Problems with Samsung's Android customisations

Blogger Robert Paleari writes that he has discovered serious security vulnerabilities in Samsung smartphones that seem to result from changes the company made to Android on its devices.

For security reasons, Paleari does not go into detail in his description of the vulnerabilities, but he does say that he reported the problems to Samsung in January and that the company is planning to release patches. However, he writes, the patches will take some time to arrive on consumers' phones, since Samsung says that its patches must be approved by all network carriers before they are released.

One issue with the vulnerabilities is that they allow attackers to install apps that give themselves privileges without asking for permission. A malicious app can be hidden in the package of one with fewer permissions and then installed at the same time or downloaded later. Apparently attackers are also able to send text messages even if the app doesn't have the appropriate permission (android.permission.SEND_SMS). They can even secretly make telephone calls, send emails, and change phone settings, including network settings. Paleari has published his findings because he is surprised that Samsung is dragging its feet, since the vulnerabilities are actually not that difficult to find and can be easily fixed.

An app with few permissions can be used to install another app that gives itself more permissions without asking for them

Terence Eden discovered a security vulnerability in the lock screens of Samsung smartphones earlier this month, and in contrast to Paleari, he now recommends contacting the company. He has also published another related exploit. In a proof-of-concept video, Eden shows how he can not only temporarily bypass some Samsung devices' lock screens, but also completely turn off the lock screen on his Samsung Galaxy Note II running Jelly Bean (Android 4.1.2).

The blogger managed to install a special app available from the Google Play store that immediately disabled the locked Note's lock screen. Of course, this hack only works if the Google Play store is accessible from the home screen and if the attacker is quick with their fingers, but once they've managed the hard part, they can dig around the smartphone as they please and even restore it to factory settings.

A little patience goes a long way if you want to disable the lock screen on a Samsung Galaxy Note II

Early March also brought announcements that the lock screen on Samsung's Galaxy S3 could be permanently unlocked and that the keyboards installed on Android could reveal partial or entire passwords.

(fab)