Developer Finds Security Hole in Galaxy Note II, S2
December 17, 2012 8:31 PM
comment(s) - last by
Memory permissions raise danger of local attacks
Samsung Electronics Comp., Ltd. (
) the top maker of Android smartphones in the world (or any kind of phones, for that matter), received some unwelcome news on Monday, when a developer going by the handle "alephzain" posted details on Microsoft Corp.'s (
) XNA developers forum regarding memory permissions security holes in some of Samsung's top devices.
In order to give their
a dedicated line from the camera to the memory, Samsung opened up permissions to the on-chip DRAM. The only issue is that it appears to have opened its memory for writing to all users.
That's good news for modders who could use it to obtain root for the purpose of installing custom builds of Android like Cyanogen. Bu at it's bad news from a security perspective.
The Galaxy Note II
The flaw appears to affect a number of top Samsung devices, including the
Galaxy Note II
, the Galaxy S2, and the Meizu MX. Comments the developer who found the flaw, "The good news is we can easily obtain root on these devices and the bad is there is no control over it."
Generally to do something truly malicious with the flaw, you would have to use a trojan app equipped with memory dumping or memory injection functionality. But given the
success of past trojans against Android-rival Apple
, Inc. (
) the possibility of this flaw being exploited in the wild should not be ruled out.
This article is over a month old, voting and posting comments is disabled
RE: Galaxy S3 Affected
12/17/2012 10:05:46 PM
Well, instead of denying it or whatever Samsung will be looking into it.
Pretty speedy response IMO. Also, the folks at XDA are still hard at work making things right themselves.
"We shipped it on Saturday. Then on Sunday, we rested." -- Steve Jobs on the iPad launch
Apple Aims to Tack on Galaxy Note II and 5 Other Products to Existing Lawsuit
November 26, 2012, 2:05 PM
Symantec: Flashback Trojan for Mac Generates $10,000/Day
May 1, 2012, 1:46 PM
Samsung Reveals Quad-Core Exynos 4 for Galaxy S3 Superphone
April 26, 2012, 1:19 PM
Microsoft "Hopes" Developers Will Make Xbox One Games Unplayable Offline
May 24, 2013, 12:13 PM
Federal Judge Sides with U.S. DOJ in Apple E-Books Preliminary Hearing
May 24, 2013, 11:46 AM
HTC Considers "Senseless" One Smartphone
May 24, 2013, 8:00 AM
HTC One Hits 5 Million Sales in First Month, Despite Issues
May 23, 2013, 4:04 PM
HTC First's Arrival in UK Canceled, Facebook Assesses "Home" Feedback
May 23, 2013, 3:02 PM
Microsoft Expands Windows Azure in Asia, Mocks iPad in New Commercial
May 23, 2013, 12:06 PM
Most Popular Articles
High School Student Creates Storage Device that Can Charge in 20 Seconds
May 20, 2013, 6:51 AM
Apples Tries to Use Decade-Old Patents to Ban Samsung Galaxy S IV
May 22, 2013, 3:00 PM
NASA Awards $125,000 Grant for 3D Printed Food on Long-Term Space Travels
May 21, 2013, 1:32 PM
Microsoft Announces Voice-Controlled "Xbox One"
May 21, 2013, 12:55 AM
Seawater Cooling Saves Data Center Big Bucks, Energy, Despite Jellyfish Issues
May 17, 2013, 3:23 PM
Latest Blog Posts
Lumosity: Does it Work?
May 22, 2013, 8:20 PM
Quick Note: Sony "Teases" PS4 Ahead of Xbox Reveal in New Video
May 20, 2013, 12:33 PM
Nokia Introduces Instagram-Like App of Its Own to Help Lumia Sales
May 20, 2013, 7:10 AM
Parents of Pre-Teen Drivers Commonly Practice Distracted Driving Says Study
May 9, 2013, 7:16 AM
Apple's iOS 7 Running Into Internal Delays Due to Massive Overhaul
May 1, 2013, 4:26 PM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information