• AgreeableLandscapeOP
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    5 years ago

    The implication of this tiny notification is terrifying. It means that 1, Samsung phones constantly receive data from Samsung and at the very least send the IP address back to them (probably much more), 2, Samsung can send some form of commands to every phone they make (with the extent of their control ranging somewhere from invoking a notification to rm -rf /), and 3, this ability is accessible to developers, which could very well include bad actors.

    • Lofenyy
      link
      fedilink
      arrow-up
      2
      ·
      5 years ago

      Definitely. Arbitrary code execution is a fascinatingly dangerous power to have. A fantastic case study, though unrelated to security and modern computing, are Youtube videos demonstrating ACE on old Pokemon games. The thing that fascinates me is the idea of executing code outside of the carefully created sandbox you’re placed in. If you can execute code outside the sandbox, like via a backdoor, or via an exploit, you can use it for both good and evil. MS used its universal backdoor to force Windows 10 installations, but many hackers have used it to install Linux on a whole bunch of hardware, including video game consoles like the Wii.

      https://invidio.us/watch?v=SL_Zuc0tlvo