Security flaw affects nearly every Android phone with a Qualcomm Snapdragon chip, researcher warns

2 Comments

At the Black Hat conference in Las Vegas this week, computer security researcher Dan Rosenberg unveiled a previously unpublished security flaw that could be used to permanently unlock the bootloader on Android(s goog) phones. Demonstrated on a Motorola Moto X on Wednesday, the exploit affects almost any device using a modern Qualcomm(s qcom) Snapdragon chip.

The flaw is in ARM’s TrustZone technology, which basically allows a device to have two separate operating systems or “worlds,” one with privileged access, and one for normal apps and operation. By segregating access to hardware and sensitive information from the main OS, it’s possible to improve device security. But the flaw Rosenberg found is in TrustZone itself, or more specifically, Qualcomm’s implementation.

Qualcomm is aware of the security issue, and according to a spokesperson, has taken actions to patch the vulnerability: “We’re aware of this issue and have already made available software updates for our impacted customers to address the reported vulnerabilities.”

Rosenberg warns that this vulnerability affects all known Android devices with a Qualcomm Snapdragon SoC, including popular phones like the Nexus 5, the HTC One, and Samsung’s Galaxy Note 3, as well as the Moto X. The Samsung Galaxy S5 and the HTC One M8 have already been patched — although the exploit was only recently publicized, it was discovered at the start of July.

There are two ways of looking at this: First, it’s probably not good that a presumably trusted environment would allow anyone to execute arbitrary code — especially if that environment is underpinning a lot of security software, like Samsung Knox. But on the other hand, the unpatched exploit could lead to new devices getting bootloader unlocking methods, which would please people who like to tinker with their phone. Keep in mind, the full details of the exploit haven’t been published and it’s likely that device manufacturers are already working on patches.

The full report can be found here.

This article has been updated with Qualcomm’s statement. 

2 Comments

Dennis Anthony Reid MLIS

This is probably the first time I have heard that an ARM product had a security flaw. When you find the time. Please read my article entitled: Intel vs ARM.

Anon

Remember the uproar in the 90s about the Clipper chip? Now AMD & Intel have ARM (ARC for Intel) coprocessors to run this TrustZone stuff, and you the chip owner are not allowed to control what code they run! Search for TrustZone and you’ll end up in a warren of buzzwords (including DRM). I abandoned plans to buy a new PC because of this. But if it can be hacked, that is actually good news for end users or anyone who dislikes the NSA.

Comments are closed.