English

Dirty Cow threat for KitKat?

Tags: #<Tag:0x00007f05de14b1b8>

Heard about Dirty Cow on the radio this morning. Will FP1 with the update to KitKat be protected against this Dirty Cow?

Despite its issues with software FP has proven quite reactive with security fixes overtime. Also the patch itself (this is an example of a linux kernel being patched for dirtyCOW) is pretty simple so it should not pose too many issues.

Also, don’t worry too much about it for now, this exploit is important because it’s been active for years, is easy to use and has been found by third parties before it was known but overall such exploits are not uncommon. For most of them we don’t even hear about them but some are exceptions because there’s a tendency lately to brand discovered vulnerabilities in the open-source community (you might have heard of Heartbleed, or Stagefright). Journalists (usually without technical knowledge of the issue) then do a lot of fear mongering.

So yeah, most probably. But if you want to have a definitive answer you’ll have to contact support since this is a community-led forum.

3 Likes

As sysadmin I found my Redhat servers and desktops having restarted overnight due to automatic kernel patch for dirty cow. I read that only local users may “profit” from any exploits. Question: Am I the only local user on my android ?

Each Android app runs in its own dedicated UNIX user.

Thanks @Roboe , maybe I was guessing this, but are all different app users really local users in the sense of dirty cow ?

I don’t know if there’s any difference, I just wanted to give some (I think useful) info, :slight_smile:

Today I have read that dirty cow and rawhammer have been found harmfull for android . With a new name “Drammer” especially for samsung’s galaxy devices including nexus the effects on ARM are the same as for INTEL platforms including rooting . ( german magazin Heise’s Security forum)

@Roboe: I shall answer my own question here again : yes, every single app may corrupt android’s security because every app has it’s own user.

1 Like

More on this. I must admit I fail to see how a reliable software solution to this could be made that does not impact performance greatly.

1 Like

Quoting the link you posted:

I might be ignorant, but since FP1s are rooted by default… It all comes down to not installing malicious apps, doesn’t it? So the only way to protect yourself is following these tips for improved security, am I wrong?

“User root” is not the class of root access the vulnerability achieves:

  • In “user root”, root access are derived to a proxy, a root manager (apps like SuperSU, Superuser, etc), requires the user to accept that permission (which is automatically done if you checked the permanent option).
  • On the contrary, this vulnerability doesn’t request permission, but earn it by other means.

It’s basically irrevelant whether your device is rooted already or not; it will achieve it anyway.

Nope, you are completely right. No one is going to force you to install some app you won’t want to install [1]. But anyway, it comes to be a matter of trust on the source (developer) and channel (app store, website if provided as an APK).

[1] = well, Google if you have GMS, but just some few people protested when Google globally forced the installation of their Google Play Services without user interaction nor acceptance, even on old devices with lack of space and absolutely no need for the new backported features. (That was in fact the event that definitively changed my mind and the trigger for me to investigate NoGApps/microG, btw)

2 Likes

4 posts were merged into an existing topic: :pencil2: Living without Google 2.0 - A Google free FP2

This topic was automatically closed 182 days after the last reply. New replies are no longer allowed.