Another bug has been discovered in the most recent T-Mobile G1 Android operating system, first we had the bug that allowed users to gain root access which is now being prevented with a patch from Google, but this one is a bit of a rarity as not many T-Mobile G1 users have come across it yet.

Once you have set up your telnet server on the T-Mobile G1 which will give you root access, anyone who knows your IP address can log into your mobile without having to use a password.

This is a massive hole in the G1 security, with an added strange bug, once your phone starts up a command shell as a root, every key you type then gets sent to that shell, which means that every keystroke you type within any application is send secretly to the shell with Admin user privileges.

For any G1 user who have had this problem, if you don’t want to upgrade to RC30 all you have to do to disable it is type -c-a-t- this will rectify your problem until you have to reboot your phone.

Source: Androidcommunity