LineageOS is one of the most popular custom ROMs out there coming from its CyanogenMod roots. It supports nearly every device that is popular with the custom ROM developer community via an official or unofficial build. However, a group of attackers recently targeted the open-source aftermarket Android firmware alternative. This puts a lot of devices at risk. Also Read - HBO Max will be available on Android phones, Chromecast and Android TVs
The possibility of a security breach within the servers of tech giants like Facebook and Google is already scary enough. However, the breach of your operating system itself is nothing short of a nightmare. However, thanks to an open LineageOS team that is agile, things were taken care of pretty quickly. Also Read - OnePlus 5, 5T Android 10-based OxygenOS open beta 2 update roll out begins in India
Watch: How to get MIUI 12 Super Wallpapers on any Android Device
LineageOS reported that the attackers used two vulnerabilities in the Salt server software it uses. The purpose of this software is to gain access to the servers. Once the breach was observed, LineageOS developers immediately took down the servers, keeping the code secure. Also Read - Google Stadia comes to OnePlus 8 series with Android mobile capture; to get Assassin’s Creed: Valhalla
LineageOS developers then assured users that the ROM’s source code, build systems, and cryptographic keys were still safe and intact and that they had not been compromised. Since the whole ROM is an open-source project, that information is actually open to verification to the public.
Being pretty minimal in comparison to other feature-rich custom ROMs out there, LineageOS is often the fastest updating ROM for people. Other ROMs have often been built on the source code of Lineage OS and hence, the crucial nature of its integrity is perhaps more important than ever.
The incident shows that even small developer teams like that of LineageOS are not immune to hacking attacks. Bigger companies might also be facing similar situations on a more regular basis. It is possible that a hacking incident that hit Facebook or Google’s servers only comes to light if the information is leaked out in public.