HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 12 MINUTES AGO.
You are here: Home / Hardware / Backdoor Found in Samsung Galaxy
Build Apps 5x Faster
For Half the Cost Enterprise Cloud Computing
On Force.com
Backdoor Opens Samsung Galaxy Users to Danger
Backdoor Opens Samsung Galaxy Users to Danger
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
MARCH
13
2014

Security researchers are reporting a so-called backdoor security issue in Samsung Galaxy devices. The report comes from the Replicant project. Replicant develops free versions of Android to take the place of the proprietary versions that manufacturers and carriers install on most smartphones.

While working on Replicant, developer Paul Kocialkowski said he discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem also implements a backdoor. That backdoor, he explained, lets the modem perform remote file I/O operations on the file system.

"This program is shipped with the Samsung Galaxy devices and makes it possible for the modem to read, write, and delete files on the phone's storage," Kocialkowski said. "On several phone models, this program runs with sufficient rights to access and modify the user's personal data. A technical description of the issue, as well as the list of known affected devices, is available at the Replicant wiki."

If the modem runs proprietary software and can be remotely controlled, he continued, that backdoor provides remote access to the phone's data -- even in the case where the modem is isolated and cannot access the storage directly. He called it "another example of what unacceptable behavior proprietary software permits" and used it to argue his case for Replicant, which does not implement the backdoor.

Security Analyst: 'It's Very Serious'

We caught up with Craig Young, a security researcher for IT security software firm Tripwire, to find out what he had to say about the discovery. He told us the threat of vulnerabilities or backdoors within the baseband processor of a smartphone is very serious.

"This is essentially a separate computer system running next to the processor that powers your smartphone OS," Young said. "Dr. Charlie Miller leaked NSA documents that have revealed that baseband attacks can be very effective for compromising a phone and turn it into a perfect listening device."

In this particular case, Young said the researchers are claiming that at a minimum, received radio messages can contain commands to retrieve data from the phone's storage. Unfortunately, he explained, most white hat security researchers do not have the means to research this type of threat because it typically requires specialized equipment, a radio shielded room -- a sensitive compartmented isolation facility -- and possibly FCC approval.

Hijacking Associated Accounts

At the same time, Young continued, black-hat security researchers with malicious intentions that want to launch real attacks can acquire the technology necessary for this attack for less than $1,000, making this a realistic threat for corporate espionage and can be used in a variety of other targeted attacks.

"In my previous research into Android, presented at DEF CON 21, an attacker with root access to the Android device file system can easily hijack Google or other accounts associated with the device," Young said. "'Replicant' is suggesting that this is the case for the popular but older Galaxy S, which is an I9000 handset."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN HARDWARE
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
An easily avoided security lapse -- failure to use two-factor authentication on a single server -- is being blamed for the massive computer breach that hit JPMorgan Chase this past summer.

ENTERPRISE HARDWARE SPOTLIGHT
Flying under the radar just before Christmas, HP has launched a new version of its Chromebook 14, most notable for its touch screen and full high-definition display, plus more powerful specs.

MOBILE TECHNOLOGY SPOTLIGHT
The Rockstar Consortium backed by Apple, Microsoft, BlackBerry, Sony and Ericsson, just sold the smartphone patents it was holding to the RPX Clearinghouse for $900M.
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.