Related
This CNET article is on Snowden but near the end it it has this paragraph which seems to describe how people are now rooting their Note 3s. Please read and be cautious!
From http://news.cnet.com/8301-13578_3-57615600-38/strike-a-deal-with-snowden/:
Miller also speaks to NSA Information Assurance Director Debora Plunkett, who reveals the discovery by one of her 3,000 analysts of a secret computer weapon that could destroy any computer it infected. She would not name its origin, but "60 Minutes" has learned it was engineered in China. The NSA allowed Plunkett to talk about it for the first time in detail. She says it was called the Bios Plot, for the foundational component, the Bios, that all computers have that performs basic functions like turning on the operating system and activating the hardware. The attack on the Bios would have been disguised as a request for a software update. If the user clicked on it, the virus would turn their computer into "a brick," says Plunkett. [http://news.cnet.com/8301-13578_3-57615600-38/strike-a-deal-with-snowden/]
The methods don't work anymore after security policy update 16 anyway.
There's always a new on we don't know about yet.
SGH-I717(AoCP6.4), SM-N900V/MI9(dlV), XDA Premium
Frank Westlake said:
This CNET article is on Snowden but near the end it it has this paragraph which seems to describe how people are now rooting their Note 3s. Please read and be cautious!
From http://news.cnet.com/8301-13578_3-57615600-38/strike-a-deal-with-snowden/:
Miller also speaks to NSA Information Assurance Director Debora Plunkett, who reveals the discovery by one of her 3,000 analysts of a secret computer weapon that could destroy any computer it infected. She would not name its origin, but "60 Minutes" has learned it was engineered in China. The NSA allowed Plunkett to talk about it for the first time in detail. She says it was called the Bios Plot, for the foundational component, the Bios, that all computers have that performs basic functions like turning on the operating system and activating the hardware. The attack on the Bios would have been disguised as a request for a software update. If the user clicked on it, the virus would turn their computer into "a brick," says Plunkett. [http://news.cnet.com/8301-13578_3-57615600-38/strike-a-deal-with-snowden/]
Click to expand...
Click to collapse
Frank, Note 3 doesn't have a BIOS. Besides such things are around as long as Internet. Evil Chinese, yeah.
Sent from my SM-N9005 using Tapatalk
!crazy said:
Frank, Note 3 doesn't have a BIOS.
Click to expand...
Click to collapse
I think they are using "BIOS" generically, on Android the boot loader may be the equivalent (which is locked on VZW). You are distracting the point. The point is that with some root methods you are giving complete access to some code which you are not being allowed to examine. When you do such things this "BIOS Plot" is the sort of thing you get. You can get the things described in the BIOS Plot with only root access, you don't need the boot loader.
!crazy said:
Besides such things are around as long as Internet.
Click to expand...
Click to collapse
They've been around much longer than the Internet.
Frank
Frank Westlake said:
I think they are using "BIOS" generically, on Android the boot loader may be the equivalent (which is locked on VZW). You are distracting the point. The point is that with some root methods you are giving complete access to some code which you are not being allowed to examine. When you do such things this "BIOS Plot" is the sort of thing you get. You can get the things described in the BIOS Plot with only root access, you don't need the boot loader.
They've been around much longer than the Internet.
Frank
Click to expand...
Click to collapse
Bootloader has nothing to do with BIOS. What you are saying is that the application one installs has the power to be executed as a program, and do nasty things? Also root is sometimes little overrated. The truth is, most of data we actually care about are not on system partitions which require root access at all.
What you are telling is right in general, but my point is, that is nothing new.One installs software, which is a black box, and which can theoretically do anything. Everyone is aware of it. Everyone with a brain. The guy I know, who is not aware, never took his car to service in his life, and he is driving cars for 15 years now. He cares about tits, buts, and shiny colorful things, and is not going to read such news anyway : ). I am using him only as an example, to say, people who care already know, except a very few young fellows, and to the others, it really doesn't matter.
!crazy said:
Bootloader has nothing to do with BIOS.
Click to expand...
Click to collapse
No, I was referring to what is described in the paragraph I quoted from the article "She says it was called the Bios Plot, for the foundational component, the Bios, that all computers have that performs basic functions like turning on the operating system and activating the hardware." With that description she is using "BIOS" as a general term for something which does as she describes.
!crazy said:
What you are saying is that the application one installs has the power to be executed as a program, and do nasty things? Also root is sometimes little overrated. The truth is, most of data we actually care about are not on system partitions which require root access at all.
Click to expand...
Click to collapse
An application is a program; a program is an application. The term "program" has evolved to "application". Application data is stored where only the application and root can get to it.
!crazy said:
What you are telling is right in general, but my point is, that is nothing new.
Click to expand...
Click to collapse
No, it's very old. What does age have to do with my warning?
!crazy said:
One installs software, which is a black box, and which can theoretically do anything. Everyone is aware of it.
Click to expand...
Click to collapse
Not everyone. Most people think everything is safe until someone warns them otherwise. You seem to be suggesting that I shouldn't warn them.
!crazy said:
I am using him only as an example, to say, people who care already know, except a very few young fellows, and to the others, it really doesn't matter.
Click to expand...
Click to collapse
Apparently you ARE trying to keep people from being warned.
Frank
Frank Westlake said:
No, I was referring to what is described in the paragraph I quoted from the article "She says it was called the Bios Plot, for the foundational component, the Bios, that all computers have that performs basic functions like turning on the operating system and activating the hardware." With that description she is using "BIOS" as a general term for something which does as she describes.
An application is a program; a program is an application. The term "program" has evolved to "application". Application data is stored where only the application and root can get to it.
No, it's very old. What does age have to do with my warning?
Not everyone. Most people think everything is safe until someone warns them otherwise. You seem to be suggesting that I shouldn't warn them.
Apparently you ARE trying to keep people from being warned.
Frank
Click to expand...
Click to collapse
All computers do not have bios, and bootloader have nothing to do with BIOS.
That 'News' is more about mentioning nasty Chinese, who develop bad software which destroy 'our' computers, and spy on us.
There are much nastier things, like backdoors implemented in Mainboards, like those found on Dell Mainboards, or backdoors left in software of well known companies, which also pretends to takes care of our privacy etc.
Those who download cracked software, and closed source of unknown personalities, deserve what happens.
Your warning is so general that you could type something like 'people take care, there are viruses, and software bad guys/girls wrote, and these can be hidden in software you download.'.
Ok you warned us. Thanks.
And now I saw this.
"Application data is stored where only the application and root can get to it. "
You really don't know what you are talking about...
But never mind.
Sent from my SM-N9005 using Tapatalk
!crazy said:
All computers do not have bios, and bootloader have nothing to do with BIOS.
Click to expand...
Click to collapse
Nearly every computer has a basic input and output layer, even if they don't formally package it as a Basic Input and Output System. Android has basic input and output; it is required to read and write to the storage media. But basic input and output is really irrelevant to the "BIOS Plot". It is not the a specific chip or a specific program that is being used and it is not necessarily related to input and output, it is the low level trusted layer that effects what is used by the operating system and it is the interface between the operating system and the hardware. That layer is what they are loosely referring to as a BIOS.
!crazy said:
There are much nastier things, like backdoors implemented in Mainboards, like those found on Dell Mainboards, or backdoors left in software of well known companies, which also pretends to takes care of our privacy etc.
Click to expand...
Click to collapse
They're all the same -- trusted low-level layers.
!crazy said:
Those who download cracked software, and closed source of unknown personalities, deserve what happens.
Click to expand...
Click to collapse
That's saying that someone rooting a phone deserves what happens if it goes bad. Root de la Vega, Kingo, and Vroot use cracked software, and Kingo and Vroot are closed source of unknown personalities. You are saying that people who use them deserve all the bad things. Root de la Vega is a known and trusted procedure by a known and trusted person. Kingo and Vroot are unknown procedures by unknown people, so you are saying that anyone who uses Kingo or Vroot deserves a virus, or whatever, and you are suggesting that I shouldn't warn then not to use such things.
!crazy said:
And now I saw this.
"Application data is stored where only the application and root can get to it. "
You really don't know what you are talking about...
Click to expand...
Click to collapse
Application data stored in the directory given it is as I stated. You are probably thinking of "shared storage", which is open to everyone. An application's private directory can only be accessed by the application and by root.
Frank
Frank Westlake said:
Nearly every computer has a basic input and output layer, even if they don't formally package it as a Basic Input and Output System. Android has basic input and output; it is required to read and write to the storage media. But basic input and output is really irrelevant to the "BIOS Plot". It is not the a specific chip or a specific program that is being used and it is not necessarily related to input and output, it is the low level trusted layer that effects what is used by the operating system and it is the interface between the operating system and the hardware. That layer is what they are loosely referring to as a BIOS.
They're all the same -- trusted low-level layers.
That's saying that someone rooting a phone deserves what happens if it goes bad. Root de la Vega, Kingo, and Vroot use cracked software, and Kingo and Vroot are closed source of unknown personalities. You are saying that people who use them deserve all the bad things. Root de la Vega is a known and trusted procedure by a known and trusted person. Kingo and Vroot are unknown procedures by unknown people, so you are saying that anyone who uses Kingo or Vroot deserves a virus, or whatever, and you are suggesting that I shouldn't warn then not to use such things.
Application data stored in the directory given it is as I stated. You are probably thinking of "shared storage", which is open to everyone. An application's private directory can only be accessed by the application and by root.
Frank
Click to expand...
Click to collapse
I haven't referred to shared storage, but basic ability of applications to access our personal files, documents, our work, etc. Usually these are important to us, and not system files. So no need for special privileges. Though on phones there is an additional issue, because privileged app can make calls and send messages.
Regarding basic IO etc, what are you talking about? The point is malicious software is an application, and can be installed like every other software. All talk about bios is unnecessary. Some OSs do communicate directly with hardware, and do not use BIOS concept at all. But that really doesn't matter in this context.
You can warn people it's a nice thing to do, but this is too general to me, like I said. Everyone needs to take care about sources they use, and should be aware that nothing is 100% secure. That's it. No need to reference a story about how bad Chinese are using 'BIOS plot' to attack good, innocent American users.
Sent from my SM-N9005 using Tapatalk
!crazy said:
Regarding basic IO etc, what are you talking about?
Click to expand...
Click to collapse
You keep saying that Android does not use a BIOS so I keep responding to that.
!crazy said:
The point is malicious software is an application, and can be installed like every other software. All talk about bios is unnecessary.
Click to expand...
Click to collapse
That might be your point but it is not true. Malicious software can be installed at any layer of the system, but at the lower layers it is harder to detect and remove. Talk about BIOS is not unnecessary because it is analogous of the lower layers where it is more harmful. An application which roots a device has the ability to install malicious software at any layer of the system, provided it hasn't been locked out of those layers. We think that the boot loader on Verizon's Galaxy Note 3 is locked yet we keep trying to find a way into it, and someone may have already done that without us knowing about it. But the next level is just as dangerous. SafeStrap installs itself at that level and does so with root level access. Wanam Xposed works at the next level up which is also just as dangerous; it modifies the Android framework. Those applications are not dangerous but the level they work at is, and any application which roots a device is able to install malicious software at those levels.
Applications which root devices should be examined publicly and approved by people capable of understanding the code. Some root enabling applications are closed-source so the public cannot examine the code to determine if those applications are safe to use. Why are those applications closed-source? To keep the code hidden from the public is irresponsible. What benefit do they have in keeping it hidden? Do they charge for the use of their applications? Their greatest benefit would be that they can at any time modify the code to be malicious.
!crazy said:
Some OSs do communicate directly with hardware, and do not use BIOS concept at all.
Click to expand...
Click to collapse
Then the OS is also the BIOS.
!crazy said:
You can warn people it's a nice thing to do, but this is too general to me, like I said. Everyone needs to take care about sources they use, and should be aware that nothing is 100% secure. That's it. No need to reference a story about how bad Chinese are using 'BIOS plot' to attack good, innocent American users.
Click to expand...
Click to collapse
A real life example is helpful.
The Main Problem with KNOX
Is that end-users are left-out cold without any form of privacy control.
As cool as MDM is to the "enterprise" developer and from a hacker's
perspective, there's nothing attractive with this to the end-user. How
can the end-user be certain that his store-bought KNOX enabled device,
hasn't already been compromised by some "enterprise"?
Without fully transparent, open source and public KNOX documentation,
this will be practically impossible to answer. As far as we know from
recent past experiences, on how "curious" enterprises like Google,
Samsung and NSA have been, why should we trust them this time? Or what
about the mobile service providers themselves? We know from many recent
examples how companies like Verizon and AT&T have been spying on their
customers before.
What follows is a few enlightening excerpts from the latest KNOX
white-paper. Before reading this and having recent major KNOX related
developer issues, I have gone from a "KNOX-who-cares" person, to a vivid
Anti-KNOX-er! I will most likely stay that way, at least until our
devices are sold without KNOX, and only available as a voluntary device
add-on/feature, using open source as it's basis.
What about you? Would you be happy to walk around the streets with a
laptop that has a remote access tool that constantly tracks your every
move, picture, sound and friends you meet and call, all while not
informing of any of that? While being way beyond you control? In fact,
you will not even have any choice, if Godzilla and Samsung gets their
way, in the next year.
Attestation
Attestation offers verification of a mobile device's core system
software i.e, the boot loaders and the kernel, at runtime based on the
measurement data collected during trusted boot. Attestation can be
requested at any time by the enterprise's Mobile Device Management (MDM)
system. All security critical operations of attestation are performed in
Trustzone.
When requested, the Attestation feature reads the previously stored
measurement information and the fuse value (see Trusted Boot above) and
combines these data to produce an Attestation "verdict". This verdict,
which essentially an indicate for whether tampering has occured, is
simply returned to the requesting MDM. The Attestation result is
returned to the requesting MDM server with a signature based on the
device's unique "Attestation Certificate" that is configured in the
device during the manufacturing process. This ensures that the
Attestation verdict cannot be altered during transfer.
Any further action is determined by the enterprise's MDM security
policy. It might choose to detach from the device, erase the contents of
the secure application container, ask for the location of the device, or
any of many other possible security recovery procedures.
The KNOX Container
...
The enterprise can manage the container like any other IT asset using an
MDM solution. Samsung KNOX supports many of the leading MDM solutions on
the market. Container management is affected by setting policies in the
same fashion as those traditional MDM policies. Samsung KNOX Container
includes a rich set of policies for authentication, data security, VPN,
email, application blacklisting, whitelisting, etc.
...
The new container also allows enterprise IT administrators to control
the flow of information between the container and the rest of the
device. This allows enterprises to strike the right balance between
security and user productivity. Users can also control the data sharing
capability based on their personal preferences, within the limits
specified by the enterprise IT administrator.
Mobile Device Management (MDM)
Enrolling an Android device into a company’s MDM system typically begins
with the user downloading the agent application from the Google Play
store and then configuring it for work. Enterprises are facing
increasing help desk calls as more and more users are activating mobile
devices for work and run into issues during this process. In addition
the user is presented with prompts, privacy policies and license
agreements at various stages resulting in a poor overall experience.
The KNOX platform provides a unified enrollment solution that is simple
and intuitive, and eliminates many steps in the enrollment process.
The process begins with the employee navigating to a web page and
clicking on an enrollment link. The link to the original web page may be
provided to the employee via an e-mail or SMS, or via the company’s
internal or external website. Clicking on the enrollment link brings up
a screen that prompts for the user’s corporate email address. The device
then displays all notices for the user to accept, which include privacy
policies and agreements from Samsung, the MDM vendor and the enterprise.
Upon accepting the terms, the user is directed to a screen to enter the
password for the corporate account. If authentication is successful the
enrollment is complete. Any agent application required by the MDM server
is automatically downloaded and installed, without user intervention.
MDM vendors can take advantage of this feature and simplify the
onboarding process for enterprise users and significantly improve the
user experience and reduce support costs.
In a nutshell, this is legalized control and spying.
I believe the quoted features have to be enabled by the company paying for the subscription (ie employer providing the devices), which is pretty standard MDM. If you are going to agree to use a MDM (as such an employee would have to) I see no issue here unless I am missing something.
I would be much more worried about abuse of the baseband, than MDM software which isn't enabled by default. Much more likely, and better target.
E:V:A said:
The Main Problem with KNOX
Is that end-users are left-out cold without any form of privacy control.
As cool as MDM is to the "enterprise" developer and from a hacker's
perspective, there's nothing attractive with this to the end-user. How
can the end-user be certain that his store-bought KNOX enabled device,
hasn't already been compromised by some "enterprise"?
Without fully transparent, open source and public KNOX documentation,
this will be practically impossible to answer. As far as we know from
recent past experiences, on how "curious" enterprises like Google,
Samsung and NSA have been, why should we trust them this time? Or what
about the mobile service providers themselves? We know from many recent
examples how companies like Verizon and AT&T have been spying on their
customers before.
What follows is a few enlightening excerpts from the latest KNOX
white-paper. Before reading this and having recent major KNOX related
developer issues, I have gone from a "KNOX-who-cares" person, to a vivid
Anti-KNOX-er! I will most likely stay that way, at least until our
devices are sold without KNOX, and only available as a voluntary device
add-on/feature, using open source as it's basis.
What about you? Would you be happy to walk around the streets with a
laptop that has a remote access tool that constantly tracks your every
move, picture, sound and friends you meet and call, all while not
informing of any of that? While being way beyond you control? In fact,
you will not even have any choice, if Godzilla and Samsung gets their
way, in the next year.
Attestation
Attestation offers verification of a mobile device's core system
software i.e, the boot loaders and the kernel, at runtime based on the
measurement data collected during trusted boot. Attestation can be
requested at any time by the enterprise's Mobile Device Management (MDM)
system. All security critical operations of attestation are performed in
Trustzone.
When requested, the Attestation feature reads the previously stored
measurement information and the fuse value (see Trusted Boot above) and
combines these data to produce an Attestation "verdict". This verdict,
which essentially an indicate for whether tampering has occured, is
simply returned to the requesting MDM. The Attestation result is
returned to the requesting MDM server with a signature based on the
device's unique "Attestation Certificate" that is configured in the
device during the manufacturing process. This ensures that the
Attestation verdict cannot be altered during transfer.
Any further action is determined by the enterprise's MDM security
policy. It might choose to detach from the device, erase the contents of
the secure application container, ask for the location of the device, or
any of many other possible security recovery procedures.
The KNOX Container
...
The enterprise can manage the container like any other IT asset using an
MDM solution. Samsung KNOX supports many of the leading MDM solutions on
the market. Container management is affected by setting policies in the
same fashion as those traditional MDM policies. Samsung KNOX Container
includes a rich set of policies for authentication, data security, VPN,
email, application blacklisting, whitelisting, etc.
...
The new container also allows enterprise IT administrators to control
the flow of information between the container and the rest of the
device. This allows enterprises to strike the right balance between
security and user productivity. Users can also control the data sharing
capability based on their personal preferences, within the limits
specified by the enterprise IT administrator.
Mobile Device Management (MDM)
Enrolling an Android device into a company’s MDM system typically begins
with the user downloading the agent application from the Google Play
store and then configuring it for work. Enterprises are facing
increasing help desk calls as more and more users are activating mobile
devices for work and run into issues during this process. In addition
the user is presented with prompts, privacy policies and license
agreements at various stages resulting in a poor overall experience.
The KNOX platform provides a unified enrollment solution that is simple
and intuitive, and eliminates many steps in the enrollment process.
The process begins with the employee navigating to a web page and
clicking on an enrollment link. The link to the original web page may be
provided to the employee via an e-mail or SMS, or via the company’s
internal or external website. Clicking on the enrollment link brings up
a screen that prompts for the user’s corporate email address. The device
then displays all notices for the user to accept, which include privacy
policies and agreements from Samsung, the MDM vendor and the enterprise.
Upon accepting the terms, the user is directed to a screen to enter the
password for the corporate account. If authentication is successful the
enrollment is complete. Any agent application required by the MDM server
is automatically downloaded and installed, without user intervention.
MDM vendors can take advantage of this feature and simplify the
onboarding process for enterprise users and significantly improve the
user experience and reduce support costs.
In a nutshell, this is legalized control and spying.
Click to expand...
Click to collapse
jcase said:
I believe the quoted features have to be enabled by the company paying for the subscription (ie employer providing the devices), which is pretty standard MDM. If you are going to agree to use a MDM (as such an employee would have to) I see no issue here unless I am missing something.
I would be much more worried about abuse of the baseband, than MDM software which isn't enabled by default. Much more likely, and better target.
Click to expand...
Click to collapse
I don't know to what extent you're playing devils advocate, but I am still a bit surprised, you can't see any issues with this.
The issue is, that we're not able to see how this enabling mechanism work, and therefore cannot even make any half-baked guess if this is actually secure, or can be easily broken, abused or circumvented, if not so, already. In addition the MDM software is enabled by default, at least as far as my processes and device drivers present, shows. It's just not visibly activated, until you go through the signup procedures. Furthermore it seem that the MDM features are very well weaved into the baseband functionality. Not that baseband is using MDMD, but that MDM makes extensive use of the baseband and features not documented. But to what extent that is true, I can 't really say at this time, as I have not spent any time on it.
One more thing. They say that KNOX is a security "addition" to the default SELinux policies, but that is not the whole story. Actually it seem more that KNOX is replacing or overriding the SEL policies already present. How can we actually test and see this, when we're not even allowed (or given) the tools to do so?
E:V:A said:
I don't know to what extent you're playing devils advocate, but I am still a bit surprised, you can't see any issues with this.
The issue is, that we're not able to see how this enabling mechanism work, and therefore cannot even make any half-baked guess if this is actually secure, or can be easily broken, abused or circumvented, if not so, already. In addition the MDM software is enabled by default, at least as far as my processes and device drivers present, shows. It's just not visibly activated, until you go through the signup procedures. Furthermore it seem that the MDM features are very well weaved into the baseband functionality. Not that baseband is using MDMD, but that MDM makes extensive use of the baseband and features not documented. But to what extent that is true, I can 't really say at this time, as I have not spent any time on it.
One more thing. They say that KNOX is a security "addition" to the default SELinux policies, but that is not the whole story. Actually it seem more that KNOX is replacing or overriding the SEL policies already present. How can we actually test and see this, when we're not even allowed (or given) the tools to do so?
Click to expand...
Click to collapse
I'm not playing devils advocate, I'm saying that I don't think this is the route the NSA would take.
puzzled
I don't get it - I thought "knox" was just that thing that counts how many times you've flashed a custom rom (which can easily be removed and reset).
b
jcase said:
I'm not playing devils advocate, I'm saying that I don't think this is the route the NSA would take.
Click to expand...
Click to collapse
We are not able to see how any closed source security component works, and you investigate it the same way you investigate any closed source feature.
jcase said:
I'm not playing devils advocate, I'm saying that I don't think this is the route the NSA would take.
Click to expand...
Click to collapse
I think it's pointless to speculate in which route they would take, as they would certainly take whatever route available to accomplish their mission. Together with Google own INSTALL ASSET methods, MDM makes that even more simple on Samsungs.
I'm sure we'll see more posts like this in the near future.
FYI - How the NSA can 'turn on' your phone
E:V:A said:
I think it's pointless to speculate in which route they would take, as they would certainly take whatever route available to accomplish their mission. Together with Google own INSTALL ASSET methods, MDM makes that even more simple on Samsungs.
I'm sure we'll see more posts like this in the near future.
FYI - How the NSA can 'turn on' your phone
Click to expand...
Click to collapse
I'll make sure to remove such paranoia posts in the future, one is enough. I think a baseband attack is more likely, as it is more likely to impact more phones, from more OEMs, running more firmwares etc. The baseband is much harder to investigate as well, less people looking at it, more potential for bugs living longer, easier not to get noticed.
jcase said:
I'll make sure to remove such paranoia post in the future, one is enough. I think a baseband attack is more likely, as it is more likely to impact more phones, from more OEMs, running more firmwares etc. The baseband is much harder to investigate as well, less people looking at it, more potential for bugs living longer, easier not to get noticed.
Click to expand...
Click to collapse
Well, I'm not sure that post fulfill all the criteria of "paranoia", especially since it is mostly grounded in truth, apart from the CNN journalism. But my point is already there. When people have no insight or control over what's happening in their pockets, they start getting religiously paranoid. I guess from an anthropological point of view, paranoia has some kind of good survival function for the group. So it serves well as a counter balance to being completely ignorant.
E:V:A said:
Well, I'm not sure that post fulfill all the criteria of "paranoia", especially since it is mostly grounded in truth, apart from the CNN journalism. But my point is already there. When people have no insight or control over what's happening in their pockets, they start getting religiously paranoid. I guess from an anthropological point of view, paranoia has some kind of good survival function for the group. So it serves well as a counter balance to being completely ignorant.
Click to expand...
Click to collapse
It has been removed from the security forum, it is a copy paste of an article reportedly from cnn (no source link to back that), without any citations to the claims made. I will make a better effort to keep the forum accurate, and fud free in the future.
It has factual inaccuracies, and seems to be just a promo piece for a custom Android ROM that indeed has it's own issues.
@E:V:A
I do appreciate your posts, they are welcome here, but some of the posts ive been removing are just FUD, way out there or unsourced.
when I got my phone rooted and opened supersu, it suggested to disable KNOX. Before then, I didn't even know what KNOX is. I searched some information about it, looks like it is just security solution.
explanation
yueyejinghun said:
when I got my phone rooted and opened supersu, it suggested to disable KNOX. Before then, I didn't even know what KNOX is. I searched some information about it, looks like it is just security solution.
Click to expand...
Click to collapse
It's just a feature that counts how many times you've flashed a custom rom to your phone; easily removed and reset.
FIRST Read the OP and then the KNOX whitepaper.
and maybe someone will open this thread again...or remove it.
Cryptome.org published court documents from Cellebrite, the company suspected of helping the FBI break into the phone in the Apple-FBI crypto case, revealing technical details on the methods they use to recover data from locked iPhones, Samsungs and Blackberries.
Document is available here: https://cryptome.org/2016/03/cellebrite-msab-001.pdf (about mid-way through after jurisdiction arguments is where it gets juicy).
In general, all Cellebrite approaches seem to rely on a custom bootloader, injected into the system a variety of ways (in the case of a Blackberry using a fairly sophisticated trio of exploits).
In the case of Samsung, it appears to be a USB attack vector while the phone is running (as opposed to the iPhone which must specifically be turned off before it can be exploited).
With the new lockdown status and forced signing on the Samsung Galaxy S7, question for the advanced devs here: Do you think this changes the effectiveness of Cellebrite's overall method?
Specifically, is their whole approach of a custom bootloader rendered moot with the newly enforced security or, interestingly, is the approach by Cellebrite possibly applicable to loading custom ROMs on the S7?
From https://source.android.com/security/bulletin/2017-12-01 --
The most severe vulnerability in this section could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process.
Thoughts on this one, guys?
Any possibility this could be mitigated somehow, short of tossing the Android device in the trash and buying an iPhone instead?
In particular, is there any way to just disable the mediaserver or whatever altogether? It would be much better to not be able to play videos, than the possibility of any video pwning your entire device, no?
Vulnerabilities like these are patched almost every month (just have a look at the bulletins of the months before), so this one doesn't seem any worse than those that have been there before. To the best of my knowledge, neither of these have ever been exploited in the wild - not even Stagefright back in 2015, according to Google: https://www.theregister.co.uk/2017/02/15/google_stagefright_android_bug_zero_success/
Note that the security bulletin you linked to also states the following:
"The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are turned off for development purposes or if successfully bypassed."
Click to expand...
Click to collapse
I hope they can't be bypassed too easily...
What I don't understand is what 'privileged' means here. Does it mean 'root' or does it relate to Android app permissions? The former sounds much worse, and I'd find it alarming if the media framework stuff would (still) run as root (or something similar). Would be great if someone could clarify this.
As I tend to be kinda paranoid when it comes to computer security, I'm also always worried by issues like these, but my impression is it's probably something we have to live with :-/
In particular, I don't see a reason to believe the iPhone is more secure (apart from the fact that it receives regular updates in contrast to most Android phones...)
One would probably be better off with a system that is so exotic that no one would bother to develop an exploit for it - unfortunately, I haven't found one so far...
by sophisticated government attack i mean something with virtualization technologies, several masking and hiding capabilities like FinFishers solutions.
Does:
Updating to the newest version of ios
hard reset the phone
securely remove the spyware?
1) i see more as a bonus question that is not really needed, but might be interesting too.
I would thank you for a careful but practical answer, since this question relates to some "moving parts" like: "Is it possible to load a "real" update from an infected phone, or will a sophisticated attack redirect those requests" and if there is something you can do to prevent this etc. or the question whether a hard reset really deletes everything or if the spyware can somewhat hide in "blocked" or wrongly addressed areas of the storage and so on.
On the other hand i do know that there never is absolute certainty and would be more interested in a "probabilistic view".
Thanks to the Forum!
I think your question is pointing to widespread security problems with most technology. Manufacturers often use closed source software and the same goes for most of the hardware devices. This makes security very difficult and of course these weaknesses are now being exploited by state sponsors.
Stuxnet was a good example and well worth reading about.
https://en.m.wikipedia.org/wiki/Stuxnet
http://itmanager.blogs.com/notes/20...e-protected-the-iranians-against-stuxnet.html
It infects microcontroller chips that do memory management. The introduced code returns modified data, maybe not even on each read.
So if the phone internal memory uses these microcontroller chips then even loading a new rom wouldn't help. You have to be able to have access to the microcontroller firmware and introduce your own access certification. It is very difficult to do this at present as most of the hardware information is not available, both for phone and internal chips.
Unfortunately this means that state sponsors can take the devices apart, inspect chips with an electron microscope, thus obtain a lot of secret information for their hacks.
Having had stuxnet on a laptop I became interested in these problems.
Contaminated updates again depend on the resources available. These rely on https and code signing.
https://arstechnica.com/information...ate-authorities-conspire-to-spy-on-ssl-users/
http://www.crypto-it.net/eng/theory/software-signing.html
A contaminated update requires access to the certificates and a delivery method such as intercepting a request from a known ip address.
Many states have access to the certificates and the means to target downloads. Using tor for updating might give some protection, as would a system to compare your download with that obtained by other people. We don't have this working automatically yet as far as I know.
https://www.torproject.org/docs/verifying-signatures.html.en
Phones have a second operating system where code may not be secure.
http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone
https://www.rsaconference.com/event...ile-apt-how-rogue-base-stations-can-root-your
You can minimize risk by keeping a device in airplane mode and using a separate mifi device.
If you consider yourself an innocent target or just want to minimise risk then perhaps regularly buy second hand or new devices from shops, keep them in airplane mode, keep the necessary software to send by bluetooth and check the md5 sums.
Web browsers could be another security problem if they can run exploits, but this is probably outside the scope of your question.
Secure communications apps will probably work fine as long as they don't require updates. Beyond that, keep it all locked up in a safe you built yourself.