| |||||||||||||
World-writable memory on Samsung Android phonesWorld-writable memory on Samsung Android phonesPosted Dec 17, 2012 16:36 UTC (Mon) by nickbp (subscriber, #63605)In reply to: World-writable memory on Samsung Android phones by endecotp Parent article: World-writable memory on Samsung Android phones
I expect its often an issue of rushing to keep the schedule from slipping, where the engineer had quickly put something together that 'works enough to demo', with plans for a replacement before the final release. But the replacement never happens, since the engineer is told that 'what we have already works!'
(Log in to post comments)
World-writable memory on Samsung Android phones Posted Dec 17, 2012 16:55 UTC (Mon) by ssmith32 (subscriber, #72404) [Link]
Probably the best explanation.
Others are:
- Windows let all users do this for years:
- It's easier for a malicious app to just ask for the permissions it wants to do bad things, rather than hack physical memory or bother trying to get root. Most people are going to click OK anyways...
World-writable memory on Samsung Android phones Posted Dec 17, 2012 17:08 UTC (Mon) by Cyberax (✭ supporter ✭, #52523) [Link]
Not quite the same. The PhysicalMemory device had always been protected by ACLs in Windows, requiring administrative access to read/write to it.
World-writable memory on Samsung Android phones Posted Dec 17, 2012 17:12 UTC (Mon) by ledow (guest, #11753) [Link]
3DFX drivers for Windows basically always allowed the same (they had a system driver / service installed as administrator that allowed unchecked DMA to any memory region) and it was only discovered about 2-3 years ago (i.e. years after everyone had stopped using them because they were obsolete).
FireWire also had similar problems inherent in the design of the protocol itself that allowed systems to read any memory locat
It's pretty common. The question is how hard it is to exploit (i.e. this is incredibly easy, by just installing the "wrong" apk file) and how long it takes someone to find it (3DFX basically "got lucky" in that nobody noticed until nobody was using 3DFX drivers anyway).
World-writable memory on Samsung Android phones Posted Dec 17, 2012 17:20 UTC (Mon) by Cyberax (✭ supporter ✭, #52523) [Link]
NVidia on Linux had the same vulnerability until early this year. It's not possible to really control the third-party drivers.
However, in this case Samsung's engineers should have known better.
World-writable memory on Samsung Android phones Posted Dec 17, 2012 17:28 UTC (Mon) by andreasb (subscriber, #80258) [Link]
> FireWire also had similar problems inherent in the design of the protocol itself that allowed systems to read any memory
Every node has its own memory space, but that is an abstract concept with no requirement that it maps to the node's physical memory at all, much less that it maps 1:1 unrestricted. So that is not actually inherent in the protocol.
World-writable memory on Samsung Android phones Posted Dec 17, 2012 17:43 UTC (Mon) by dpquigl (subscriber, #52852) [Link]
Actually it wasn't administrative privileges. Write access to /Device/PhysicalMemory has be exclusively given to the system user and no other user. Now you could add that its trivial to schedule something to run as system if you're administrator but if you're already the administrator what are you messing around with physical memory for. Just install a kernel driver and be done with it.
World-writable memory on Samsung Android phones Posted Dec 17, 2012 19:10 UTC (Mon) by quotemstr (subscriber, #45331) [Link]
> - Windows let all users do this for years:
That's not the case. Normal, unprivileged users were never able to use that device. \Device\PhyicalMemory was no worse than /dev/mem.
|
|||||||||||||