Replicant developers , a project to develop a version of Android completely free, have discovered a backdoor (backdoor) in the range of Samsung Galaxy .
On the blog of the Free Software Foundation (FSF) , Paul Kocialkowski home Replicant explains that this backdoor is the baseband chip (which acts as a modem and is a closed / proprietary technology) and that it can send orders to the OS and main to read and write directly to the file system from an external processor access.
In general, since we do not know exactly what there is in the baseband chip, we can all imagine. They are also known to allow geolocation or use the camera without the owner's phone. These chips are a nightmare for those who wish to protect their privacy.
Replicant has flushed a backdoor in the Samsung Galaxy phones and the FSF asks that Samsung customers rally to protest against these practices
Attention, it is not an involuntary fault but rather an interface implemented by the manufacturer of these chips feature. Samsung is aware or not this "feature" is another story.
Intelligence services (NSA and co) and hackers informed of this vulnerability could therefore access photos, documents, files, settings (passwords and co) but also swinging malware or any other file on any phone .
So how to protect themselves? And although it is difficult. It would actually buy phones with baseband code is open, but they are very few . For example, a project baseband open enough known is that 's Osmocom .
The alternative, ie the one chosen by Replicant, is to prohibit the OS to consider the messages sent by the Baseband chip and to prevent access to the file system. Unfortunately, this is a meager protection since this chip could well force the main processor to bypass the blockage.
In any case, congratulations to Replicant who discovered this backdoor in Samsung products. I suppose it is much more to find in all the phones in the market but at least for the latter, it is officially informed.