Pork Explosion: a serious flaw which affects Android Smartphone read more at here www.spinonews.com/index.php/item/1292-pork-explosion-a-serious-flaw-which-affects-android-smartphone

A serious flaw has been discovered by a security expert Jon Sawyer aka Justin Case or jCase, which affects Android Smartphone. This new flaw is so dangerous that it sabotages all the security measures of the operating system to such an extent that the device becomes vulnerable to all kinds of attacks.

Sawyer has dubbed this vulnerability as Pork Explosion, it was mainly identified in the apps bootloader from hardware developer Foxconn Technologies.

Foxconn is a well-known and one of the biggest hardware developer it manufactures a majority of Android OEMs such as Samsung, Sony and LG.

The problem arises from the need to create low-level firmware for these devices, which a few of these manufacturers allow Foxconn to do. Sawyer believes that a backdoor has been planted in the bootloader app and this backdoor can be used by the exploiter to access the Android device.

When the backdoor manages to gain it becomes easier to extract forensic data, brute force encryption keys and even unlocks any device’s bootloader without needing to reset user data.

When an attacker encrypts the device and obtains access to the root shell then using the compromised bootloader, the attacker can execute two types of commands, normal and OEM.

OEM commands are basically non-standard commands, which are usually implemented by the developers of the device whereas normal commands can be sent via USB after being hard-coded into the fast boot client.

However, the command that startled Swayer the most was ‘reboot-ftm,’ which is not a normal or OEM command and this command couldn’t be sent to the fast boot client and access it one needs to build a custom client that creates a link to the device and send this command to the bootloader.

Then another command is issued for rebooting the phone into factory test mode. This mode compromises the USB. If the ‘adb daemon’ feature isn’t running as root then the attacker won’t need to bypass the device while being connected to an unidentified computer. In such a scenario, SELinux isn’t permissive and stays in disable mode.

Two devices Nextbit Robin and Infocus manufactured by Foxconn were identified to be vulnerable to this security flaw. 

 

Swayer speculated that Foxconn might have added this debugging feature while manufacturing the devices and it can serve as a backdoor for hackers in future devices. Therefore, it is important that the company fixes this vulnerability soon.

Comments