Security is Inconvenient, Deal With It!

ZD Net had an article entitled "Kernel vulnerability places Samsung devices at risk" and I thought "so, what's new" until I followed the link to the forum post on xda-developers. Then I just lost it because I'm certain that this is a result of plain and simple laziness.

Here are my arguments for why I think it's laziness: First, This is Samsung we're talking about here. This error was should have been caught in code review or QA. Second, according to the first post the primary users of /dev/exynos-mem is

graphic usage like camera, graphic memory allocation, hdmi. By activating pid display in kmsg, surfaceflinger do mmap on the device (via one of the three shared libraries above ?? I have not see reference in binary to these libraires).

Read more...