised over Google's commitment to keeping Android an Open Source project — questions which echo, though in a radically different context, ones raised just a few months ago.
This time at least, it appears Google's motives lacked sinister overtones of corporate control — but who knows what evil lurks in the code of Android?
Justin Ryan is a Contributing Editor for Linux Journal.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
|CentOS 6.8 Released||May 27, 2016|
|Secure Desktops with Qubes: Introduction||May 27, 2016|
|Chris Birchall's Re-Engineering Legacy Software (Manning Publications)||May 26, 2016|
|ServersCheck's Thermal Imaging Camera Sensor||May 25, 2016|
|Petros Koutoupis' RapidDisk||May 24, 2016|
|The Italian Army Switches to LibreOffice||May 23, 2016|
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Secure Desktops with Qubes: Introduction
- Chris Birchall's Re-Engineering Legacy Software (Manning Publications)
- The Italian Army Switches to LibreOffice
- Linux Mint 18
- Petros Koutoupis' RapidDisk
- ServersCheck's Thermal Imaging Camera Sensor
- Oracle vs. Google: Round 2
- The FBI and the Mozilla Foundation Lock Horns over Known Security Hole
Until recently, IBM’s Power Platform was looked upon as being the system that hosted IBM’s flavor of UNIX and proprietary operating system called IBM i. These servers often are found in medium-size businesses running ERP, CRM and financials for on-premise customers. By enabling the Power platform to run the Linux OS, IBM now has positioned Power to be the platform of choice for those already running Linux that are facing scalability issues, especially customers looking at analytics, big data or cloud computing.
￼Running Linux on IBM’s Power hardware offers some obvious benefits, including improved processing speed and memory bandwidth, inherent security, and simpler deployment and management. But if you look beyond the impressive architecture, you’ll also find an open ecosystem that has given rise to a strong, innovative community, as well as an inventory of system and network management applications that really help leverage the benefits offered by running Linux on Power.Get the Guide