Friday, January 21, 2011

Happy birthday to a good friend. You are not 25, you are almost 31 :-)

According to some news site its the 25th birthday of
the computer virus. Or not.


While most of the scientists and malware analysts know
that Fred Cohen did one of the first virus research in 1984,
it is a little known fact that in February 1980 a Diploma Thesis
at the University of Dortmund already discussed self replicating programs (in german). The 80's must have been such a great time. :-)
If you are interested, I also discussed some virus related issues
for UNIX in 2009 here.

Thursday, January 6, 2011

adb trickery #2

Apparently some vendors have reviewed android and also fixed
the ashmem issue in 2.2.1 (along with adb and zygote).


However, I got the first reports for KillingInTheNameOf
working on 2.1 devices. So I made it available
here.


It was really my favorite and I hoped it would become
the Gingerbreak, but 2.3 is not using
ashmem for system properties. Thats life :)




[Update:] it seems like the property space has become
the new playground for breaking froyo devices since this post,
as the ashmem implementation has some shortcomings if
it comes to properly protecting the property space :-)
The security of the whole system relies on the property
space due to ro.secure and other properties.
However for Gingerbread, the property implementation has been
redesigned AFAIK.


Also check out this link for another method of exploiting
ashmem which apparently also works on 2.2.1 devices.


My Gingerbreak works, but I wont release it before a couple
of devices are in the wild so the issue is not fixed before
it can become useful.