Faiz Malkani · Aug 11, 2014 at 06:00 pm

Qualcomm Security Exploit Demonstrated at Blackhat Conference

The annual Blackhat conference, now in its 17th year, took place in Las Vegas last week. The conference is an assembly of security-focused individuals at which a number of devices such as home automation systems, smart cars, etc are hacked, in addition to a line up of speakers discussing information security. This year’s event turned out to be rather momentous with the SilentCircle’s Blackphone being rooted by XDA Senior Recognized Developer jcase. Another interesting development was Dan Rosenberg’s discussion, which popped up on the speakers list as ““including a live demonstration of using it to permanently unlock the bootloader of a major Android phone,”.

As it turned out, Dan Rosenberg, also known as XDA Recognized Developer DJRBliss, published a report which detailed a security vulnerability in ARM’s TrustZone, which is used by Qualcomm as a security layer on its Snapdragon line of processors. Rosenberg stated that this vulnerability existed on all Android devices that supported TrustZone and used a Snapdragon SoC, except the Samsung Galaxy S5 and HTC One M8, both of which have already been patched. He demonstrated his claim by unlocking a Moto X bootloader on stage, going on to say that a number of devices including Nexus 4 and Nexus 5, LG G2, Samsung Galaxy Note 3 were vulnerable.

While this is a notable discovery, it poses no immediate threat since Rosenberg did not release his exploit to the public, which allows manufacturers to patch it before any serious damage is done. Have a look at his full report in this summary image.


_________
Want something on the XDA Portal? Send us a tip!

Faiz Malkani

Faiz Malkani is an editor on XDA-Developers, the largest community for Android users. Faiz Malkani is a designer committed to creating memorable digital experiences augmented by delightful interfaces. He's been working in the design field for over three years and is proficient in experience design and interface design. He also codes occasionally, with Android and Frontend Web being his preferred platforms. View Faiz Malkani's posts and articles here.
Mario Tomás Serrafero · May 26, 2015 at 05:42 pm · 2 comments

Nexus & Cookies: A More Focused Direction?

It is that time of the year again, and we are approaching the day where Android fans all over the world gather to watch the livestream of Google’s I/O conference. Among the expected announcements lay wearables, Android Auto, hints at VR and  the Internet of Things and, of course, a new version of Android. An early glimpse of a supposed “Android M” was caught on the official website before being nuked out of existence, and thus the speculation began.  ...

XDA NEWS
Faiz Malkani · May 26, 2015 at 03:32 pm · 3 comments

LG G4 US Carrier Release Dates

The LG G4 was announced on April 29th with its Snapdragon 808 SoC, a welcomed change from its higher-end cousin, the overheating 810. Packing 3GB of RAM, 32GB of storage, a 3000mAh battery, and an impressive 16MP camera, the G4 is widely considered to be one of the best flagships of 2015. After almost a month of release speculation, the major US carriers have finally released some information regarding the device's availability, and here's what we know so far:  ...

XDA NEWS
Faiz Malkani · May 26, 2015 at 02:59 pm · 2 comments

Microsoft Reaches Pre-Install Agreement With New OEMs

As of late, Microsoft has been making a subtle but widespread play into the Android ecosystem, with small apps like Bing Torque being the foreshadowing of the larger ones to come, and as it stands, Skype and the three popular office apps - Powerpoint, Excel and Word - are thriving on the Play Store following their public release earlier this year, prior to which the Office suite remained in beta. Having its top apps on Android was just a stepping stone...

XDA NEWS
Share This