1. Computers
  2. Display Drivers
  3. Graphics Cards
  4. Memory
  5. Motherboards
  6. Processors
  7. Software
  8. Storage
  9. Operating Systems


Facebook RSS Twitter Twitter Google Plus


Phoronix Test Suite

OpenBenchmarking Benchmarking Platform
Phoromatic Test Orchestration

Replicant Developers Find Backdoor In Android Samsung Galaxy Devices

Hardware

Published on 12 March 2014 03:47 PM EDT
Written by Michael Larabel in Hardware
24 Comments

Developers working on Replicant OS, a free and open-source spin of Google's Android operating system, have claimed to uncover a backdoor into the device's file-system for several Samsung Galaxy mobile devices using the stock Android image.

Replicant developers found a back-door to be present in "most proprietary Android systems running on the affected Samsung Galaxy devices, including the ones that are shipped with the devices."

The Replicant developers' research finds "Samsung Galaxy devices running proprietary Android versions come with a back-door that provides remote access to the data stored on the device. In particular, the proprietary software that is in charge of handling the communications with the modem, using the Samsung IPC protocol, implements a class of requests known as RFS commands, that allows the modem to perform remote I/O operations on the phone's storage. As the modem is running proprietary software, it is likely that it offers over-the-air remote control, that could then be used to issue the incriminated RFS messages and access the phone's file system."

Among the known affected devices are the Nexus S, Galaxy S, Galaxy S2, Galaxy Note, Galaxy Tab 2, Galaxy S 3, and Galaxy Note 2. The Galaxy S seems to be in the worse shape with the back-doored program running as root.

For those Samsung Galaxy users there is a back-door sample and steps for investigating and analyzing this issue within a Samsung binary blob. In terms of the legitimacy of the backdoor, the developers believe, "the incriminated RFS messages of the Samsung IPC protocol were not found to have any particular legitimacy nor relevant use-case. However, it is possible that these were added for legitimate purposes, without the intent of doing harm by providing a back-door. Nevertheless, the result is the same and it allows the modem to access the phone's storage."

This Galaxy backdoor issue was passed on this morning by Phoronix reader and Twitter follower bashlog. All of the details for the issue are reported on this Replicant Wiki page that now appears to be a few weeks old but hasn't yet generated any widespread attention to the issue.

Replicant Developers Find Backdoor In Android Samsung Galaxy Devices


Those wishing to avoid this potential back-door from being exploited, Replicant OS doesn't contain this Samsung binary blob. The problem for many though is that Replicant's stable release is still Android 4.2 and based upon CyanogenMod 10.1 rather than catching up with upstream Android 4.4. With removing the phone / tablet binary blobs -- including proprietary firmware -- many of these "supported" Replicant devices do not have working 2D/3D acceleration, GPS, NFC, or even camera support in some cases.

About The Author
Michael Larabel is the principal author of Phoronix.com and founded the web-site in 2004 with a focus on enriching the Linux hardware experience and being the largest web-site devoted to Linux hardware reviews, particularly for products relevant to Linux gamers and enthusiasts but also commonly reviewing servers/workstations and embedded Linux devices. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics hardware drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated testing software. He can be followed via and or contacted via .
Latest Articles & Reviews
  1. Sub-$20 802.11n USB WiFi Adapter That's Linux Friendly
  2. The Lenovo T450s Is Working Beautifully With Linux
  3. Linux 4.0 SSD EXT4 / Btrfs / XFS / F2FS Benchmarks
  4. Linux 4.0 Hard Drive Comparison With Six File-Systems
  5. Lenovo ThinkPad T450s Broadwell Preview
  6. How Open-Source Allowed Valve To Implement VULKAN Much Faster On The Source 2 Engine
Latest Linux News
  1. EXT4 In Linux 4.1 Adds File-System Level Encryption
  2. Open-Source Ardour 4.0 Audio Software Has Big Improvements
  3. Linux-Powered Endless Computer Raises $100k+ In A Few Days
  4. GCC 5.1 RC2 Arrives, GCC 5.1 Planned For Next Week
  5. F2FS For Linux 4.1 Has New Features & Fixes
  6. Phoronix Server Upgrade This Weekend: Dual Haswell Xeons, 96GB DDR4
  7. Google's Experimental QUIC Transport Protocol Is Showing Promise
  8. Red Hat Joins Khronos, The Group Behind OpenGL & Vulkan
  9. NetworkManager Drops WiMAX Support
  10. Wine 1.7.41 Works More On Kernel Job Objects, MSI Patches
Most Viewed News This Week
  1. Nouveau: NVIDIA's New Hardware Is "VERY Open-Source Unfriendly"
  2. Linux 4.0 Kernel Released
  3. Microsoft Announces An LLVM-Based Compiler For .NET
  4. Linux 4.1 Brings Many Potentially Risky x86/ASM Changes
  5. VirtualBox 5.0 Beta 2 Released
  6. KDBUS Is Taking A Lot Of Heat, Might Be Delayed From Mainline Linux Kernel
  7. Mozilla Start Drafting Plans To Deprecate Insecure HTTP
  8. LibreOffice 4.5 Bumped To Become LibreOffice 5.0