Faiz Malkani · Aug 11, 2014 at 06:00 pm

Qualcomm Security Exploit Demonstrated at Blackhat Conference

The annual Blackhat conference, now in its 17th year, took place in Las Vegas last week. The conference is an assembly of security-focused individuals at which a number of devices such as home automation systems, smart cars, etc are hacked, in addition to a line up of speakers discussing information security. This year’s event turned out to be rather momentous with the SilentCircle’s Blackphone being rooted by XDA Senior Recognized Developer jcase. Another interesting development was Dan Rosenberg’s discussion, which popped up on the speakers list as ““including a live demonstration of using it to permanently unlock the bootloader of a major Android phone,”.

As it turned out, Dan Rosenberg, also known as XDA Recognized Developer DJRBliss, published a report which detailed a security vulnerability in ARM’s TrustZone, which is used by Qualcomm as a security layer on its Snapdragon line of processors. Rosenberg stated that this vulnerability existed on all Android devices that supported TrustZone and used a Snapdragon SoC, except the Samsung Galaxy S5 and HTC One M8, both of which have already been patched. He demonstrated his claim by unlocking a Moto X bootloader on stage, going on to say that a number of devices including Nexus 4 and Nexus 5, LG G2, Samsung Galaxy Note 3 were vulnerable.

While this is a notable discovery, it poses no immediate threat since Rosenberg did not release his exploit to the public, which allows manufacturers to patch it before any serious damage is done. Have a look at his full report in this summary image.


_________
Want something on the XDA Portal? Send us a tip!

Faiz Malkani

Faiz Malkani is an editor on XDA-Developers, the largest community for Android users. Faiz Malkani is a designer committed to creating memorable digital experiences augmented by delightful interfaces. He's been working in the design field for over three years and is proficient in experience design and interface design. He also codes occasionally, with Android and Frontend Web being his preferred platforms. View Faiz Malkani's posts and articles here.
Mike McCrary · Jul 31, 2015 at 03:56 pm · 1 comment

CloudPlayer: DIY HiFi Music Streaming Solution

In our Helpful Guide to Music Streaming Services, we mentioned several different services that offer ways to stream catalogs of music directly to your device. While each service has their benefits and drawbacks, the common theme among them is to give you access to a vast library of music without the need to store your own, and charge you a monthly fee for the privilege. But what if you already had access to your own catalog of music? Sure, there...

XDA NEWS
GermainZ · Jul 31, 2015 at 01:03 pm · 1 comment

Optimize Battery Life with This Useful App

Battery life is an important aspect of your smartphone, especially if you use it for more than just calls on the go. Since you're on XDA, you probably do and want to get the most out of your battery. Now, you can't magically expand its size but no matter how much its capacity is, you should make sure it's not draining faster than it should be. Your phone's processor runs at different frequencies when you're using the device. The CPU...

XDA NEWS
Mario Tomás Serrafero · Jul 31, 2015 at 11:00 am · 3 comments

The OnePlus 2 & The Year of Smartphone Compromises

We are very close to entering the last third of 2015, and we have now seen many of the biggest flagship lines issue their latest iterations. Phones like the LG G4 and Galaxy S6 were some of the most anticipated devices in smartphone history, and the hype surrounding the M9 and OnePlus 2 had us discussing for weeks. But for the most part, the awe has vanished.   There is a feeling that virtually all of us at the XDA office...

XDA NEWS