Devs Find Samsung Galaxy Security Flaw That Provides Remote Access To Your Data


The development team behind Replicant OS, an open-source operating system based on Android, have discovered a security flaw with Samsung devices that can provide remote access to your data. The “backdoor” is found in a whole bunch of Galaxy-branded handsets — including the Galaxy Nexus — running “most propriety Android systems.”

Not only is the vulnerability found in Samsung’s own Android software, then, but also custom firmwares that are based on a stock Android image — such as CyanogenMod.

“Samsung Galaxy devices running proprietary Android versions come with a back-door that provides remote access to the data stored on the device,” Replicant states on its website.

“In particular, the proprietary software that is in charge of handling the communications with the modem, using the Samsung IPC protocol, implements a class of requests known as RFS commands, that allows the modem to perform remote I/O operations on the phone’s storage.”

As a result, hackers have the potential to gain access to the data stored on your device using an “over-the-air remote control.” So, if they wanted to, they could access your messages, contacts, photos, and more — and you’d probably know nothing about it.

Some of the handsets known to be affected include:

  • Galaxy Nexus (I9250)
  • Galaxy Nexus S (I902x)
  • Galaxy S (I9000)
  • Galaxy S II (I9100)
  • Galaxy S III (I9300)
  • Galaxy Note (N7000)
  • Galaxy Note II (N7100)
  • Galaxy Tab 2 7.0 (P31xx)
  • Galaxy Tab 2 10.1 (P51xx)

Now that this vulnerability has been discovered — and the news is quickly making its way around the web — we can expect Samsung or Google to acknowledge and address the problem in a future Android update. In the meantime, Replicant notes that its own OS is immune to this problem because “Replicant does not cooperate with back-doors.”