Security researcher debunks claims that Samsung devices have a dangerous "backdoor"

31comments
Security researcher debunks claims that Samsung devices have a dangerous "backdoor"
Earlier today, there was a claim from the makers of the Replicant Android ROM that Samsung devices have a "backdoor" in the software which would allow a remote user to access the data stored on the device. When we saw the story, we assumed that Samsung would come out relatively quickly to argue the point, but actually it is a security researcher coming to defend Samsung.

Dan Rosenberg, a senior security researcher at Azimuth Security, admits that Samsung devices do have a flaw, and he said it could be found in the Galaxy S4 and Note 3, not just the Galaxy S III and Note II mentioned by Replicant. But, Rosenberg told Ars Technica that calling the issue a "'backdoor' is a bit far-fetched". He went on to explain "three crucial facts" that debunk the claims. 

First, "there is virtually no evidence for the ability to remotely execute this functionality." Rosenberg notes that the Replicant team says that it is "likely" there is a remote control mechanism, but give no evidence to support that claim. Second, even if such functionality does exist, read/write capability would be limited to the radio and the SD card, not the whole system. Last, "the specifics of the vulnerability suggest that it was poorly programmed legitimate functionality rather than a secret backdoor." 

All this to say that there was never malicious intent, just bad coding; and, it is unlikely that the vulnerability would cause as serious a threat as Replicant made it out to have.

source: Ars Technica
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless