Quote:
Originally Posted by TadW
Wow. I mean wow! Just look at /usr/bin/do_updates!
Someone really doesn't like us to have SSH access, right?
|
It could be claimed that it is a generic security "improvement", but it really address a honestly installed dropbear, not a hidden one from any cracking tool. Nice mine trap in any case, because do_updates was a inert script in previous version (old-root linuxrc doing the real update work) so nothing was expected to jump from it.
At least it is not a personal mine: it does not frozen the iLiad to extract 75 euros from you. On the other hand, it should not be sensible to do it, as an iLiad owner have the right to look into the internals of the firmware (except for propietary code as DisplayMgr and so).