I would love to go into the details, the problem is that I haven't had the chance to clarify whether or not the coded language I semi-cracked falls under contractual and proprietary protections for Chrome/Android/ Chromium.
jonathan horvat wrote: > Would you mind elaborating? How was the interaction observed exactly? I > don't think anyone here at the Android security forum wouldn't like to see a > dump of the logs/data that led you to these conclusions. It sounds > fascinating. I'm not sure I understand the analogy for the unusual behavior, > and therefore do not understand the implications it has for the user input > it seems to be targeting. I would much like to hear more about it. > > On Nov 26, 2008 9:57 PM, "Amonre" <[EMAIL PROTECTED]> wrote: > > > The invisible root-level text shell was fixed a while ago, but from > what I have seen, read, and deduced, there may be additional hidden > commands in existence. At first I thought the developers had left an > Easter egg or two. However, after looking into Android/Chrome/Gears > interaction, there appears to be a few very concerning security > issues. > > This pertains specifically to the software when run on a Windows-based > PC. In a nutshell I would describe the odd behavior as a "House of > Mirrors" effect primarily targeting URL text, form data, and other > user input. > > It makes me very curious about how Google software is handling > information regarding client software, previous and current bookmarks, > unique IDs, prefetching, TSCI (3D display scripts), audio, and most > importantly the WinSxS (side-by-side) dynamic link library > functionality. > > My Android Discussion account name, "Amonre", is a reference to one of > the embedded cipher rules I have discovered. If anyone on your team > recognizes the significance it has to Chrome/Android, that person(s) > should recognize what I'm talking about. > > I assure you this is no joke.
