Forgot your password?
typodupeerror
Android Cellphones Handhelds Security

Huge Security Hole In Recent Samsung Devices 153

Posted by timothy
from the it's-like-they-handed-you-the-phone dept.
An anonymous reader writes "A huge security hole has been discovered in recent Samsung devices including phones like the Galaxy S2 and S3. It is possible for every user to obtain root due to a custom faulty memory device created by Samsung." The problem affects phones with the Exynos System-on-Chip.
This discussion has been archived. No new comments can be posted.

Huge Security Hole In Recent Samsung Devices

Comments Filter:
  • Root (Score:2, Insightful)

    by Nerdfest (867930) on Sunday December 16, 2012 @07:38PM (#42309337)

    I consider someone *else* running as root a security hole. As long as you need physical access, this is a feature. A phone that will not let you install what you want is broken.

  • It's a feature !! (Score:5, Insightful)

    by Taco Cowboy (5327) on Sunday December 16, 2012 @07:49PM (#42309417) Journal

    Instead of considering that "security hole" a "security hole", consider it as a "feature".

    Just root the damn thing and unlock it !!

  • Re:Root (Score:4, Insightful)

    by Nerdfest (867930) on Sunday December 16, 2012 @07:52PM (#42309441)

    That's definitely a problem. The way the summary is worded makes it sound like a user having root is a security exploit ... something most hardware and OS manufacturers seem to believe these days. I may have to break tradition and read the article.

  • by Threni (635302) on Sunday December 16, 2012 @07:53PM (#42309447)

    > It's just one more exposure. The real problem is in actually being able to tell what -any- app is currently doing
    > on your device. And that kind of monitoring is no-where in sight.

    Wrong, and wrong. With this, you can access all the memory on your phone. Clearly with this you CAN tell what's running, You can stop what's running. You can patch what's running. You can do whever you like, This is about as different to the average piece of malware as is possible to get.

  • by Galestar (1473827) on Sunday December 16, 2012 @08:51PM (#42309671)

    other than stuff befalling jailbroken devices

    This is the important part. Walled gardens are inherently more secure, it has nothing to do with Apple's competence.

  • by grcumb (781340) on Sunday December 16, 2012 @08:56PM (#42309721) Homepage Journal

    Damn that was vague.

    If by 'vague', you mean 'detailed', then yes, it was. 8^)

    Could you maybe explain what kind of bad things they can do without permission?

    The most damning bit of code is this:

    #ifdef CONFIG_EXYNOS_MEM [14] = {"exynos-mem", S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH, &exynos_mem_fops}, #endif

    Basically, it says, "Aw heck, write whatever you like to any memory address anywhere. I mean, we're all friends here. Right?"

    Effectively, any installed app can ignore pretty much every single security setting on the phone and do whatever it likes to the running system. Worse, this could be coupled with a vulnerability in an otherwise well-intentioned app to create a remote root exploit.

    On the WTF scale, this ranks with the 2008 Debian SSL hole [slashdot.org] in terms of rank stupidity.

  • Re:Root (Score:5, Insightful)

    by hawguy (1600213) on Sunday December 16, 2012 @09:56PM (#42310207)

    On smartphones, local exploits matter because they mean apps can gain more permissions than they are supposed to have. (This is a much smaller problem on desktops because people don't tend to install programs on desktops anywhere near as much.)

    You've never seen a user click blindly through ActiveX install warnings if you think Desktop users rarely install software.

  • Re:Root (Score:5, Insightful)

    by Nerdfest (867930) on Sunday December 16, 2012 @10:38PM (#42310471)

    They can test all they want, but there will be bugs. The trick is to have support in place to patch quickly. Most open source software is very good this way, but most commercial stuff is way behind.

  • Re:Root (Score:3, Insightful)

    by fredprado (2569351) on Sunday December 16, 2012 @10:41PM (#42310487)
    Nothing can be "fully tested". Things like this happens to any developer and are unavoidable as the code complexity increases.

    What is the responsibility of the developer is to fix a security hole such as this as quickly as possible once detected.

Entropy requires no maintenance. -- Markoff Chaney

Working...