Security researchers have proved at the Defcon hacker conference that the Blackphone isn’t secure enough by rooting and cracking the device in less than five minutes.
Folks over at the engineering group TeamAndIRC exploited a vulnerability in the Android Debugger Kit’s code and through that managed to root the Blackphone. Through one of the attacks, the hackers managed to gain access ADB service, which by default is off, and through another attack they managed to gain shell access. Using the shell access they could run a series of commands that could potentially leak private data.
If we look at the technical aspects of one of the hacks, it isn’t based on some weak code – but is rather a hole that was discovered in the debugger. Further, the security researchers hacked their way through a Blackphone that was running an older firmware. What the researchers didn’t know was that SGP Technologies, the creators of the Blackphone, had already patched one of the vulnerabilities and pushed out an update.
About the ADB issue, SGP Technologies CSO Dan Ford said that they are in disagreement with the security researchers. Ford said “In the final days before manufacture, a bug was found with ADB on the Blackphones which could throw the phone into a boot loop when full device encryption was turned on”.
For this reason the company disabled the developer menu, but has said that it will be returning in an OTA update to the Blackphone once the boot bug is resolved.
As for the third bug that the security researchers exploited, no information is available as the researchers will be disclosing the vulnerability privately. Ford stated “We are under the impression that this vulnerability affects many OEMs and not just Blackphone.”
One of the important things to note here is that none of the vulnerabilities can be exploited via a drive-by-download or any other remote activity and physical access to the device is needed.