Thread: Kindle the best???
View Single Post
Old 06-25-2020, 06:57 PM   #207
pazos
cosiņeiro
pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.pazos ought to be getting tired of karma fortunes by now.
 
Posts: 1,406
Karma: 2451781
Join Date: Apr 2014
Device: BQ Cervantes 4
Quote:
Originally Posted by DNSB View Post
I'm not so worried about the app requirements as the simple fact that older Android versions have security holes that will not be fixed. I tried a couple of exploits on a Tolino epos and they worked so I feel rather paranoid about enabling WiFi on it.
I think you're mixing local privilege escalation with some sort of remote exploit. These devices are fine to connect to wifi or even to surf the internet if you avoid the stock browser and use an updated alternative. https://www.bromite.org/ is available for 4.4, which I think Tolinos are using.

If you're talking about local privilege escalation then my home router has one (like most SOHO equipment) and I obviously connect it to the internet.

Fun fact: a few years ago most home routers here in Europe were shipped with an "administrative port" open (telnet ). They offered a slimmed down command line interface with a few options. It was possible to escape the "sandbox" just by using one of these commands with an invalid argument. I remember that typing
Code:
ifconfig wooooh | /bin/sh
was all I need to get a root shell. Things are now better than that, but not that much.
pazos is offline   Reply With Quote