- Apr 25, 2013
- 5,355
A security researcher at BlackHat has sparked a “did-he-didn't-he” Tweet-storm over the extent of an alleged “hack” of the “secure by design” Blackphone.
The Twitter argument continues, with @TeamAndIRC first announcing that it only took five minutes to root the Blackphone; then backtracking on one claim because it happened on an unpatched version of Android, and noting that the second attack required user interaction.
The three items the account identifies are described as follows: (a) “USB debugging/dev menu removed, open via targeted intent”; (b) “remotewipe app runs as system, and is debuggable, attach debugger get free system shell”, and (c) “system user to root, many available”.
This post by CSO Dan Ford at Medium answers some of @TeamAndIRC's claims.
Ford doesn't consider the debugging attack to be a vulnerability because the Android Debugging Bridge is part of Android: “We turned ADB off because it causes a software bug and potentially impacts the user experience, a patch is forthcoming.”
“I would like to thank him for not blowing the issue out of proportion and going back to the twittersphere for a little more transparency by explaining that direct user interaction is required and that we had already patched one of the vulnerabilities through the OTA update,” Ford continues.
A simple run of CTS or a proper audit would have prevented the black phone hack
— Justin Case (@TeamAndIRC) August 10, 2014
That seems to leave the ability for a system users to get through to root: the details of the attack haven't been discussed in public, but Ford promises a patch as soon as possible once Blackphone knows what's going on.
A sidelight to the to-ing and fro-ing between @TeamAndIRC was some ill-advised crowing from the BlackBerry community over the attack, to which @TeamAndIRC responded:
The Twitter argument continues, with @TeamAndIRC first announcing that it only took five minutes to root the Blackphone; then backtracking on one claim because it happened on an unpatched version of Android, and noting that the second attack required user interaction.
The three items the account identifies are described as follows: (a) “USB debugging/dev menu removed, open via targeted intent”; (b) “remotewipe app runs as system, and is debuggable, attach debugger get free system shell”, and (c) “system user to root, many available”.
This post by CSO Dan Ford at Medium answers some of @TeamAndIRC's claims.
Ford doesn't consider the debugging attack to be a vulnerability because the Android Debugging Bridge is part of Android: “We turned ADB off because it causes a software bug and potentially impacts the user experience, a patch is forthcoming.”
“I would like to thank him for not blowing the issue out of proportion and going back to the twittersphere for a little more transparency by explaining that direct user interaction is required and that we had already patched one of the vulnerabilities through the OTA update,” Ford continues.
A simple run of CTS or a proper audit would have prevented the black phone hack
— Justin Case (@TeamAndIRC) August 10, 2014
That seems to leave the ability for a system users to get through to root: the details of the attack haven't been discussed in public, but Ford promises a patch as soon as possible once Blackphone knows what's going on.
A sidelight to the to-ing and fro-ing between @TeamAndIRC was some ill-advised crowing from the BlackBerry community over the attack, to which @TeamAndIRC responded:
Hey BlackBerry idiots, stop miss quoting me on your blogs. Your phone is only "secure" because it has few users and little value as a target
— Justin Case (@TeamAndIRC) August 10, 2014
— Justin Case (@TeamAndIRC) August 10, 2014
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
