A
hidden backdoor in the modified version of Android run by nine Samsung
Galaxy models could allow attackers to spy remotely on user data – and
even snoop on users using hardware such as the GPS system, camera and
microphone, according to the Replicant Project, which makes its own,
free version of Android.
While working on Replicant, the developers found that the affected
models of Galaxy handset – including popular smartphones such as the
Galaxy Note 2, Galaxy S3 and Nexus S – shipped with a program that
allowed the modem free rein to perform remote operations including
remotely monitoring users, and even modifying user data, according to PC World’s report
In a blog post on the Free Software Foundation,
Replicant developer Paul Kocialkowski said, “This program is shipped
with the Samsung Galaxy devices and makes it possible for the modem to
read, write, and delete files on the phone’s storage. On several phone
models, this program runs with sufficient rights to access and modify
the user’s personal data.”
He said that programs of this sort, “make it possible to remotely
convert the modem into a remote spying device. The spying can involve
activating the device’s microphone, but it could also use the precise
GPS location of the device and access the camera, as well as the user
data stored on the phone. Moreover, modems are connected most of the
time to the operator’s network, making the backdoors nearly always
accessible.”
Kocialkowski said that the nine models of Samsung device may not be the only ones affected by the backdoor, according to Information Week’s
report. Replicant demonstrated the backdoor via a patch which can
instruct modems on affected devices to open, read and close a file. It’s
not as yet clear what purpose, if any, the backdoor is meant to serve.
Replicant claim it would be “relatively easy” for an attacker to
exploit.
“We discovered that the proprietary program running on the
applications processor in charge of handling the communication protocol
with the modem actually implements a back door that lets the modem
perform remote file I/O operations on the file system,” said
Kocialowski. Kocialowski urged Galaxy users to complain directly to
Samsung about the backdoor.
At time of writing, Samsung has not released an official statement about the software.
No comments:
Post a Comment