Great Motorola Edge deal on Amazon!

Replicant ROM developer reports dangerous security flaw in Samsung Galaxy devices' modems

By Luis D.
9comments
Samsung
Replicant ROM developer reports dangerous security flaw in Samsung Galaxy device modems

Samsung is having a rough Thursday.After LeBron's misfortune, developer Paul Kocialkowski of Replicant, a 3rd-partyAndroid ROM, announced the discovery of a possibly dangerous security flaw insome Samsung Galaxy devices. Allegedly, the Nexus S, Galaxy S, GalaxyS 2, Galaxy Note, Galaxy Nexus, Galaxy Tab 2, Galaxy SIII, and GalaxyNote 2 have a line in their proprietary (non-Google) Android codethat grants their baseband modems permissions to read,write, and delete files on the phone's storage. The user is notalerted to this and has no option to intervene.



While this alone sounds like a possibleplayground for hackers, Kocialkowski explained that if attackers are able to gain remote control of thebaseband's microprocessor, which runs its own operating system andset of commands, they can take advantage of the flaw to blow thephone's file system wide open.



Kocialkowski recommends that concernedusers install the Replicant ROM, or another free-software OS, whichdoesn't include proprietary code for device components. "Our freereplacement does not implement this back-door," he said, and reassured users that "if the modem asks to read or write files,Replicant does not cooperate with it." While this wholeannouncement could seem like a marketing hoax to the moreskeptical of you, let's keep in mind that Replicant is free softwareand the guys behind it don't have that much to gain from suchtomfoolery.



Samsung hasn't commented on thediscovery, but knowing the company's security efforts, it will mostlikely investigate the report.



source: TheFree Software Foundation via TheRegister

Recommended Stories

Loading Comments...

Popular stories

Even longtime T-Mobile customers will have to put up with slow internet speed policy
Even longtime T-Mobile customers will have to put up with slow internet speed policy
Two more companies want FCC action against T-Mobile for interference from 5G
Two more companies want FCC action against T-Mobile for interference from 5G
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
The 51 million customers affected by the AT&T data breach are getting free protection for 12 months
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
Make your Galaxy fingerprint scanner unlock faster as Samsung fixes what One UI 6.1 broke
Doesn't matter if T-Mobile, AT&T or Verizon, don't fall for the ring: How to stay safe in a world full of tricks?
Doesn't matter if T-Mobile, AT&T or Verizon, don't fall for the ring: How to stay safe in a world full of tricks?
T-Mobile will soon have another reason to gloat
T-Mobile will soon have another reason to gloat

Latest News

Verizon's Visible introduces annual plans with discounts up to 26%
Verizon's Visible introduces annual plans with discounts up to 26%
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Comcast launches NOW, low-cost and prepaid brand for data, TV, and WiFi hotspots
Apple tipped to reduce display size of iPhone 17 Plus
Apple tipped to reduce display size of iPhone 17 Plus
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Google Photos working on an option to hide your downloaded memes and other UI tweaks
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Hurry up and snatch Amazon's jumbo-sized Fire Max 11 tablet at its biggest discount yet
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
Memes of the week: Crazy Pixel leaks, OnePlus feels the heat in India, and more!
FCC OKs Cingular\'s purchase of AT&T Wireless