Android Executes Everything You Type

g1

This is one of the more bizarre bugs we’ve ever heard. The T-Mobile G1 has an open root shell that interprets everything you type as a command. It was discovered when a user just happened to type the word ‘reboot’ in a conversation and the phone immediately rebooted. A patch has already been rolled out to fix this issue. It also buttons up the earlier telnetd SUID problem.

[photo: tnkgrl]

Getting Root On The G1

If you’ve been holding off on a T-Mobile G1 purchase because you didn’t like the apparent user restrictions, there’s some good news. The Android powered phone comes with an easy button for getting root. Install a terminal app and you can manually start the telnetd service. All that’s left is telenetting into the device and it’ll give you root level access.

Smart Phone Hacking Roundup

[vimeo 2049219]

T-Mobile’s G1 was released last week and there has been at least one Android vulnerability announced already. The New York Times reported on research done by [Charlie Miller], who also helped find one of the first iPhone bugs, so we think the report is fairly credible. Last year, we saw him deliver a seminar on real world fuzzing at ToorCon 9. It covered exactly how they found the iPhone bug.

If you just want to use a G1 without service, you can activate it with any T-Mobile SIM card.

Above is Boing Boing Gadgets’ concise video review of Griffin AirCurve. It’s garbage. We first talked about it in our loaded horn post because it looked like something fun to redesign.

The iphone-dev team published a video today showing access to the iPhone’s baseband processor. They connect to the device over ssh and then use minicom to issue AT commands. They’re writing custom AT commands for full control.

Android Source Code Released

[youtube=http://www.youtube.com/watch?v=7Y4thikv-OM&fmt=18]

Google has officially released the Android source code. While the T-Mobile G1 is being released tomorrow—some already have it—it is just one Android device. The availability of the source means that the platform could be port to almost any device. It’s a complete embedded Linux package and we’ve already seen it running on the N810. We can’t wait to see what hacks come out of this.