Faiz Malkani · Aug 11, 2014 at 06:00 pm

Qualcomm Security Exploit Demonstrated at Blackhat Conference

The annual Blackhat conference, now in its 17th year, took place in Las Vegas last week. The conference is an assembly of security-focused individuals at which a number of devices such as home automation systems, smart cars, etc are hacked, in addition to a line up of speakers discussing information security. This year’s event turned out to be rather momentous with the SilentCircle’s Blackphone being rooted by XDA Senior Recognized Developer jcase. Another interesting development was Dan Rosenberg’s discussion, which popped up on the speakers list as ““including a live demonstration of using it to permanently unlock the bootloader of a major Android phone,”.

As it turned out, Dan Rosenberg, also known as XDA Recognized Developer DJRBliss, published a report which detailed a security vulnerability in ARM’s TrustZone, which is used by Qualcomm as a security layer on its Snapdragon line of processors. Rosenberg stated that this vulnerability existed on all Android devices that supported TrustZone and used a Snapdragon SoC, except the Samsung Galaxy S5 and HTC One M8, both of which have already been patched. He demonstrated his claim by unlocking a Moto X bootloader on stage, going on to say that a number of devices including Nexus 4 and Nexus 5, LG G2, Samsung Galaxy Note 3 were vulnerable.

While this is a notable discovery, it poses no immediate threat since Rosenberg did not release his exploit to the public, which allows manufacturers to patch it before any serious damage is done. Have a look at his full report in this summary image.


_________
Want something on the XDA Portal? Send us a tip!

Faiz Malkani

Faiz Malkani is an editor on XDA-Developers, the largest community for Android users. Faiz Malkani is a designer committed to creating memorable digital experiences augmented by delightful interfaces. He's been working in the design field for over three years and is proficient in experience design and interface design. He also codes occasionally, with Android and Frontend Web being his preferred platforms. View Faiz Malkani's posts and articles here.
Emil Kako · Apr 20, 2015 at 05:39 pm · 4 comments

Do You Use Recents as a Task Switcher?

Google introduced a revamped Recents interface with Lollipop in the hopes of making it easier for users to jump between tasks. But is Recents the best method of switching tasks? Let us know if you actually use the Recents button as a task switcher and why.

DISCUSS
Mario Tomás Serrafero · Apr 20, 2015 at 03:16 pm · 2 comments

Dual Boot on Android: A Power User’s Holy Grail?

Many of you probably dual-boot your personal computers, be it to run Linux alongside Windows or because you have a Mac and hate OS X. On a computer platform, the process can be a life-saver for a variety of reasons, particularly software compatibility/integration. It’s not rare to see computer programmers with Linux partitions or Mac gamers that use bootcamp for their videogames. On computers, the process has gotten relatively simpler over time, with Microsoft and Apple typically supporting the notion....

XDA NEWS
GermainZ · Apr 20, 2015 at 03:02 pm · 2 comments

Chrome 42: Narrowing the Gap Between Web & Native Apps

Websites have typically been less desirable than native apps, due to being unoptimized for mobile screens, responsiveness issues or simply not being able to provide all the features you might desire. New web standards aim to change that, and Chrome 42 will bring several of them to you. Push Notifications You'll be able to receive notifications from supported websites even after you've closed the page. Naturally, you'll have to grant permission to websites to do so: have no worries about...

XDA NEWS
Share This