x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • Security researcher debunks claims that Samsung devices have a dangerous "backdoor"

Security researcher debunks claims that Samsung devices have a dangerous "backdoor"

Posted: , by Michael H.

Tags:

Security researcher debunks claims that Samsung devices have a dangerous
Earlier today, there was a claim from the makers of the Replicant Android ROM that Samsung devices have a "backdoor" in the software which would allow a remote user to access the data stored on the device. When we saw the story, we assumed that Samsung would come out relatively quickly to argue the point, but actually it is a security researcher coming to defend Samsung.

Dan Rosenberg, a senior security researcher at Azimuth Security, admits that Samsung devices do have a flaw, and he said it could be found in the Galaxy S4 and Note 3, not just the Galaxy S III and Note II mentioned by Replicant. But, Rosenberg told Ars Technica that calling the issue a "'backdoor' is a bit far-fetched". He went on to explain "three crucial facts" that debunk the claims. 

First, "there is virtually no evidence for the ability to remotely execute this functionality." Rosenberg notes that the Replicant team says that it is "likely" there is a remote control mechanism, but give no evidence to support that claim. Second, even if such functionality does exist, read/write capability would be limited to the radio and the SD card, not the whole system. Last, "the specifics of the vulnerability suggest that it was poorly programmed legitimate functionality rather than a secret backdoor." 

All this to say that there was never malicious intent, just bad coding; and, it is unlikely that the vulnerability would cause as serious a threat as Replicant made it out to have.

source: Ars Technica

31 Comments
  • Options
    Close




posted on 13 Mar 2014, 14:50 13

1. networkdood (Posts: 6267; Member since: 31 Mar 2010)


See..you have to be careful when you read panicked articles about malware...security risks..etc...most of the time it is some company supposedly looking out for our best interests

posted on 13 Mar 2014, 15:03 7

3. PBXtech (Posts: 977; Member since: 21 Oct 2013)


Grain of salt is always the best seasoning.

posted on 13 Mar 2014, 15:26 5

6. PapaSmurf (limited) (Posts: 8300; Member since: 14 May 2012)


PA shot themselves in the foot by reporting sketchy news. Lesson learned - never be quick to publish news that doesn't sound right.

PS - Called it on the OG article.

http://www.phonearena.com/news/Replicant-ROM-developer-reports-dangerous-security-flaw-in-Samsung-Galaxy-devices-modems_id53871

posted on 13 Mar 2014, 15:36 2

10. troutsy (Posts: 258; Member since: 17 Feb 2012)


Cool. You should post less often, but more meaningful content.

posted on 13 Mar 2014, 16:07 4

15. PapaSmurf (limited) (Posts: 8300; Member since: 14 May 2012)


I post what I want, when I want. Thanks.

posted on 13 Mar 2014, 22:27

30. GTX_Ti (unregistered)


Well if he posts less often, then why would he have so many posts posted.

posted on 13 Mar 2014, 18:59 2

26. PAPINYC (Posts: 2282; Member since: 30 Jul 2011)


and i Bet you that that "some company" is probably paid and funded by Apple, since they're probably freaking that their precious device is being outsold by Samsung massive-sized fleet.

posted on 13 Mar 2014, 14:54

2. stealthd (Posts: 962; Member since: 12 Jun 2011)


So there were flaws, but one researcher came in to split hairs

posted on 13 Mar 2014, 16:31 1

17. tedkord (Posts: 4747; Member since: 17 Jun 2009)


No, there we're flaws, one expert debunked the original assertion, then one fanboy rushed in to try and cast doubt.

posted on 13 Mar 2014, 15:10 4

4. PapaSmurf (limited) (Posts: 8300; Member since: 14 May 2012)


I was wondering when PA was going to publish this. Never be so quick to report news.

posted on 13 Mar 2014, 15:25

5. Bluesky02 (Posts: 1439; Member since: 05 Dec 2011)


It doesn't matter there is backdoor or not as Android itself is a Google Malware for the NSA.

posted on 13 Mar 2014, 15:27 7

7. PapaSmurf (limited) (Posts: 8300; Member since: 14 May 2012)


Oh my god. Really? You think iOS and WP8 isn't either?

posted on 13 Mar 2014, 16:03 5

13. SleepingOz (unregistered)


Give this guy a medal!

posted on 13 Mar 2014, 17:36 2

20. docxx (Posts: 63; Member since: 27 Feb 2014)


this has nothing to do with Android, it's a back-door implemented on Samsung phones!!

posted on 13 Mar 2014, 18:38 2

24. christophersalse (Posts: 98; Member since: 19 Jan 2014)


I guess you missed the part that said that the "back-door" was debunked.

posted on 13 Mar 2014, 17:40

21. docxx (Posts: 63; Member since: 27 Feb 2014)


here the list of phones affected so far..

Nexus S (I902x) No Possible with Android 4.2 and later Yes Yes
Galaxy S (I9000) Yes ? Yes Yes
Galaxy S 2 (I9100) No ? Yes Yes
Galaxy Note (N7000) No ? Yes Yes
Galaxy Nexus (I9250) No Possible with Android 4.2 and later Yes Yes
Galaxy Tab 2 7.0 (P31xx) No ? Yes Yes
Galaxy Tab 2 10.1 (P51xx) No ? Yes Yes
Galaxy S 3 (I9300) No ? Yes Yes
Galaxy Note 2 (N7100) No ? Yes Yes

* Some comments have been hidden, because they don't meet the discussions rules.

Want to comment? Please login or register.

Latest stories