Hoy por la mañana vi en mi bandeja de entrada un correo enviado al maillist de la RootedCon, uno que no me llamo la atencion tanto hasta que le tome importancia y sorpresa como dice el titulo Android anda Backdorizado especificamente los Samsung Galaxy.
"While working on Replicant, a fully free/libre version of Android, we discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a backdoor that lets the modem perform remote file I/O operations on the file system."
A continuación dejo una parte del informe, adicionalmente al final de la entrada dejo los enlaces que hicieron eco.
Abstract
Samsung Galaxy devices running proprietary Android versions come with a back-door that provides remote access to the data stored on the device.
In particular, the proprietary software that is in charge of handling the communications with the modem, using the Samsung IPC protocol, implements a class of requests known as RFS commands, that allows the modem to perform remote I/O operations on the phone's storage. As the modem is running proprietary software, it is likely that it offers over-the-air remote control, that could then be used to issue the incriminated RFS messages and access the phone's file system.
In particular, the proprietary software that is in charge of handling the communications with the modem, using the Samsung IPC protocol, implements a class of requests known as RFS commands, that allows the modem to perform remote I/O operations on the phone's storage. As the modem is running proprietary software, it is likely that it offers over-the-air remote control, that could then be used to issue the incriminated RFS messages and access the phone's file system.
Known affected devices
The following table shows which devices are known to contain this back-door as part of the software they ship with.
Please contact us if you know about some other device that could be concerned by this back-door or have more information on one of the listed devices!
Please contact us if you know about some other device that could be concerned by this back-door or have more information on one of the listed devices!
| Device | Incriminated program running as root | SELinux enabled | libsamsung-ipc support | Replicant support |
|---|---|---|---|---|
| Nexus S (I902x) | No | Possible with Android 4.2 and later | Yes | Yes |
| Galaxy S (I9000) | Yes | ? | Yes | Yes |
| Galaxy S 2 (I9100) | No | ? | Yes | Yes |
| Galaxy Note (N7000) | No | ? | Yes | Yes |
| Galaxy Nexus (I9250) | No | Possible with Android 4.2 and later | Yes | Yes |
| Galaxy Tab 2 7.0 (P31xx) | No | ? | Yes | Yes |
| Galaxy Tab 2 10.1 (P51xx) | No | ? | Yes | Yes |
| Galaxy S 3 (I9300) | No | ? | Yes | Yes |
| Galaxy Note 2 (N7100) | No | ? | Yes | Yes |
Este detalle hace pensar, hdp!!! nos andan controlando, asi que pensando mejor porque no migrar a un FirefoxOS y tener control bueno medio control o buscar otra alternativa.
Para mas detalles de este documento podemos acceder a los siguientes enlaces:
- https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor
- http://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor
- http://www.phoronix.com/scan.php?page=news_item&px=MTYyODE
Gracias Root ootr por dar a conocerlo.
Regards,
Snifer
0 comentarios
Publicar un comentario