You are here: Home / Hardware / Backdoor Found in Samsung Galaxy
BMC IT solutions:
IT products & services for the ultimate competitive business advantage.
Backdoor Opens Samsung Galaxy Users to Danger
Backdoor Opens Samsung Galaxy Users to Danger
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus

Security researchers are reporting a so-called backdoor security issue in Samsung Galaxy devices. The report comes from the Replicant project. Replicant develops free versions of Android to take the place of the proprietary versions that manufacturers and carriers install on most smartphones.

While working on Replicant, developer Paul Kocialkowski said he discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem also implements a backdoor. That backdoor, he explained, lets the modem perform remote file I/O operations on the file system.

"This program is shipped with the Samsung Galaxy devices and makes it possible for the modem to read, write, and delete files on the phone's storage," Kocialkowski said. "On several phone models, this program runs with sufficient rights to access and modify the user's personal data. A technical description of the issue, as well as the list of known affected devices, is available at the Replicant wiki."

If the modem runs proprietary software and can be remotely controlled, he continued, that backdoor provides remote access to the phone's data -- even in the case where the modem is isolated and cannot access the storage directly. He called it "another example of what unacceptable behavior proprietary software permits" and used it to argue his case for Replicant, which does not implement the backdoor.

Security Analyst: 'It's Very Serious'

We caught up with Craig Young, a security researcher for IT security software firm Tripwire, to find out what he had to say about the discovery. He told us the threat of vulnerabilities or backdoors within the baseband processor of a smartphone is very serious.

"This is essentially a separate computer system running next to the processor that powers your smartphone OS," Young said. "Dr. Charlie Miller leaked NSA documents that have revealed that baseband attacks can be very effective for compromising a phone and turn it into a perfect listening device."

In this particular case, Young said the researchers are claiming that at a minimum, received radio messages can contain commands to retrieve data from the phone's storage. Unfortunately, he explained, most white hat security researchers do not have the means to research this type of threat because it typically requires specialized equipment, a radio shielded room -- a sensitive compartmented isolation facility -- and possibly FCC approval.

Hijacking Associated Accounts

At the same time, Young continued, black-hat security researchers with malicious intentions that want to launch real attacks can acquire the technology necessary for this attack for less than $1,000, making this a realistic threat for corporate espionage and can be used in a variety of other targeted attacks.

"In my previous research into Android, presented at DEF CON 21, an attacker with root access to the Android device file system can easily hijack Google or other accounts associated with the device," Young said. "'Replicant' is suggesting that this is the case for the popular but older Galaxy S, which is an I9000 handset."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
Forrester study shows 187% ROI with Druva Endpoint Backup: In a commissioned study conducted by Forrester Consulting on behalf of Druva, Forrester found that the costs and benefits for a composite organization with 3,000 inSync users, based on customer interviews, are: 1) 187% return on investment, and 2) Total cost savings and benefits of $3.8 million. Click here to access the study now.
Product Information and Resources for Technology You Can Use To Boost Your Business

Sony is no stranger to breaches. Sony’s PlayStation Network was hacked in 2011 and attackers obtained 77 million user accounts. The latest attack comes against Sony Pictures Entertainment.

Doctor Who had K-9, the robot dog that accompanied him on adventures through space. Now, Mountain View has K5, a 5-foot-tall, 300-pound robot security guard patrolling in the Bay Area.

Beleaguered handset maker BlackBerry is targeting iPhone users with an offer the company hopes they can’t refuse -- $550 to leave Apple and switch to the new BlackBerry Passport.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.