Thread: I'm leaving... thank you all!
View Single Post
Old 11-30-2012, 08:47 AM   #26
ixtab
(offline)
ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.ixtab ought to be getting tired of karma fortunes by now.
 
ixtab's Avatar
 
Posts: 2,907
Karma: 6736092
Join Date: Dec 2011
Device: K3, K4, K5, KPW, KPW2
Quote:
Originally Posted by Fluribus View Post
I wouldn't say that there is no security threat here. What if the owner is tricked into placing a malicious file onto the Kindle? Could an infected computer look for a Kindle to be connected via USB and write the malicious file without the user's knowledge? How many users have even considered the possibility that their Kindles could be hijacked?
Reality check: while this is theoretically possible, it would be targeting such a "niche market" that it's simply not worth the effort from an attacker's point of view.

Anyway, I'm currently looking into how 5.3.0 can be jailbroken. I'm not entirely there yet, but I did find a vector* which requires manual user intervention (interaction ON the device screen), no way to automate it. Would that qualify as "benign and safe enough" for you? If so, would you agree that Amazon should leave that little loophole in? And do you think they will?

(*) No, I'm not going to disclose anything right now, no need to ask.
ixtab is offline   Reply With Quote