Samsung Galaxy Back-door algunos modelos comprometidos y crece...

No Comments

Hoy por la mañana vi en mi bandeja de entrada un correo enviado al maillist de la RootedCon, uno que no me llamo la atencion tanto hasta que le tome importancia y sorpresa como dice el titulo Android anda Backdorizado especificamente los Samsung Galaxy.


"While working on Replicant, a fully free/libre version of Android, we discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a backdoor that lets the modem perform remote file I/O operations on the file system."

A continuación dejo una parte del informe, adicionalmente al final de la entrada dejo los enlaces que hicieron eco.

Abstract
Samsung Galaxy devices running proprietary Android versions come with a back-door that provides remote access to the data stored on the device.
In particular, the proprietary software that is in charge of handling the communications with the modem, using the Samsung IPC protocol, implements a class of requests known as RFS commands, that allows the modem to perform remote I/O operations on the phone's storage. As the modem is running proprietary software, it is likely that it offers over-the-air remote control, that could then be used to issue the incriminated RFS messages and access the phone's file system.

Known affected devices

The following table shows which devices are known to contain this back-door as part of the software they ship with.
Please contact us if you know about some other device that could be concerned by this back-door or have more information on one of the listed devices!

DeviceIncriminated program running as rootSELinux enabledlibsamsung-ipc supportReplicant support
Nexus S (I902x)NoPossible with Android 4.2 and laterYesYes
Galaxy S (I9000)Yes?YesYes
Galaxy S 2 (I9100)No?YesYes
Galaxy Note (N7000)No?YesYes
Galaxy Nexus (I9250)NoPossible with Android 4.2 and laterYesYes
Galaxy Tab 2 7.0 (P31xx)No?YesYes
Galaxy Tab 2 10.1 (P51xx)No?YesYes
Galaxy S 3 (I9300)No?YesYes
Galaxy Note 2 (N7100)No?YesYes

Este detalle hace pensar, hdp!!! nos andan controlando, asi que pensando mejor porque no migrar a un FirefoxOS  y tener control bueno medio control o buscar otra alternativa.


Para mas detalles de este documento podemos acceder a los siguientes enlaces:


  1. https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor
  2. http://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor
  3. http://www.phoronix.com/scan.php?page=news_item&px=MTYyODE

Gracias  Root ootr por dar a conocerlo.

Regards,
Snifer

0 comentarios

Publicar un comentario en la entrada