Epic Android bug interprets your typing as system commands
By Chris Ziegler 
posted Nov 8th 2008 8:42PM
posted Nov 8th 2008 8:42PM
The philosophy goes something like this: the great thing about Linux is that it's secure, and the great thing about open-source software is that it's thoroughly and constantly vetted for robustness. So to that end, Android should be pretty rock solid, right? Perhaps, but the overwhelming enormity of this particular bug definitely gives us pause. It turns out that G1 firmware revisions RC29 and earlier literally interpret everything you type as command-line operations, so if you happen across a legit command, it's going to get executed -- with superuser permissions, no less. No, seriously. Just go to the messaging app, the browser, or anywhere else a text box is convenient, type "reboot," press the enter key, and watch magic happen. We've tested this on two G1s, both with RC29 firmware, and have gotten this to consistently work on one of the two, so your mileage may vary -- but either way, this needed to get patched on the double. Fortunately, Google's been quick about it, rolling a fix into the RC30 build that's being rapidly pushed to users as we speak, but man... how did that get through?
Maybe this will lead to open linux on android.... maybe.
No.
ehem ... how about iphone ?
ehem ... how about copy and paste ?
To repeat my comment from a few days ago "WTF my phone is still on RC19!"
I looked at the code that constituted this bug, and it was a couple lines. I think this is a result of andriod being rushed to production, but it's an easy fix. Even the big boys mess up every once in a while.
The good news about this is that Android has a working and usable shell in there somewhere. I hope the community will capitalize on this; I would love a phone that I could execute bash commands on. Makes it a powerful tool.
iPhone does that, what's your point?
I'm not a fanboy, just stating a fact.
True, but if you replaced the words "Google" and "Android" with "Microsoft" and "" then I'm pretty sure the uproar on the interwebs would be insane. Google gets way too many "get out of jail free" cards these days.
Microsoft would let you view the source?
sudo apt-get moo
My friend told me about this after I had logged onto my mobile banking service on his phone to check the balance on my debit card. I sent myself a text saying "reboot;" and then "cd ~;rm *_history;" from his phone.
yup def reboots for me.. not in the browser though.. seems to only work like on a blank message.. then type reboot
!!!!!!!If you have a android phone type " reboot " and then press enter to see your true love!!!!!!!!!!!!
Epic fail...
that's actually an understatement. somehow. I guess that isn't something you ordinarily test for though.
This isn't going to help google's reputation. Although it will make apple look better.
Am I the only one that's terribly sick of the words fail, win, and epic?
www.thesaurus.com
Majestic flounder?
Great, now I'm going to think of a Magikarp whenever somebody says "epic fail".
heroic abort
Damn, I would use "majestic flounder" all the time, but "MF" could be a problem...
Wow, I'd be a paranoid android if that was happening :) Epic security hole
copy
highest rank
Wow, I'd be a paranoid android if that was happening :) Epic security hole
paste
Heh, it's like this message is a water reflection of the above one
lowest rank
The thing that's missing from the iPhone
Type ctrl-D reboot and I bet you'll see it works on every unit that's running RC29 or earlier.
Yep, definitely reboots. But as far as I know, I've never executed any other random commands by accident. And I could only get it to reboot by pressing Enter, then typing "reboot" then pressing Enter again.
that's because you have to have a blank line and then press enter after the command immediately.
So, I typed "selfdestruct" and I got an error: "G1 CANNOT SELF TERMINATE."
Man, it's good.
I can't believe it took this long for anyone to notice.
I can't believe no one types "rm -rf /" very often.
who cares
they should close the OS, remove copy and past, and give less control like apple dose then problems solved
They probably had it able to excecute commands during testing period, so it was easy to change things if wrong. So, a rushed relese is probably the reason,''
And at OCEAN CLAK 20th: But thats the problem with most Apple software, you have 0 freedom, its so restricted its not funny.
That is incorrect. Apple's OSX is like any other closed source OS, and there are no restrictions on 3rd party development or low-level access into the kernel or APIs.. Their end-user software on the Mac is like any other closed-source software with many apps having plugins, scripting, and other forms of extensibility. The iPhone OS is treated a bit different and 3rd party apps are restricted to a degree, but it is very simple to jail-break an iPhone or iPod Touch and remove all restrictions..
You can easily get SSH and a shell going on the iPhone with all of the *nix utilities, scripting environments, etc.
I'm not going to debate what freedom is or is not available on an Apple product. What I will say, however, is that if the software does what you want and you do not feel restricted by it, do the barriers that may or may not exist even matter?
Wait, you mean that if I just type reboot-
no, you have to type reboot on a blank line then enter before you type anything other than spaces until you type a semicolon.
That's not what the article says but whatever, I wouldn't know.
Am I really going to be the one to have to say it? Fine...
Someone fix the spelling of "intepret" in the title before some of us lose our damn minds.
Spell check si for quiters!
Bad spellers of the world, untie!
By your powers combined i am captain spellchecker.
They fixed it. Way to ruin our fun.
Close the system, this is crazy...90% of the individuals who TMO wants to sell this phone to are gonna freak out with all this crazy stupidity. I can smell a lawsuit brewing this is destroying the TMO brand. If this crap doesn't get fixed I'm returning this phone. Let alone the software is pure crap bug hell, the hardware is even worse. I'm on my third G1 due to the stupid slide screen mechanism defect.
This isn't an open/closed system error. It's just a bug. The proper admonishment would be "get your quality right before you release it".
Knew I wouldn't have to look far in your comments for proof that you don't have a G1, and also an apple fanboy:
Sep 23rd 2008 6:12PM
"I still have the old 2G iphone and my average for the past 6 months have been 6.1GB a month. Then again I am constantly on the net or listening to streaming music or watching videos. With the launch of the app store and a good month of using the apps my usage went up about 2GB with all the great apps on there. Yeh, I would be up the creek with the android. Plus the iphone has dozens more apps then the android has as of today."
@ Reader:
Proof: You keep using that word. I do not think it means what you think it means.
You have offered up conjecture and circumstantial evidence, this is not proof. Not in a box, not with a fox. Not on a train, not in the rain.
I'm not saying you're wrong in your conclusions (though I think you are, mobiles have become like fashion accessories, it's not beyond the realm of belief that someone buys a new one when it comes out, nor does an owning an iPhone constitute prima facie evidence of fanboyism...), simply that calling it "proof" is a poor rhetorical device. You point sounds much stronger when you don't overstate the weight of the evidence.
@AdamY +1 for use of princess bride reference!
That is my favorite princess bride quote!
+1 for both of you.
But seriously, has anyone actually tried some commands more serious than reboot??
"At Google, we call this feature, intuitive program listening." Well, I can see how typing "reboot" would be a conundrum, but imagine everytime when you drunk text, misspell "Bill", and the G1 thinks "kill".
That's bush league
Am I the only one wondering why a "Release Candidate" build is going out to phones as a release build? The RC is supposed to be just that, a "Release Candidate" and is in testing... it seems Google likes to keep their software products in "beta" status on purpose.. of course, if you do keep your software products in a status below release you have an excuse for stupid bugs popping up like this. Their response is "It's beta, what do you expect".. come on, your selling this phone to consumers, it shouldn't be a RC or Beta, it should be a official release.
Remember Windows Vista went out as a RC
(well that's not a good example because in my opinion Vista sucked and still does)
you don't understand what release candidate build means I guess. what it means is, they make a build, tag it RC, put it through the testing paces, if it passes their regression tests, it gets released byte for byte as is. so all "1.0" releases were actually RC's before they were tagged 1.0. usually companies retag it, but aparently google doesn't bother. kind of weird, but nothing to get your panties in a bunch about.
I agree....HOWEVER, Google's software and services, for the most part, are free to consumers...and most do what they advertise quite well, can we really complain? Every single piece of software that any company has released, especially something as big ass an OS, mobile or not, has had plenty of bugs...the iPhone had tons of bugs with OSX, WM6.0 and 6.1 have tons of bugs, hell even BB's have bugs (albeit less than others usually due to their simplicity).
At least they aren't charging for fixing those bugs and they are sending out new builds in an exceptionally short amount of time.
It could be much, much worse.
ummmm... ya, 'ass' = 'as' .....quite the typo there.
@McPOW
Understood but did the Release Candidate code in question make it through testing? As you say, the RC should be the same code that is made available to the customer IF it successfully makes it through the testing process. There is no information here about whether it was tested and, if it was, whether it passed. Only a final version should make it into the hands of the customer.
Kelmon,
They is NEVER a perfect, FINAL, piece of software....if you are waiting for such an OS, then you will be waiting forever. Like I said, just be glad that they are pushing these updates out very quickly instead of having to wait a long time for them.
I hate how ever since gmail, it's become trendy to put BETA in the corner of your logo. It's like people who have no idea what it means will be like, "Oh cool! It's beta!". I don't think google was intending for this to happen, but you can't be a huge as google and not be an internet trend setter, I mean, just look at the text formatting in a yahoo search...
Has anyone tried to type something like "unlock"? it might be the quickest way to *ahem* "factory" unlock your G1! (I'd try it myself, but I'm an iPhoner, although the G1 sure looks cool)
You obviously dont know much about Linux commands.
How to say "G1 sure looks cool" with an iPhone in Hand? ;) Shakin' my head off.. :D
The inside may become interesting with the next (stable and performant) OS-releases,
but especially the current outside is a big big no-go to me..
Would love to see this lil bug in action, though.
Hmm.... Ye.
Just a shame terminal dosen't accept psuedo code :P
sudo unlock
Doesn't seem to work on RC19 in any text box
Imagine if you were chatting with an Android user and lured them into typing rm -rf /.
Oh boy.
http://linux.about.com/od/commands/l/blcmdl1_rm.htm
I can't wait for Android it's gonna kill the iPhone and bring world peace. Oops. Back to the drawing board.
What's the easiest way to reboot and android phone?
You ask it to.
The one thing of Google's that's actually a legitimate beta and they don't mark it as such.
So really what you're saying is, it's a software bug and it's already been fixed...............shocking!
[enter]CAT[enter] this will disable that reboot thing until you reboot your G1 again.
Confirmed. For those playing at home, this will start a process that will swallow every line you type (technically, it also echoes them back, but in practice you can't see them). This only eats the lines as they appear to the Linux shell - your keystrokes will still be seen just fine by the applications.
Since I'm still on RC19, I think I'll do this every time I reboot.
[ENTER]CAT[ENTER], was does that do? open up lolcats?
sis comans, i eatz'm
This is a major failing of the Android system. The worst part is even though Google has released a patch for the issue (RC30) very few people seem to of gotten it yet. I know a few people are still on RC19 and have not received any of the OTA updates yet. I choose to manually update my phone to RC29 instead of waiting for the OTA. Its a very simple procedure to update the phone manually Google just has to make the file available to for download.
HAHA Windows Mobile would never have a security Issue Like that
.
.
.
.
.
.
.
.
.
.
.
.
Just Kidding
Say anything you want but I find this amazing. Here's the reason why... The amazing speed that Google pushes out the updates. No single company has been so prompt in remedying firmware updates this fast. I'm a Nokia fan boy but GOD.... Once you get two, three updates, you're fu..ed. I have N95-3 (the US edition) and while the rest of the crowd enjoys firmware in the v20.X releases, the -3 version still is riding the old(er) one with no prospect of getting an update any time soon. I think Google will kick ass with the patches and updates to make this OS popular. I did get G1 and I'm happy I did. I'm aware this is a "beta" phone but that's what makes the whole experience cool...watching how it matures right before our eyes.
So thumbs up to Google.
Where are all the "close it now!" posters coming from? Had the source been released prior to the phone this might have been noticed and fixed by the community before they sold their first handset. The problem is that it hasn't been open enough, and they didn't test this enough. Closing the system would not fix these problems.
While Android is open sourced now, it wasn't developed that way. Engadget really shouldn't go around denigrating the open source model by citing a security flaw in a system developed in a non-open manner.
Had Android been developed from the ground up as an open source project, with the existent financial and organizational backing from Google, it would likely have been more thoroughly tested at each stage of development, and issues like this would be far less likely.
Just waiting for some poor sucker to try:
"rm -rf /"
I typed reboot and my phone rebooted. as soon as it came back up it told me i had an update available and now im on rc30.
This update has fixed alot of problems I have had with the phone slowing down and waiting up to 30 seconds for the home screen to appear when leaving the browser.
just weird that the update hit my phone right after i tested this bug...
Is there anybody reading this who has owned an iPhone & been using a G1 since release? I have an iPhone (despite hating Apple) and I'm just curious to hear the opinion of someone who has used both as their main phone. Preferably someone who liked their iPhone too.
I don't, however, need another droll list comparison of features, or YouTube side-by-side videos... I just want a normal consumer's viewpoint who has owned them both.
Not like I'm getting it anyway, since AT&T made it clear we're not getting Android anytime soon, but still. Curiosity never killed my cat.
i've owned both an 8gb unlocked and jailbroken 2g iphone right around 1.1.4 fw. and now a g1. I got rid of my iphone though because the reception was so poor and i text a lot. The way you would hold the phone would kill the little reception i get in my house. Other phones can usually perform ok signal-wise, including my g1.
But to say my preference would be for the iphone, the UI, and the smoothness of the internet browser are much better than the g1. The iphone is much more attractive and the screen does respond better still. The g1 however is a great phone just not as good, the keyboard isn't as helpful as one would think, since there's no on screen input method. I actually like the t9/9-key way of input seen on those lg touch's or whatever. The open software in my opinion is the only trump over the iphone, i dont care about stereo bluetooth or many of the other complaints for the iphone.
I think the g1 is just a close 2nd, has better reception and d/lable software, but the screen isnt as nice and easy to use, or as fluid.
Cool, thanks dude. That's kind of spot-on with what I thought I would think, if that made any sense. I use my iPhone the most for web browsing, and although Mobile Safari has its down points (crashing, reloading other windows, lost data packets, etc), it's a really smooth browsing experience. I saw the video that showed the choppiness of the G1's browser, and although it is a small complaint, it would bother me. I have heard, however, that the G1 has Flash support?
All in all, I would like a hard keyboard more than a virtual keyboard, but I can type just fine on the virtual. I do think the trackball is a great feature though. Dunno. If they can iron out some of the issues with Android for G1's second release, I'd totally consider it.
And now for the mention of the same thing I always mention in these comments: Where's my cellphone with a Tegra in it?!
"The philosophy goes something like this: the great thing about Linux is that it's secure, and the great thing about open-source software is that it's thoroughly and constantly vetted for robustness. So to that end, Android should be pretty rock solid, right?"
As Bruce and Eddie W have pointed out so well, Android was not subject to the scrutiny of the open source community during development - unlike the vast majority of open source software - so this security breach can not be attributed to open source. The great thing about open-source software IS that it's thoroughly and constantly vetted for robustness, which is exactly why this bug has been patched so quickly. Closed source code protects profits, it does not make software more secure.
( cwj sulks at all the fun he'd be having with "Linux for Dummies" had he not returned his G1 )
so you can reboot the android by typing "reboot" in the console... what is the news again?
For everybody who can reboot their g1. Did you "jailbreak" your phone?
I did not. Being a linux user (not admin), i know that root access isn't always the best thing, I decided not to do this to my phone.
I am running TC4-RC19 and i do know how to spell reboot.
Give it some time. the phone isn't even a month old yet. How long did it take to jailbreak the iphone? How long did it take for apple to officially support 3rd party apps?
Give it some time. I bet within the next 6 months we will have the ability to install any linux cli based software. Watch, soon all of us g1 users will be playing doom and cracking wifi encryption.
Finally, a bug in a Googe product - they are human there! BTW, do they sell the phone with a sticker "Beta" like they do with most of their services?
my comments at http://www.commentino.com/orim
Its the OS on the phone, not the phone itself with issues. They offer the updates free so no issues. Its not really a beta phone as such.
dont know if its posted yet...but to force download the rc30 update get anycut then creat shortcut to device info and click the check for update. i got my update a few hours after i did that. some got it within minutes.
So let me see if I've got this straight. There was this huge bug in Android, that not a single user noticed, not even the hackers trying to find a way to get root access really figured out the scope of, and not even detractors, like this site, who have been looking for a reason to criticize the phone since it came out noticed, until AFTER Google had already released a fix in their second OS update in three weeks? And this is supposed to be some indication of a huge failure on Google's part? This is supposed to be an "epic fail" by Google? How long did it take Apple to release a fix for the bugs in the 3G iPhone when it came out? How long does RIM take to release their bug fixes? How long did Microsoft go between WM 6 and WM 6.1?
I would say if there is anything epic here, it is the smear campaign you guys would seem to be brewing up against Android. This is the second story you guys have now posted about the same fixed bug, yet I don't see story after story about how often the iPhone crashes, or drops calls. No, of course not, it is from Apple, which means bugs are forgivable, because it is cool. Google made the huge mistake of releasing Android without an Apple logo on it, which means you guys are mercilessly going to go after it on any issue you can find, even if that means just reporting the same already corrected issue multiple times. First you damn Google for fixing this bug, trying to imply that they are somehow locking users out of a "jailbreak" that could add functionality to their phone, and then you run a second story criticizing them for having the bug in the first place, and trying to imply that it is indicative of some systemic problem with Open Source software. Meanwhile, you run breathless stories about how incredible it is that at some point in the future, Apple is saying it will release a version of the iPhone OS that will give it features that it competitors have had for a while, and call that innovation. You guys really are transparent.
Oh well, you guys have spent years constantly claiming that no one uses Vista, and that OSX is killing Windows, and Windows still has 90% of the market, with OSX still having under 9%, so I guess at least your raging bias is completely harmless, and utterly irrelevant. At least there is that.
you talk too much.
tl;dr
Kudos.
I'm especially pissed after typing 'Become_Jiggy_Krazer'... and--Poof!