PhoneNews.com can confirm that the first full T-Mobile G1 update, RC29, has a major bug that could potentially render a device useless.
The update causes all text entered onto the device, to be entered as a shell command. This is most easily resonated by typing reboot after powering on the device, followed by the return key. This can allow a user to activate the root user, and then enter any command on the device with full access to data.
Obviously a major exploit, Google has patched it in the next update, RC30, which has been approved and in the process of being released.
Unfortunately, there is no way to tell if your specific T-Mobile G1 is being updated with either the RC29 update, or if you chose to wait for the RC30 update. The only way to know, is after the device has been updated.
The update highlights some of the downsides with modern Firmware Over the Air (FOTA) implementations. While wireless software updates are generally a good thing, they require documentation so that the user can be informed about the specifics of the update. Here, a user has no way of knowing if they are getting the exploited update (RC29) or the fixed update (RC30).
This update also echos our previous coverage of Verizon’s FOTA implementation, which can be used to update devices without the user’s explicit consent or approval.
3 responses to “T-Mobile G1 Update Contains Critical Exploit, Easy to Abuse”
I got the rc30 update and so far I am THRILLED! I of course noticed the USB mounting option with the rc29 update but now my HANDS-FREE in my lexus works with the phone and it didnâ€™t beforeâ€¦ This was a MAJOR deal-breaker for me and I was looking at the iPhone just minutes beforeâ€¦ now I donâ€™t know if I need to switch.
Just wanted to let people know about this update if they had the same bluetooth problem!
How do I get the update????
I got the update over the air automatically… not sure how to “go n get it” I have seen some suggestions and guidelines online as to how you can “force” the update… check more of the boards like this