Rashek writes:
"The developers of Replicant, a pure Free-Software version of Android, claim to have discovered a security flaw in certain Samsung Galaxy phones and tablets . One so serious that it could potentially grant an attacker remote access to the device's file system.
The flaw lies in the software that enables communication between the Android OS and the device's radio modem, according to the Replicant project's Paul Kocialkowski. More information can be found at replicant's website."
(Score: 5, Insightful) by MrGuy on Thursday March 13 2014, @12:06PM
Curious whether people feel "back door" is used correctly here.
The way I'm used to it being used, a back door was only called such if it was a deliberate creation of the programmers, as a deliberate way to bypass the access controls. A security flaw that allowed access (eg. a buffer overrun) wasn't called a "back door."
On the other hand, calling this a "back door" is descriptive of the level of access it allows - basically bypassing access controls and allowing access to the entire device (as opposed to a security flaw that could simply crash an app or allow access to one specific subset of the phone like the contact list).
So, I'm conflicted. Thoughts?
(Score: 5, Funny) by hybristic on Thursday March 13 2014, @12:25PM
The only time I ever use the word 'back door' is when my girl friend has had a few too many drinks! ;P
But in reality a backdoor is simply any time you bypass normal authentication methods without being detected. Which is why I can only exploit the gf's backdoor when shes drunk, she doesn't log this attempt so it goes unnoticed. So to call this a backdoor is pretty accurate.