Developer Finds Security Hole in Galaxy Note II, S2
December 17, 2012 8:31 PM
comment(s) - last by
Memory permissions raise danger of local attacks
Samsung Electronics Comp., Ltd. (
) the top maker of Android smartphones in the world (or any kind of phones, for that matter), received some unwelcome news on Monday, when a developer going by the handle "alephzain" posted details on Microsoft Corp.'s (
) XNA developers forum regarding memory permissions security holes in some of Samsung's top devices.
In order to give their
a dedicated line from the camera to the memory, Samsung opened up permissions to the on-chip DRAM. The only issue is that it appears to have opened its memory for writing to all users.
That's good news for modders who could use it to obtain root for the purpose of installing custom builds of Android like Cyanogen. Bu at it's bad news from a security perspective.
The Galaxy Note II
The flaw appears to affect a number of top Samsung devices, including the
Galaxy Note II
, the Galaxy S2, and the Meizu MX. Comments the developer who found the flaw, "The good news is we can easily obtain root on these devices and the bad is there is no control over it."
Generally to do something truly malicious with the flaw, you would have to use a trojan app equipped with memory dumping or memory injection functionality. But given the
success of past trojans against Android-rival Apple
, Inc. (
) the possibility of this flaw being exploited in the wild should not be ruled out.
This article is over a month old, voting and posting comments is disabled
RE: Galaxy S3 Affected
12/17/2012 10:05:46 PM
Well, instead of denying it or whatever Samsung will be looking into it.
Pretty speedy response IMO. Also, the folks at XDA are still hard at work making things right themselves.
"We are going to continue to work with them to make sure they understand the reality of the Internet. A lot of these people don't have Ph.Ds, and they don't have a degree in computer science." -- RIM co-CEO Michael Lazaridis
Apple Aims to Tack on Galaxy Note II and 5 Other Products to Existing Lawsuit
November 26, 2012, 2:05 PM
Symantec: Flashback Trojan for Mac Generates $10,000/Day
May 1, 2012, 1:46 PM
Samsung Reveals Quad-Core Exynos 4 for Galaxy S3 Superphone
April 26, 2012, 1:19 PM
Sony's Xperia Z3 Gets Detailed in Leaked Photos
July 25, 2014, 2:30 PM
Heavy Users of Verizon’s “Unlimited” LTE Data Could Soon See Targeted Throttling
July 25, 2014, 1:52 PM
Motorola Moto X+1 Makes Appearance in Leaked Photos
July 25, 2014, 12:06 PM
Sony Finally Adds 3D Blu-ray Support to PS4
July 24, 2014, 3:44 PM
IDC: Although Apple Remains at Top of Tablet Market, Share Falls from 33% to 26.9%
July 24, 2014, 1:24 PM
Thanks in Part to Strong G3 Launch, LG Sells 14.5 Million Smartphones in Q2
July 24, 2014, 10:18 AM
Most Popular Articles
JJ Abrams Unveils X-Wing Starfighter for New "Star Wars" Movie
July 21, 2014, 12:24 PM
Ford Details ’15 F-150’s 325hp, 2.7L EcoBoost V6; Demonstrates 732-lb Weight Loss
July 22, 2014, 6:55 PM
Comcast Memo: Harassing Customers During Retention Calls Actually IS Our Policy
July 22, 2014, 5:19 PM
Microsoft Kills Entertainment Unit, May Shelve Flagship Lumia "McLaren"
July 18, 2014, 7:40 PM
Kindle Fire Phone Review Roundup -- A Solid "Meh"
July 23, 2014, 2:09 PM
Latest Blog Posts
Space Terrorism is a Looming Threat For the United States
Apr 23, 2014, 7:47 PM
Facebook Aims to Provide Internet to "Every Person in the World" with Drones, Satellites
Apr 1, 2014, 10:20 AM
Retail Mobile Sites Experience Outages in Light of Simplexity's Bankruptcy
Mar 14, 2014, 8:48 AM
Tesla vs. BMW: Who Has the Safer EV?
Feb 1, 2014, 2:56 PM
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information