Posted in: Android, Mobile software

Purported Android backdoor affects several high profile Galaxy devices

Replicant, a third party developer of an open source Android distribution, claims to have stumbled on a backdoor program that makes it possible for the modem to modify the phone’s onboard storage.

The purported affected devices include the Samsung Galaxy S, S II, and S III, Galaxy Nexus and Nexus S, Galaxy Note and Note 2, and Galaxy Tab 2 7.0 and Tab 2 10.1.

Replicant developer Paul Kocialkowski made this statement on the Free Software Foundation website:

“While working on Replicant, a fully free/libre version of Android, we discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a backdoor that lets the modem perform remote file I/O operations on the file system.”

This could potentially allow the proprietary modem architecture found on the above Galaxy devices to read, write, and delete personal user files on the phone’s storage.

Kocialkowski says that his Replicant OS does not cooperate with backdoor requests such as this coming from the modem, but cannot guarantee his OSs integrity if the modem takes over the main processor and rewrites the operating system software.

Samsung has so far not provided a comment in regards to the vulnerability of the backdoor or its actual purpose.

Source | Via

Comments

Rules for posting