14 DAY TRIAL // South Korean mobile phone maker Samsung is currently the largest producer of Android-based devices, yet it appears that its handsets and tablets are not as secure as one might believe.
In fact, developers working on Replicant OS, which is a free, open source version of Android, claim to have found a backdoor in the file-system of several Samsung Galaxy mobile devices running stock Android images.
According to said developers, the issue was discovered in most proprietary Android versions that run on affected Samsung Galaxy devices. Platform releases loaded on these products right from the start were also found to be affected.
They also note that the backdoor offers remote access to the data present on these handsets, most likely over-the-air, as phoronix explains in a recent article.
“Samsung Galaxy devices running proprietary Android versions come with a back-door that provides remote access to the data stored on the device,” the team claims.
“In particular, the proprietary software that is in charge of handling the communications with the modem, using the Samsung IPC protocol, implements a class of requests known as RFS commands, that allows the modem to perform remote I/O operations on the phone's storage.”
“As the modem is running proprietary software, it is likely that it offers over-the-air remote control, that could then be used to issue the incriminated RFS messages and access the phone's file system,” said developers explain.
The list of affected devices includes the Galaxy S, Nexus S, Galaxy S2, Galaxy Note, Galaxy Tab 2, Galaxy S 3, and Galaxy Note 2. Apparently, rooted Galaxy S handsets are exposed the most through this issue.
Said developers also provide a backdoor sample, along with steps that can be taken in order to analyze and investigate the issue. They also note that the incriminated RFS messages might not have particular legitimacy or relevant use-case, at least none that they could find.
There is a possibility that the backdoor was added for legitimate purposes, and that the intent was not to harm users in any way through lowering the security of their devices. “Nevertheless, the result is the same and it allows the modem to access the phone's storage,” the team concludes.
For those who would like to avoid the backdoor, the team behind Replicant OS recommends their own Android platform spinoff, though it is based on Android 4.2 Jelly Bean and appears to have a variety of non-working features, including GPS, NFC, or even camera.
This is not the first time that Samsung’s Android devices are found to pack security issues inside, though it remains to be seen whether the company will deliver a fix for the newly discovered one and when that might happen.