Developer Finds Security Hole in Galaxy Note II, S2
December 17, 2012 8:31 PM
comment(s) - last by
Memory permissions raise danger of local attacks
Samsung Electronics Comp., Ltd. (
) the top maker of Android smartphones in the world (or any kind of phones, for that matter), received some unwelcome news on Monday, when a developer going by the handle "alephzain" posted details on Microsoft Corp.'s (
) XNA developers forum regarding memory permissions security holes in some of Samsung's top devices.
In order to give their
a dedicated line from the camera to the memory, Samsung opened up permissions to the on-chip DRAM. The only issue is that it appears to have opened its memory for writing to all users.
That's good news for modders who could use it to obtain root for the purpose of installing custom builds of Android like Cyanogen. Bu at it's bad news from a security perspective.
The Galaxy Note II
The flaw appears to affect a number of top Samsung devices, including the
Galaxy Note II
, the Galaxy S2, and the Meizu MX. Comments the developer who found the flaw, "The good news is we can easily obtain root on these devices and the bad is there is no control over it."
Generally to do something truly malicious with the flaw, you would have to use a trojan app equipped with memory dumping or memory injection functionality. But given the
success of past trojans against Android-rival Apple
, Inc. (
) the possibility of this flaw being exploited in the wild should not be ruled out.
This article is over a month old, voting and posting comments is disabled
12/18/2012 6:07:12 AM
I've been waiting three days for this one to see what spin would be put on it and y'know I'm not disappointed. In fact my expectations have been exceeded.
Let's ignore the sheer scale (in terms of products) and sheer seriousness of this situation (wilful Direct Memory Access on a network-connected device) but instead deflect attention towards the fruity ones with a link to a completely irrelevant article that was scotched six months ago in any case and was a complete non-story.
No matter about all those Samsung owners who will be blissfully unaware of the mess going on in their pocket because they don't read tech websites (I mean proper tech websites, not this one obviously) and have no idea just how big a clusterfuck Samsung have made here and will probably actually be completely unaware of it and therefore will not take steps to mitigate the problem.
Good game Mick. Clown.
12/18/2012 3:23:06 PM
Looks like the story/article was taken down? It shows up as blank, even after refreshing.
"Game reviewers fought each other to write the most glowing coverage possible for the powerhouse Sony, MS systems. Reviewers flipped coins to see who would review the Nintendo Wii. The losers got stuck with the job." -- Andy Marken
Apple Aims to Tack on Galaxy Note II and 5 Other Products to Existing Lawsuit
November 26, 2012, 2:05 PM
Symantec: Flashback Trojan for Mac Generates $10,000/Day
May 1, 2012, 1:46 PM
Samsung Reveals Quad-Core Exynos 4 for Galaxy S3 Superphone
April 26, 2012, 1:19 PM
Smart Security Cameras: 5 Good Choices For Any Budget
July 25, 2016, 7:13 PM
Top 5 Smart Watches
July 21, 2016, 11:48 PM
Retiree Sues Apple For $7,500 for Wiping Honeymoon Photos From His iPhone
November 30, 2015, 10:23 AM
iPhone 7 May Pack 3-4 GB Memory, More Storage; 4-Inch Comeback is Rumored
November 20, 2015, 10:12 PM
OnePlus One, OnePlus 2 Will Receive Android Marshmallow in Q1 2016
November 16, 2015, 9:58 AM
Lenovo Whoa: Motorola Droid MAXX 2 and Turbo 2 Break Cover in Leaks
October 26, 2015, 3:12 PM
Most Popular Articles
Say Goodbye to Data Plans - Sprint and T-Mobile offer Unlimited Data
August 22, 2016, 6:12 AM
2 NEW PlayStation 4 Models - Unveiling September 7th
August 23, 2016, 6:23 AM
iPhones May Get Curved Screens Next Year
August 24, 2016, 6:45 AM
5 Easy Ways to Lower Blood Pressure By Monique C. Bethell, Ph.D.
August 25, 2016, 8:00 AM
Uber - Everyone's Autonomous Car Driver?
August 20, 2016, 6:01 AM
Latest Blog Posts
First Self-Driving Car debut on the streets of Singapore
Aug 28, 2016, 4:10 PM
Coming Soon - Drones and Airports
Aug 24, 2016, 12:40 PM
SolarCity’s Gigafactory: A Milesone in Emerging Technology by Lily Emamian - 15 August 2016
Aug 15, 2016, 6:30 AM
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
More Blog Posts
Copyright 2016 DailyTech LLC. -
Terms, Conditions & Privacy Information