Stories
Slash Boxes
Comments

Dev.SN ♥ developers

Backdoor Found in Samsung Galaxy Devices

posted by LaminatorX on Thursday March 13 2014, @10:12AM   Printer-friendly
from the either-a-benefit-or-a-hazard dept.

Rashek writes:

"The developers of Replicant, a pure Free-Software version of Android, claim to have discovered a security flaw in certain Samsung Galaxy phones and tablets . One so serious that it could potentially grant an attacker remote access to the device's file system.

The flaw lies in the software that enables communication between the Android OS and the device's radio modem, according to the Replicant project's Paul Kocialkowski. More information can be found at replicant's website."

 
This discussion has been archived. No new comments can be posted.
Backdoor Found in Samsung Galaxy Devices | Log In/Create an Account | Top | 1000 moderator points   | 23 comments | Search Discussion
Display Options Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Interesting) by d on Thursday March 13 2014, @10:45AM

    by d (523) on Thursday March 13 2014, @10:45AM (#15893)

    On LWN.net, I jumped straight away with a comment like "I'm not going to buy from them again" (would be quite hard to live without gorilla glass, I guess). Then I read up about the backdoor and it's not exactly clear to me if it's by design or just a stupid mistake. Which brings to an interesting mind experiment - given that we have no source code, how could we tell that it's not a plausibly deniable backdoor, what kind of proof or argument would be convincing enough? And how could we make it much harder to let this kind of errors slip by?

    The problem I see is that I find it really hard to imagine open sourcing the modem software today. I mean, don't get me wrong, I'm all about FLOSS, but I guess that there's some reason why it didn't happen yet and I guess that we'd need to fight this reason first.

    Starting Score:    1  point
    Moderation   +3  
       Interesting=3, Total=3
    Extra 'Interesting' Modifier   0  
    Total Score:   4  

  • (Score: 5, Funny) by stormwyrm on Thursday March 13 2014, @11:02AM

    by stormwyrm (717) on Thursday March 13 2014, @11:02AM (#15901)

    Any sufficiently advanced incompetence is indistinguishable from malice.

    --
    Qu'on me donne six lignes écrites de la main du plus honnête homme, j'y trouverai de quoi le faire pendre.

  • (Score: 5, Interesting) by Nerdfest on Thursday March 13 2014, @11:44AM

    by Nerdfest (80) on Thursday March 13 2014, @11:44AM (#15921)

    If it turns out is it intentional, it's quite a knock against buying from them in the future, especially if it turns out it's not being patched. Intentionally leaving a backdoor in something like this puts them up there with RSA in the trust category.

    • (Score: 3, Informative) by d on Thursday March 13 2014, @11:50AM

      by d (523) on Thursday March 13 2014, @11:50AM (#15926)

      Or Sony:

      https://en.wikipedia.org/wiki/Sony_BMG_copy_protec tion_rootkit_scandal [wikipedia.org]

      (I especially recommend the "Company and press reports" section).

      • (Score: 1, Offtopic) by Nerdfest on Thursday March 13 2014, @12:05PM

        by Nerdfest (80) on Thursday March 13 2014, @12:05PM (#15937)

        I think we're at the point that one not even need mention Sony on this site for an example of a company that can't be trusted. They're pretty much the poster child.

        • (Score: 5, Informative) by edIII on Thursday March 13 2014, @12:40PM

          by edIII (791) on Thursday March 13 2014, @12:40PM (#15963)

          Never forget this. Ever.

          It will not lose that revenue stream, no matter what... Sony is going to take aggressive steps to stop this. We will develop technology that transcends the individual user. We will firewall Napster at source - we will block it at your cable company. We will block it at your phone company. We will block it at your ISP. We will firewall it at your PC... These strategies are being aggressively pursued because there is simply too much at stake

          -- Sony Pictures Entertainment US senior VP Steve Heckler

          These people are diametrically opposed to freedom. There are no common carriers. They will somehow control, either through acquisitions, legal threats, or legislation the very pipes we communicate on to control us.

          If that doesn't work.. they will (emphasis his) control our computers and prevent us from accessing content they find objectionable.

          There is simply too much money at stake for them to act otherwise.

          Never forget this. Never buy Sony. Not ever. Not even an automatic blowjob machine with self-cleaning attachments and a drip tray.

  • (Score: 3) by Open4D on Thursday March 13 2014, @12:01PM

    by Open4D (371) on Thursday March 13 2014, @12:01PM (#15931) Journal

    It seems from the Replicant webpage that the starting directory for access is /efs/root/ I don't know what this is exactly but it seems to be the kind of thing that the radio modem possibly should be able to get to.

    But Replicant have used "../.." as a circumvention measure. So they can get access to path /data/radio/test using a request for this: ../../data/radio/test"

    If the Samsung coder claimed to have mistakenly not accounted for the awesome power of "../.." - I would just about find that plausible - albeit with a heavy heart.