Over at MobilePwn2Own at the PacSec conference in Tokyo, Japan, a security researcher named Guang Gong showcased an exploit he’d developed over three months which, if used, could take control of virtually any Android phone with just a Chrome link…
Sony’s Backup & Restore Android application that comes pre-installed on its Xperia Z3 smartphone appears to have been compromised. A Google Play entry has been added for the app listing “Nirav Patel Kanudo” as its publisher, along with the software’s description claiming that it’s managed by the “HeArT HaCkEr Group.”
[protected-iframe id=”b39f4611921b09f9ac17e6fc7b8a4f06-22427743-8994189″ info=”http://live.wsj.com/public/page/embed-EDDA7151_9316_4F64_80FA_EFC2F9F707BD.html” width=”512″ height=”288″ frameborder=”0″ scrolling=”no”]
Google executive chairman Eric Schmidt expressed his shock at reports that the NSA tapped into the internal communications links between Google servers, describing it as “outrageous” in an interview with the Wall Street Journal. The claim was made as part of the ongoing PRISM revelations.
It’s really outrageous that the National Security Agency was looking between the Google data centers, if that’s true. The steps that the organization was willing to do without good judgment to pursue its mission and potentially violate people’s privacy, it’s not OK …
Expand
Expanding
Close
looks like root is easy too: reboot-bootloader gives you fastboot oem unlock. There is fun to be had here…
— Liam McLoughlin (@Hexxeh) April 26, 2013
Update: A post from Google employee Dan Morrill clarifies that, although the original developer claimed a “root is easy”, the process developers are using is actually a ‘fastboot oem unlock’. Rather than exposing a security exploit, Google has actually intentionally left Glass open for devs to tinker with, as further explained by Googler Stephen Lau:
Not to bring anybody down… but seriously… we intentionally left the device unlocked so you guys could hack it and do crazy fun shit with it. I mean, FFS, you paid $1500 for it… go to town on it. Show me something cool.
Updated 2: Founder of the Cydia jailbreak store @saurik provided some clarification on his earlier tweets, informing us that he did not use fastboot oem unlock:
Actually, my device’s bootloader is still locked: I did not use fastboot oem unlock, and in fact that would not have been useful without the source code to the Glass kernel, which was not made available until this morning. I relied on a race condition in the adb restore process, a bug that existed in Android 4.0 (and even Android 4.1). As the Glass ships with Android 4.0.4, the bug was easy to exploit. This exploit was not one that I found, to be clear (unless you count “using Google” ;P): I pulled apart an implementation by@Bin4ryDigit, and adapted it for use on Glass (which required very small modifications to the backup; the entire process of learning the exploit and fixing it took 2 hours).
Saurik later published an article explaining some of the ins and outs of the potential for writing apps for Glass and the exploit he originally took advantage of.
Have you been wondering how long until developers crack into Google Glass to provide full root access and start creating some interesting mods? It appears we might not be too far off with Google intern on the Chrome OS team and hacker Liam McLoughlin confirming on Twitter that a root might be easier than many people think (via selfscreens).
McLoughlin first tweeted that, “There’s a “debug mode” option on Glass that appears to enable ADB access. I got a shell on my Glass :D (no root yet!).” Shortly after it appears he also figured out a root method, tweeting, “looks like root is easy too: reboot-bootloader gives you fastboot oem unlock. There is fun to be had here…”
He isn’t the only one working on a root for Google Glass, hacker @chpwn tweeted today that founder of the Cydia jailbreak store @saurik is in the process of unlocking his Google Glass and Saurik later confirmed:
Expand
Expanding
Close