Will Verduzco · Mar 13, 2014 at 02:30 pm

Samsung Backdoor May Not Be as Wide Open as Initially Thought

Earlier today, we talked about how the Replicant team found a potential backdoor in Samsung’s proprietary radio software. As demonstrated in a proof-of-concept attack, this allowed certain baseband code to gain access to a device’s storage under a specific set of circumstances. But upon closer inspection, this backdoor is most likely not as bad as it was initially made out to be.

A few hours after posting our previous article on the alleged backdoor, a highly respected security expert who wishes to remain anonymous approached us, stating that the way in which the proof-of-concept attack was framed by the Replicant team was a bit misleading. Essentially, it boils down to the POC requiring a modified firmware with with security features disabled. Thus, if a user is running an updated version of the official firmware, this attack will not work. To that end, the Replicant team even states in their write-up that SELinux would considerably restrict the potential files that the modem can access, such as those on the /sdcard partition.

Now, another highly trusted security researcher (XDA Recognized Developer djrbliss) has gone on record with Ars, stating that there’s “virtually no evidence” that this is indeed a true backdoor, although his reasons are a bit different. There is absolutely no indication at this time that the baseband file access can be controlled remotely. Rather, this is only a “possibility,” since the baseband software is proprietary. Instead, it’s far more likely that this was only ever intended to write radio diagnostic files to the /efs/root directory, as that is is the radio user’s home directory.

In summary, we shouldn’t rush to replace our Samsung phones just yet. There is absolutely no evidence to state that this can be controlled remotely. And even if it were possible, using SELinux, which is set to Enforcing in stock firmware, would restrict the radio user’s access.


_________
Want something on the XDA Portal? Send us a tip!
Pulser_G2 · Feb 1, 2015 at 11:30 am · no comments

ITaaS – Identity Theft as a Service with FileThis

It's not often I look at a product or service and say "I really really hope this isn't real, and it's an elaborate fake". Alas, this day has come. It's time for a look at something which cropped up on my radar today, namely a service called FileThis. I won't do them the search-engine-ranking honor of providing a direct link to their site, but a quick search will find them, and their app on the Play Store and iTunes store....

XDA NEWS
Emil Kako · Jan 31, 2015 at 02:59 pm · 2 comments

Do You Prefer Physical or on Screen Buttons?

More and more smartphone manufacturers have been moving towards on-screen buttons, with Google really pushing for it over the physical button alternative. However, there are still a few OEMs (we're looking at you, Samsung) that have preferred to keep things a bit more traditional. Tell us which way you prefer and why.

DISCUSS
Pulser_G2 · Jan 31, 2015 at 02:08 pm · 1 comment

New AOSP Branch Details Potential Build System Upgrades?

While there are frequent unexplained changes and pushes to Google's AOSP repositories, an interesting-looking new branch has been pushed out recently, called "master-soong". Taking a look at the changes made to the manifest repository (which is used to specify the repositories to be downloaded when building Android), it appears there are some new repositories making an appearance. Of note here are new prebuilt repositories for Go, and Ninja. Go is a programming language, created by Google, which compiles to produce...

XDA NEWS