It allowed anyone with knowledge to use the cell network in ways the operator of the cell network didn't like. This is generally considered a major issue and can attract serious legal repercussions for a radio device maker that doesn't take care to enforce only the allowed uses.
An interesting note from the Github conversation on it:
"Google's implementation of the security patch is strange, clearly targeting the Pixel IMS rather than fixing the shell's ability to modify carrier configurations. I'm actually worried that the ongoing backlash will ultimately lead Google to remove the MODIFY_PHONE_STATE permission from the shell to properly fix this issue"
The same way being allowed to install programs on your own computer is called "jailbreaking".
"Jail", on the other hand, is a great metaphor for a walled garden.
It allowed anyone with knowledge to use the cell network in ways the operator of the cell network didn't like. This is generally considered a major issue and can attract serious legal repercussions for a radio device maker that doesn't take care to enforce only the allowed uses.
Sounds like a vulnerability in their cell network, not in Android.
This is the correct answer. Shit flows downhill.
People were exploiting the poor mobile carriers.
An interesting note from the Github conversation on it:
"Google's implementation of the security patch is strange, clearly targeting the Pixel IMS rather than fixing the shell's ability to modify carrier configurations. I'm actually worried that the ongoing backlash will ultimately lead Google to remove the MODIFY_PHONE_STATE permission from the shell to properly fix this issue"
https://github.com/kyujin-cho/pixel-volte-patch/issues/384
From the article:
>To gain these elevated privileges, Pixel IMS uses Shizuku, an open source Android app that lets other apps run processes as the shell user.
It's possible for an app to use wireless debugging to debug the phone it's running on to get shell permissions.
Only if you allow it. This security patch doesn't affect that at all, so why is that relevant?
And it still is, for anything except those carrier overrides.