Developer Finds Security Hole in Galaxy Note II, S2
December 17, 2012 8:31 PM
comment(s) - last by
Memory permissions raise danger of local attacks
Samsung Electronics Comp., Ltd. (
) the top maker of Android smartphones in the world (or any kind of phones, for that matter), received some unwelcome news on Monday, when a developer going by the handle "alephzain" posted details on Microsoft Corp.'s (
) XNA developers forum regarding memory permissions security holes in some of Samsung's top devices.
In order to give their
a dedicated line from the camera to the memory, Samsung opened up permissions to the on-chip DRAM. The only issue is that it appears to have opened its memory for writing to all users.
That's good news for modders who could use it to obtain root for the purpose of installing custom builds of Android like Cyanogen. Bu at it's bad news from a security perspective.
The Galaxy Note II
The flaw appears to affect a number of top Samsung devices, including the
Galaxy Note II
, the Galaxy S2, and the Meizu MX. Comments the developer who found the flaw, "The good news is we can easily obtain root on these devices and the bad is there is no control over it."
Generally to do something truly malicious with the flaw, you would have to use a trojan app equipped with memory dumping or memory injection functionality. But given the
success of past trojans against Android-rival Apple
, Inc. (
) the possibility of this flaw being exploited in the wild should not be ruled out.
This article is over a month old, voting and posting comments is disabled
RE: Galaxy S3 Affected
12/20/2012 2:46:35 AM
The article is not reporting on malware, it is reporting on a vulnerability in a popular handset. Since it should be exploitable for root access, it is on the order of the iOS jailbreak hacks which were so widely reported.
Personally I think Windows vulnerabilities are a different league. While they often do achieve root level (admin privileges), they do so with the user's consent. This is in stark contrast to the attempts of Apple and now Samsung to keep root access for themselves.
"Spreading the rumors, it's very easy because the people who write about Apple want that story, and you can claim its credible because you spoke to someone at Apple." -- Investment guru Jim Cramer
Apple Aims to Tack on Galaxy Note II and 5 Other Products to Existing Lawsuit
November 26, 2012, 2:05 PM
Symantec: Flashback Trojan for Mac Generates $10,000/Day
May 1, 2012, 1:46 PM
Samsung Reveals Quad-Core Exynos 4 for Galaxy S3 Superphone
April 26, 2012, 1:19 PM
Apple Releases iOS 7.1, The First Major Update to Its "Rethought" Mobile OS
March 10, 2014, 1:52 PM
BlackBerry CEO Jokes that iPhone Users are "Wall Huggers"
March 10, 2014, 12:20 PM
Average Mobile Phone Bill in U.S. is Growing Despite Competition
March 10, 2014, 10:25 AM
Aussie Tried to Drop Drugs into a Prison Using an Aerial Drone
March 10, 2014, 9:32 AM
Quick Note: New Generation HTC One (M8) Photos Turn Up on Weibo
March 10, 2014, 9:04 AM
Sony, Panasonic Announce Archival Disc Standard Coming in 2015
March 10, 2014, 8:50 AM
Most Popular Articles
Bitcoin King Pt. II: Mt. Gox's Dictator Karpelès Proves Tragically Flawed
March 7, 2014, 1:12 PM
Bitcoin King: Mt. Gox CEO Mark Karpelès' History of Arrests, Firings
March 5, 2014, 9:05 AM
USAF Moves Forward With Long Range Bomber Program Despite Budget Crunch
March 4, 2014, 9:44 AM
Windows 8.1 Update 1 Leaked Early
March 7, 2014, 9:30 AM
Apple Won't Let UK Sons Unlock Their Deceased Mother's iPad
March 6, 2014, 12:44 PM
Latest Blog Posts
Tesla vs. BMW: Who Has the Safer EV?
Feb 1, 2014, 2:56 PM
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
Global Cyber Espionage Concerns Reveal Growing Cyber Armies
Nov 29, 2013, 11:04 AM
Is The Period Becoming an Expression of Anger?
Nov 26, 2013, 2:02 PM
NSA and Congress -- You Will Never Kill the Constitution, It's an Idea
Nov 10, 2013, 2:00 PM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information