Franchise News

Newly Discovered Samsung Galaxy Backdoor May Cause Security Data Risk for Users

| By

A select few makers of the Samsung Galaxy line of devices have a backdoor that could result in data misuse, an open source OS development team has alleged.

The claim was made by Replicant, a team developing an open source OS based on Android, CNET said. The team discovered the backdoor in Samsung's proprietary software that handles remote communication. According to a blog post by Replicant developer Paul Kocialkowski, the software on some devices allows a person access to read, write and delete user information. The concern is that malicious users can remotely gain access to user information through the backdoor.

"While working on Replicant, a fully free/libre version of Android, we discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a backdoor that lets the modem perform remote file I/O operations on the file system," Slashgear quoted from Kocialkowski's post.

According to CNET, Kocialkowski wrote, "Provided that the modem runs proprietary software and can be remotely controlled, that backdoor provides remote access to the phone's data, even in the case where the modem is isolated and cannot access the storage directly."

Based on the information available from Replicant NDTV said Samsung Galaxy S (I9000), Galaxy S2 (I9100), Galaxy Note (N7000), Galaxy Nexus (I9250), Nexus S, Galaxy Tab 2 7.0 (P31xx), Galaxy Tab 2 10.1 (P51xx), Galaxy S3 (I9300), and Galaxy Note 2 (N7100) have the backdoor.

NDTV also quoted Replicant as saying that the backdoor could have been made for legitimate reasons and the software by itself does not seem to do any harm. Slashgear added that Samsung's custom software have been blamed in the past for security loopholes, most notably the flaw in the custom lockscreen that came to be exploited in 2013 before Samsung fixed it.

© 2024 Franchise Herald. All rights reserved.

Franchise News

Real Time Analytics