Preston bypass surgery

Nov. 13th, 2008 10:00 am
hirez: (dissent)
[personal profile] hirez
My MP3 player is haunted by the uneasy spirit of Peelie: Black and white rag followed by LFO (Leeds warehouse mix). Toasty.

Embedded types: both the Android and iPhone appear to run everything as root. Why is this? Given everything we've learned since epoch (and probably everything else that the Multics chaps were bellowing from outside the locked door) about security and least-priv and the tenacity of your average hacker; seriously, why is this?
  • Current Mood: Sprocket
  • Current Location: Briggs & Stratton
  • Current Music: WOMUMP
Tags:
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2008-11-13 10:19 am (UTC)
From: [identity profile] dan-lane.livejournal.com
The iphone runs user apps as the "mobile" user. Android isn't supposed to run everything as root but due to someone leaving a debug mode on in the shipped ROM everything you type is piped to a root console :(

Date: 2008-11-13 10:35 am (UTC)
From: [identity profile] hirez.livejournal.com
Ah. Perhaps I base my assertions on old or incomplete information: http://blog.metasploit.com/2007/09/root-shell-in-my-pocket-and-maybe-yours.html

Date: 2008-11-13 10:19 am (UTC)
From: [identity profile] steer.livejournal.com
seriously, why is this?

Because they're single user devices?

Date: 2008-11-14 05:39 pm (UTC)
From: [identity profile] neilh.livejournal.com
...and that user is the network, it just so happens they present a pretty local interface so the poor sap carrying the thing around can send SMSs and set annoying ringtones.

Any phone that lets the user control it properly is going to get ditched by the network pretty quickly.

Date: 2008-11-16 01:04 pm (UTC)
From: [identity profile] steer.livejournal.com
It was intended as a question rather than a statement?


Any phone that lets the user control it properly is going to get ditched by the network pretty quickly.

Why? I'm genuinely curious here. I'd have thought they'd be fine with anything since all messages sent are chargeable AFAIK.

Date: 2008-11-22 10:25 am (UTC)
From: [identity profile] neilh.livejournal.com
The networks give you shiny phones for heavily subsidised prices, as part of that they feel a need to control what you can do with them. They see themselves as portals or some kind of way of life rather than the bit-pipe that landline ISPs have become.

Any proper phone these days will have wireless network access anyway, so you don't have to use their pipe anyway.

Date: 2008-11-23 12:17 pm (UTC)
From: [identity profile] steer.livejournal.com
The networks give you shiny phones for heavily subsidised prices, as part of that they feel a need to control what you can do with them.

Sure -- but that control is usually done in terms of trying to control which network you can access. (Pressure on phone manufacturers so you can't hotswap SIM cards, no "roam to another network" in your home country -- both technologically easy). I'd genuinely have thought that anything which shoves chargeable bits through their part of the spectrum and doesn't get them sued would be fine with them.

Date: 2008-11-13 10:36 am (UTC)
From: [identity profile] jarkman.livejournal.com
I've done a bit more poking about, and I do not think it is the plan to run everything as root in Android :

"On the system side, we’re moving towards a tighter security policy. In M5 lots of things run as root, but in the next version almost nothing runs as root. We use the minimum privileges necessary."

I am not expecting the current 'jailbreak' recipes to survive the next firmware update - I think they were just exploiting some left-behind dev hooks.

Date: 2008-11-13 10:42 am (UTC)
From: [identity profile] hirez.livejournal.com
Aha. Yes. That makes much more sense.

Date: 2008-11-13 10:55 am (UTC)
From: [identity profile] gaius-octavian.livejournal.com
In the case of the iPhone I'm guessing because Mach IPC is way more efficient if it doesn't have to ACL check every message.

Date: 2008-11-13 01:31 pm (UTC)
From: [identity profile] sarah-mum.livejournal.com
Unconnected to this, but suitably random...
Have you seen the latest edition of 2000AD? "Ampney Cruices Investigates" made me think of you.

Was it you or Sneerpout who invented the concept of 'English Villages that sound like homosexual gentlemen. corolory = Denholm Elliott'?

Date: 2008-11-13 02:20 pm (UTC)
From: [identity profile] hirez.livejournal.com
Ta very much. Way back on this LJ, I recall going on about the adventures of Elmstone Hardwick and Stanley Pontlarge...

Date: 2008-11-14 06:11 am (UTC)
From: [identity profile] jendama.livejournal.com
*snicker*

Date: 2008-11-13 08:30 pm (UTC)
From: [identity profile] markeris.livejournal.com
coincidentally I had a very satisfying time last evening proving to myself in the most pleasant way possible that the leeds warehouse mix smashes up against Radio Babylon by Meat Beat Manifesto in a most agreeable fashion.

Hurrah for LFO.

I also recall the track having accidental anti copying mechanisms - your standard woolworths C60 simply couldn`t handle the bass frequency.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

hirez: More graf. Same place as the other one. (Default)
Julia Rez
Remarkably.placid.horse

May 2025

S M T W T F S
    123
45678910
11121314151617
18192021222324
2526272829 3031

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Mar. 22nd, 2026 08:48 am
Powered by Dreamwidth Studios