A new security issue that may affect the privacy of Android device owners who purchased certain Samsung Galaxy models has been found, and apparently patched, by Replicant developers who are working on their own Android OS custom ROM. The modem chip which runs proprietary Samsung code has a backdoor in it that would allow third parties to perform several tasks on the handset, without the consent of unsuspecting users.
The modem processor that’s in charge of wireless communications with the carrier, “always runs a proprietary operating system, and these systems are known to have backdoors that make it possible to remotely convert the modem into a remote spying device,” Replicant developer Paul Kocialkowski wrote on the Free Software Foundation’s blog. “The spying can involve activating the device’s microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone. Moreover, modems are connected most of the time to the operator’s network, making the backdoors nearly always accessible.”
The developers listed several affected Galaxy devices including versions of the older Galaxy Note 2, Galaxy S3, Galaxy S2, Galaxy S, Nexus S, Galaxy Nexus, Galaxy Note, Galaxy Tab 2 10.1 and Galaxy 2 7.0. The baseband software on these devices “implements a backdoor that lets the modem perform remote file I/O operations on the file system.” Thus, the program would be able to read, write and delete files on the phone’s storage. Moreover, “on several phone models, this program runs with sufficient rights to access and modify the user’s personal data.”
Replicant has apparently patched the issues on those phones, but in case the modem “can take control of the main processor and rewrite the software in the latter, there is no way for a main processor system such as Replicant to stop it.” That means that no matter what custom ROM would be installed on the phones, the backdoor could be triggered by a modem with such advanced controls.
Samsung is yet to comment on this newly found security issue. At the same time, malicious attacks that may have taken advantage of the backdoor without Samsung and customers knowing are yet to be made public. Also notable is the fact that the security issue appears to affect only older Galaxy devices.