light bulb

Did You Know?



Reply
Posts: 4,366
Topics: 2,720
Kudos: 5,371
Registered: ‎06-12-2013

Blackphone rooted at BlackHat

So the Blackphone we have talked about here before (Über-secure Blackphone crypto-mobe spills its silicon guts)  did not last long before it was hacked but the extent of the hack appears to be in question at this time.

 

Details awaited on privilege escalation bug

By Richard Chirgwin,

 

"A security researcher at BlackHat has sparked a “did-he-didn't-he” Tweet-storm over the extent of an alleged “hack” of the “secure by design” Blackphone.

The Twitter argument continues, with @TeamAndIRC first announcing that it only took five minutes to root the Blackphone; then backtracking on one claim because it happened on an unpatched version of Android, and noting that the second attack required user interaction.

 

The three items the account identifies are described as follows: (a) “USB debugging/dev menu removed, open via targeted intent”; (b) “remotewipe app runs as system, and is debuggable, attach debugger get free system shell”, and (c) “system user to root, many available”."

 

Full Article

 

 

Sr. Community Leader

Community Manager Community Manager
Community Manager
Posts: 3,919
Registered: ‎12-16-2013

Re: Blackphone rooted at BlackHat

That's disappointing - if you lose your phone then they can get into it quite easily.

Community Guide
Posts: 180
Registered: ‎10-31-2013

Re: Blackphone rooted at BlackHat

not exactly surprising, typically with physical access to a device it's only a matter of time before any security in place is compromised.
Posts: 4,366
Topics: 2,720
Kudos: 5,371
Registered: ‎06-12-2013

Is the Blackphone really so easy to root? Probably no.

So one of the vulnerabilies had already been patched and it was old firmware on the phone which he tested, it looks like the truth is finally coming out, but it may have dented the users trust slightly.

 

by Pierluigi Paganini on August 12th, 2014

 

Blackphone 2

 

"Security expert Jon Sawyer (@TeamAndIRC), CTO of Applied Cybersecurity, at the recent DEF CON hacker conference demonstrated that Blackphone is vulnerable, they have rooted the super smartphone in just 5 minutes.  The security researcher took 5 minutes to root the device without unlocking the device’ bootloader.

The principal problem is that the researcher didn’t know to have tested a phone with old firmware and that the designers of Blackphone had already patched one of the vulnerabilities and pushed out the update."

 

Full Article

Sr. Community Leader

Posts: 2,917
Topics: 1,805
Kudos: 2,010
Blog Posts: 0
Registered: ‎06-02-2014

Re: Is the Blackphone really so easy to root? Probably no.

The bare reality is everything is hacker-able given the right circumstances and time to bypass the security features of any app

Community Leader

Community Guide
Posts: 180
Registered: ‎10-31-2013

Re: Is the Blackphone really so easy to root? Probably no.


Antus67 wrote:
The bare reality is everything is hacker-able given the right circumstances and time to bypass the security features of any app

exactly, with enough time and money any security measure can be countered.