This week a security hole was discovered in Linux-based G1 cellular phone Android 1.0 that allowed you to gain root access to the device. The trick was that you have to start up a telnetd server on the phone, and then anyone who knows your IP address can log into the machine without a password to an administrator account.
When the phone booted it started up a command shell as root and sent every keystroke you ever typed on the keyboard from then on to that shell. Thus every word you typed, in addition to going to the foreground application would be silently and invisibly interpreted as a command and executed with superuser privileges.
News source: zdnet.com
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.