DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 19, 2019 
Main Menu
News archives

Who's Online
There are currently 182 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

USB backdoor discovered in Android phones with Foxconn firmware

Posted on Friday, October 14 2016 @ 14:10:39 CEST by

Foxconn logo
Security researcher Jon Sawyer announces the discovery of a secret backdoor in the firmware of an unknown number of Android phones manufactured by Foxconn. The backdoor, which he nicknamed Pork Explosion, requires physical access to the device and is the result of a vulnerability in the debugging feature of the OS bootloader.

As Softpedia reports over here, connecting to the phone with a USB cable and running some commands to it with your computer will make it possible to boot the device in a factory test mode that bypasses all normal authentication procedures and gives root control:
"In short, this is a full compromise over usb, which requires no logon access to the device," Sawyer says. "This vulnerability completely bypasses authentication and authorization controls on the device. It is a prime target for forensic data extraction."

"Due to the ability to get a root shell on a password protected or encrypted device, Pork Explosion would be of value for forensic data extraction, brute forcing encryption keys, or unlocking the boot loader of a device without resetting user data. Phone vendors were unaware this backdoor has been placed into their products," Sawyer adds.
A list of affected OEMs or smartphone models isn't available but Sawyer did provide some details on how to detect vulnerable Android devices:
“ For those looking to detect vulnerable devices, you can check for the partitions “ftmboot” and “ftmdata”. The “ftmboot” partition contacts a traditional Android kernel/ramdisk image. This one has SELinux disabled, and adb running as root. The “ftmdata” partition is mounted on /data during ftm bootmode. These partitions are only a sign that the device is vulnerable. ”



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba