Security researcher debunks claims that Samsung devices have a dangerous "backdoor"

Security researcher debunks claims that Samsung devices have a dangerous
Earlier today, there was a claim from the makers of the Replicant Android ROM that Samsung devices have a "backdoor" in the software which would allow a remote user to access the data stored on the device. When we saw the story, we assumed that Samsung would come out relatively quickly to argue the point, but actually it is a security researcher coming to defend Samsung.

Dan Rosenberg, a senior security researcher at Azimuth Security, admits that Samsung devices do have a flaw, and he said it could be found in the Galaxy S4 and Note 3, not just the Galaxy S III and Note II mentioned by Replicant. But, Rosenberg told Ars Technica that calling the issue a "'backdoor' is a bit far-fetched". He went on to explain "three crucial facts" that debunk the claims. 

First, "there is virtually no evidence for the ability to remotely execute this functionality." Rosenberg notes that the Replicant team says that it is "likely" there is a remote control mechanism, but give no evidence to support that claim. Second, even if such functionality does exist, read/write capability would be limited to the radio and the SD card, not the whole system. Last, "the specifics of the vulnerability suggest that it was poorly programmed legitimate functionality rather than a secret backdoor." 

All this to say that there was never malicious intent, just bad coding; and, it is unlikely that the vulnerability would cause as serious a threat as Replicant made it out to have.

source: Ars Technica

FEATURED VIDEO

30 Comments

1. networkdood

Posts: 6330; Member since: Mar 31, 2010

See..you have to be careful when you read panicked articles about malware...security risks..etc...most of the time it is some company supposedly looking out for our best interests

3. PBXtech

Posts: 1032; Member since: Oct 21, 2013

Grain of salt is always the best seasoning.

6. PapaSmurf

Posts: 10457; Member since: May 14, 2012

PA shot themselves in the foot by reporting sketchy news. Lesson learned - never be quick to publish news that doesn't sound right. PS - Called it on the OG article. http://www.phonearena.com/news/Replicant-ROM-developer-reports-dangerous-security-flaw-in-Samsung-Galaxy-devices-modems_id53871

10. troutsy

Posts: 383; Member since: Feb 17, 2012

Cool. You should post less often, but more meaningful content.

15. PapaSmurf

Posts: 10457; Member since: May 14, 2012

I post what I want, when I want. Thanks.

30. GTX_Ti unregistered

Well if he posts less often, then why would he have so many posts posted.

26. PAPINYC

Posts: 2315; Member since: Jul 30, 2011

and i Bet you that that "some company" is probably paid and funded by Apple, since they're probably freaking that their precious device is being outsold by Samsung massive-sized fleet.

2. stealthd unregistered

So there were flaws, but one researcher came in to split hairs

17. tedkord

Posts: 17410; Member since: Jun 17, 2009

No, there we're flaws, one expert debunked the original assertion, then one fanboy rushed in to try and cast doubt.

4. PapaSmurf

Posts: 10457; Member since: May 14, 2012

I was wondering when PA was going to publish this. Never be so quick to report news.

5. Bluesky02

Posts: 1439; Member since: Dec 05, 2011

It doesn't matter there is backdoor or not as Android itself is a Google Malware for the NSA.

7. PapaSmurf

Posts: 10457; Member since: May 14, 2012

Oh my god. Really? You think iOS and WP8 isn't either?

13. SleepingOz unregistered

Give this guy a medal!

20. docxx

Posts: 63; Member since: Feb 27, 2014

this has nothing to do with Android, it's a back-door implemented on Samsung phones!!

24. christophersalse

Posts: 99; Member since: Jan 19, 2014

I guess you missed the part that said that the "back-door" was debunked.

21. docxx

Posts: 63; Member since: Feb 27, 2014

here the list of phones affected so far.. Nexus S (I902x) No Possible with Android 4.2 and later Yes Yes Galaxy S (I9000) Yes ? Yes Yes Galaxy S 2 (I9100) No ? Yes Yes Galaxy Note (N7000) No ? Yes Yes Galaxy Nexus (I9250) No Possible with Android 4.2 and later Yes Yes Galaxy Tab 2 7.0 (P31xx) No ? Yes Yes Galaxy Tab 2 10.1 (P51xx) No ? Yes Yes Galaxy S 3 (I9300) No ? Yes Yes Galaxy Note 2 (N7100) No ? Yes Yes

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.