Replicant ROM developer reports dangerous security flaw in Samsung Galaxy devices' modems

Replicant ROM developer reports dangerous security flaw in Samsung Galaxy devices' modems

Samsung is having a rough Thursday.After LeBron's misfortune, developer Paul Kocialkowski of Replicant, a 3rd-partyAndroid ROM, announced the discovery of a possibly dangerous security flaw insome Samsung Galaxy devices. Allegedly, the Nexus S, Galaxy S, GalaxyS 2, Galaxy Note, Galaxy Nexus, Galaxy Tab 2, Galaxy SIII, and GalaxyNote 2 have a line in their proprietary (non-Google) Android codethat grants their baseband modems permissions to read,write, and delete files on the phone's storage. The user is notalerted to this and has no option to intervene.

While this alone sounds like a possibleplayground for hackers, Kocialkowski explained that if attackers are able to gain remote control of thebaseband's microprocessor, which runs its own operating system andset of commands, they can take advantage of the flaw to blow thephone's file system wide open.

Kocialkowski recommends that concernedusers install the Replicant ROM, or another free-software OS, whichdoesn't include proprietary code for device components. "Our freereplacement does not implement this back-door," he said, and reassured users that "if the modem asks to read or write files,Replicant does not cooperate with it." While this wholeannouncement could seem like a marketing hoax to the moreskeptical of you, let's keep in mind that Replicant is free softwareand the guys behind it don't have that much to gain from suchtomfoolery.

Samsung hasn't commented on thediscovery, but knowing the company's security efforts, it will mostlikely investigate the report.

source: TheFree Software Foundation via TheRegister



1. naveenstuns

Posts: 184; Member since: Feb 19, 2012

Another day Another Galaxy.... oh wait! It isn't about the new galaxy :O

3. PapaSmurf

Posts: 10457; Member since: May 14, 2012

Sounds to me he wants more people to flash his ROM and hit that donate button.

6. sprockkets

Posts: 1612; Member since: Jan 16, 2012

9. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

virtually no evidence. If you read reason #1, the person who did the 'test', side stepped the issue: " However, the authors provide no evidence of such a "remote control" mechanism. The FSF has a known agenda against proprietary software, and I think that agenda resulted in them creating a narrative that would cause perhaps more outrage than is warranted." What that reads is, since they didn't provide the file it doesn't exist.... Then goes on in #2, to say it only has functions that the radio user has access to.....AND THE SD CARD, didn't whats app just get slammed for sd card storage? And then line three, it is not a is a poor design in samsungs radio access code. Really? just bad design. That means backdoor genius author. In other words, if the radio of the Samsung proprietary code, that is interacting with the base of android, gets compromised, then its all over for that phone. Hence why a new Rom fixes this flaw since it is outside of that link between the two original codes. The second opinion which reaks, and I love arstech, does nothing to prove it cannot be done.

8. networkdood

Posts: 6330; Member since: Mar 31, 2010

Just another panicked article about nothing

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.