This is not a drill: Hackers pop stock Nexus 6P in five minutes The Nexus 6P appears to have been hacked with attackers at the Mobile Pwn2Own contest installing malware without user interaction in less than five minutes. The hack by China's Keen Team happened minutes ago at the Tokyo event and does not require users to do anything. It is as of the time of writing yet to be confirmed but …
"and everyone knows that million-to-one chances come good nine times out of ten "
Many years ago a colleague added a diagnostic routine to the mainframe OS. He saw there was a "turning the corner" condition that would produce an erroneous message on the operators' console. As it was in the order of "one in a million" - he did not see it as a problem and a quick test seemed to go ok.
The first morning it went into the live system the operators quickly complained about the recurring message. With hindsight it was realised that the number of times the diagnostic code was entered in normal operations meant that the "one in a million" case would occur very often.
An AC called Franky offered "Unless it's running October 2016 security patch, Franky not interested..."
Why? Why are you using some bizarre reverse-inductive logic?
"The Sun has 'come up' every morning for billions of years, but today's the day when that long streak ends." EQUALS "All previous versions have proven to have been insecure, but starting in the month of October, in the year of our Lord 2016, the end is nigh. Uncrackable security has arrived."
The contest will probably run again next year. And the year after that. Etc.
The iPhone one required some user interaction: browsing a rogue site that was able to force the install of a rogue application, but that install didn't persist after a reboot so they didn't get the full payout. The Nexus was hacked via text message, and didn't require the phone to even be touched.
the iphone exploit that didn't survive a reboot is a SECOND exploit. both the Iphone and Nexus were remote hacked without intervention. Read the blog.
also a webpage that can deliver an explot is far more dangerous than text message. It's easy to shutdown a malious sender of texts, but you can infect lots of phones very quickly from a webpage
Isn't it time to admit that the LinTard OS is the least secure OS in the world, and that the developers will be patching the OS for the next 1000 years and it still won't be an insecure Piece of Shit?
Rip it up, and start over.
Rip it up, banish all of the LinTard Fanboys, hire some adults and get on with the job of producing a secure system that isn't a UniTard abomination.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
