View Single Post
Old 10-24-2015, 09:20 AM   #180
Rizla
Member Retired
Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.Rizla ought to be getting tired of karma fortunes by now.
 
Posts: 3,183
Karma: 11721895
Join Date: Nov 2010
Device: Nook STR (rooted) & Sony T2
Quote:
Originally Posted by knc1 View Post
The full answer should be obvious in a week's time.
But consider what has to happen to install our developer's signature certificate; execution of arbitrary code with 'root' privileges. Never a nice thing on any computer system.

For instance, the 2012 vulnerability was not under the user's control, which is why it could represent a threat. (See links above for details of that one).
Seeing as it's installed by a user on their device (presumably connected to their computer via a cable), and another user cannot access it remotely, I don't see any practical threat, but obviously you know a lot more about it than me, and I understand your reluctance to discuss the details.

Edit: Okay, I see that if the device is rooted, theoretically connecting to a malicious web page could be a threat.

Last edited by Rizla; 10-24-2015 at 09:24 AM.
Rizla is offline   Reply With Quote