| |||||||||||||
World-writable memory on Samsung Android phonesWorld-writable memory on Samsung Android phonesPosted Dec 17, 2012 17:12 UTC (Mon) by ledow (guest, #11753)In reply to: World-writable memory on Samsung Android phones by Cyberax Parent article: World-writable memory on Samsung Android phones
3DFX drivers for Windows basically always allowed the same (they had a system driver / service installed as administrator that allowed unchecked DMA to any memory region) and it was only discovered about 2-3 years ago (i.e. years after everyone had stopped using them because they were obsolete).
FireWire also had similar problems inherent in the design of the protocol itself that allowed systems to read any memory locat
It's pretty common. The question is how hard it is to exploit (i.e. this is incredibly easy, by just installing the "wrong" apk file) and how long it takes someone to find it (3DFX basically "got lucky" in that nobody noticed until nobody was using 3DFX drivers anyway).
(Log in to post comments)
World-writable memory on Samsung Android phones Posted Dec 17, 2012 17:20 UTC (Mon) by Cyberax (✭ supporter ✭, #52523) [Link]
NVidia on Linux had the same vulnerability until early this year. It's not possible to really control the third-party drivers.
However, in this case Samsung's engineers should have known better.
World-writable memory on Samsung Android phones Posted Dec 17, 2012 17:28 UTC (Mon) by andreasb (subscriber, #80258) [Link]
> FireWire also had similar problems inherent in the design of the protocol itself that allowed systems to read any memory
Every node has its own memory space, but that is an abstract concept with no requirement that it maps to the node's physical memory at all, much less that it maps 1:1 unrestricted. So that is not actually inherent in the protocol.
|
|||||||||||||