Blog/20140314 Galaxy back-door allows for over-the-air filesystem access< W:Blog
Galaxy back-door allows for over-the-air filesystem access
Developers from the Replicant project (a free Android offshoot) have documented a serious software back-door in Samsung's Android phones, which "provides remote access to the data stored on the device." They believe it is "likely" that the backdoor could provide "over-the-air remote control" to "access the phone's file system."
At issue is Samsung's proprietary IPC protocol, used in its modems. This protocol implements a set of commands called "RFS commands." The Replicant team says that it can't find "any particular legitimacy nor relevant use-case" for adding these commands, but adds that "it is possible that these were added for legitimate purposes, without the intent of doing harm by providing a back-door. Nevertheless, the result is the same and it allows the modem to access the phone's storage."
The Replicant site includes proof-of-concept sourcecode for a program that will access the file-system over the modem. Replicant has created a replacement for the relevant Samsung software that does not allow for back-door access.
Oh, and Samsung has KNOX: Samsung KNOX is a holistic enterprise platform based on constant innovation in mobile security technology. (my emphasis). Apparently there is a KNOX market place too, which only features so-called KNOX-certified apps - which hosts apps passing a set of stringent security criteria set by Samsung.
- App developer: Oh and we were thinking of having a back door in our app, so that we can retrieve customer data without consent.
- Samsung KNOX: Ah go on then.
In the words of Alanis Morissette, isn't it ironic? (Except that really it isn't if you see what I mean ...)
Update (Bjoern 14:37, 16 March 2014 (UTC)): For balance, two more views:
2014-03-14 | Back to blog|