• Copy link
• Facebook
• X
• Reddit
• Email

Share this article

4

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Is there a vulnerability in Samsung Galaxy smartphones and tablets that could let an attacker remotely access your files, or even send commands to your phone?

So says Paul Kocialkowski, a developer on Replicant, an alternative build of Google's Android operating system. According to Kocialkowski, Samsung Galaxy devices give their carriers too much access to users' files.

MORE: 7 Ways to NSA-Proof Your Smartphone

Here's how it works: When you use a smartphone or tablet, the user-facing operating system and its apps are usually all you see. But there's another operating system that works alongside Android, iOS or Windows Phone: the embedded, or "baseband" firmware that handles the physical radio signals used to connect to cellular, Wi-Fi and Bluetooth networks.

The two components are mostly separate, but in order for the phone or tablet to operate, the baseband firmware has to have "hooks" in the user-facing operating system.

Kocialkowski argues that in the case of Samsung Galaxy devices running both stock and Samsung-tweaked Android, these hooks are way too deep — so deep, in fact, that they constitute a "backdoor" by which an attacker who knew of the vulnerability could gain remote access to users' personal files.

"As the modem is running proprietary software, it is likely that it offers over-the-air remote control, that could then be used to ... access the phone's file system," Kocialkowski writes in a report on the project's wiki.

That's because the wireless carrier can access the phone's baseband operating system, and the baseband operating system in turn can access Android's file system while the phone is running.

Does this constitute a backdoor — a secret method of deliberately undermining software security? Kocialkowski seems to think so.

"This is yet another example of what [kind of] unacceptable behavior proprietary software permits," he wrote yesterday (March 12) in a post on the Free Software Foundation blog summarizing his findings.

MORE: Mobile Security Guide: Everything You Need to Know

Kocialkowski said it was also conceivable that the baseband software could take control of the phone's main processor and rewrite some or all of its software. That claim has yet to be proven.

He stopped just short of accusing Samsung of deliberately implanting a backdoor in its own devices. Yet there are perfectly legitimate reasons for baseband firmware to access the files of the user-facing operating system.

For example, when smartphone users encounter a problem and call their wireless carrier for help, carrier technicians can use the baseband-OS interface to remotely access and fix devices.

Kocialkowski may have even gotten some flak from a fellow Replicant developer, who read of the purported backdoor on the British tech-news site The Register.

The reader, who calls himself "TJ1" in The Register's comments section and claimed to be a part of the Replicant project, calls Kocialkowski's report "misguided sensationalism."

TJ1 wrote that the baseband operating system needs access to the phone's internal memory when powering on, but then hands control back to the application operating system — in this case, Android — once that step is complete.

Kocialkowski's original wiki entry admits that the vulnerability could be benign. 

"It is possible that these were added for legitimate purposes, without the intent of doing harm by providing a backdoor," he wrote. "Nevertheless, the result is the same and it allows the modem to access the phone's storage." 

Kocialkowski doesn't exactly have a neutral stake in the issue. His report claims that replacing the standard Android operating system with Replicant will prevent the baseband operating system from accessing Replicant's filesystem.

So far, a proof of concept for this alleged vulnerability has not been created.

Email jscharr@techmedianetwork.com or follow her @JillScharr and Google+.  Follow us @TomsGuide, on Facebook and on Google+.

• 9 Tips to Stay Safe on Public Wi-Fi
• 13 Security and Privacy Tips for the Paranoid
• 7 Ways to Lock Down Your Online Privacy