Remote access backdoor found in Samsung Galaxy devices

By  | 

Paul Kocialkowski, the developer of Replicant OS – an open source operating system based on Android – has revealed that Samsung Galaxy devices have a backdoor that allows for remote access and modification of data residing on the phones.

For those who are not aware of the internals of a smartphone – as far as the processors are concerned – there are two separate processors that power today’s smartphones. One is the general purpose application processor that runs the OS e.g. Android and the other is known as the modem, baseband or radio that runs proprietary code and handles the communications.

Kocialkowski claimed that the backdoor is present in the proprietary code that handles the Modem of the device which in turn is responsible for mobile communications with the telephony network.

According to the Replicant OS developer Samsung’s IPC protocol is bound to the communications processor and runs in the background. This particular protocol implements a class of requests dubbed RFS commands that enable the modem to perform remote I/O operations on the phone’s storage thereby allowing for remote read, write, and deletion of files.

“This processor always runs a proprietary operating system, and these systems are known to have backdoors that make it possible to remotely convert the modem into a remote spying device”, Kocialkowski notes in a guest post on Free Software Foundation (FSF) blog.

“The spying can involve activating the device’s microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone.”

Kocialkowski notes that as the mobile phones are always connected to a mobile network through their modem backdoors such as these are always accessible. Further, he also said that chances are that the backdoor would have been placed accidentally, but the implications are serious if exploited.

Some of the devices which Kocialkowski found vulnerable include Nexus S, Galaxy S, Galaxy S2, Galaxy Note, Galaxy Nexus, Galaxy Tab 2 7.0 and 10.1, Galaxy S3, and Galaxy Note 2.