The developers of a relatively unknown CyanogenMod named Replicant have come forward with a possible backdoor installed on the modem of devices in the Samsung Galaxy line of phones and tablets.
Anything carrying the Galaxy moniker is affected, from their flagship line of S smartphones to the Tab line of tablets, and as of the blog post revealing the issue from Replicant’s chief developer Paul Kocialkowski, there is still no patch for the problem in sight.
“We discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a backdoor that lets the modem perform remote file I/O operations on the file system,” Kocialkowski wrote in a post on the Free Software Foundation’s blog.
He went on to claim he wasn’t able to find any legitimate reason for the hole to exist, and while not outright accusing Samsung of anything, was careful to note he has never seen such a direct link between the modem and a phone’s storage card exist in as clear a capacity at what he found after reverse engineering the IPC protocol and RFS command module on his Samsung Galaxy S2 testing kit.
“The incriminated RFS messages of the Samsung IPC protocol were not found to have any particular legitimacy nor relevant use-cas. However, it is possible that these were added for legitimate purposes, without the intent of doing harm by providing a back door. Nevertheless, the result is the same and it allows the modem to access the phone’s storage.”
Kocialkowski expressed his fears and concerns over the size and scope of the hole, which could allow anyone with knowledge of its existence the ability to completely take over a device with the slightest of ease, and track everything from a user’s location to the photos they took and the people they text. Anything that happens on top of the OS can be detailed on an intimate level, and it’s this level of complex command and control that has experts the most worried about what the future of Galaxy devices could look like from here on out.
Samsung has yet to come forward and respond to the allegations, but VPNCreative.net will be here to keep you up to date with any developments as they’re made available.