Archive for Samsung

Hackers Only Need To Know Your Phone Number To Pwn Samsung Exynos Based Devices

Posted in Commentary with tags , on March 17, 2023 by itnerd

Google’s Project Zero team has posted a blog post that paints a pretty scary picture for Pixel and Samsung owners:

In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor. The four most severe of these eighteen vulnerabilities (CVE-2023-24033 and three other vulnerabilities that have yet to be assigned CVE-IDs) allowed for Internet-to-baseband remote code execution. Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.

The fourteen other related vulnerabilities (CVE-2023-26072, CVE-2023-26073, CVE-2023-26074, CVE-2023-26075, CVE-2023-26076 and nine other vulnerabilities that are yet to be assigned CVE-IDs) were not as severe, as they require either a malicious mobile network operator or an attacker with local access to the device.

The following devices are known to be affected by these exploits:

  • Samsung phones including the Galaxy S22 series, the Galaxy M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04
  • Vivo phones including the S16, S15, S6, X70, X60 and X30
  • Google Pixel 6 and 7 series
  • Wearables using the Exynos W920 chipset
  • Vehicles that use the Exynos Auto T5123 chipset

That’s a very big list. And I have to wonder what cars use Exynos based modems. I guess we will find out shortly. In any case, the mitigation until updates come out is to turn off Wi-Fi calling and Voice-over-LTE (VoLTE). You should be able to find both of these in the Settings menu under Network & internet > SIMs, though the exact location may vary from device to device. If you have a vehicle that uses this chipset, I have no mitigation for you. And I have no way for you to check your vehicle to see if you have this Exynos chipset.

Expect patches for phones and wearables to come out soon, if they haven’t already. As for vehicles, your guess is as good as mine.

UPDATE:

David Maynor, Senior Director of Threat Intelligence at Cybrary had this to say:

   “The flaw in the baseband component is important for enterprise customers to be aware of but not for the reasons it seems. The baseband component is the radio that communicates with cellular infrastructure. The software is a binary blob that’s encrypted, and there are not good ways to inspect the baseband state. So, you have a place you can’t monitor with software you can’t inspect that creates a perfect place for bad guys to do nefarious things.”

Ted Miracco, CEO of Approov followed up with this:

   “The discovery of 18 vulnerabilities in Samsung’s Exynos chipsets is deeply unsettling, especially given that four of them enable remote code execution without any user interaction or indication. Overall, the discovery of these vulnerabilities highlights the importance of ongoing security research and the need for vendors to prioritize mobile security in their products. While, It also serves as a reminder for users to remain vigilant and take steps to protect themselves from potential attacks, the fact that an attacker only needs the victim’s phone number to carry out these attacks further highlights the severity of these vulnerabilities.”

Samsung adds zero-click attack protection to Galaxy S23

Posted in Commentary with tags on February 21, 2023 by itnerd

Samsung announced on Friday it has developed a new security system to protect Galaxy S23 owners from image-based, zero-click exploits using a new virtual quarantine feature called Message Guard. These images require no interaction from the user to compromise the device.

Message Guard works by automatically placing any image file your phone receives into a virtual quarantine, otherwise known as a “sandbox” and “automatically neutralizes any potential threat hiding in image files before they have a chance to do you any harm,” explains Samsung.

Eventually, this protection will become a standard feature across the entire range of Samsung’s Galaxy devices.

David Maynor, Senior Director of Threat Intelligence, Cybrary had this to say:

   “I am a fan of the forward-thinking Samsung does in their products, like DeX. DeX turns your phone into a desktop computing environment just by plugging in a monitor and keyboard. This means that Samsung’s mobile devices could face not just mobile attacks but the same attacks as any laptop/desktop user depending on installed software.

    “Samsung already has Knox on mobile devices. Knox creates separate workspaces for a users personal data and a different one for work data. Message guard works in concert with Knox by attempting to detect attacks in each workspace by attackers looking to exploit zero-click exploits like those used by the NSO Group’s CNE software Pegasus.

   “I use a Samsung Galaxy Fold 4 as both a personal and work phone and can’t wait for Message Guard to come to my platform.”

I have to admit that this is a cool feature that I hope not only appears in other Android phones, but makes its way over to iOS as zero click threats are the “holy grail” of threats as they don’t require any user interaction to execute. And the sooner that day comes, the better off we all will be.

#PSA : You Should Avoid Buying Samsung 990 Pro SSDs As They Appear To Die Far Faster Than Normal

Posted in Commentary with tags on January 26, 2023 by itnerd

If you’re an owner of the new Samsung 990 Pro SSD, or you’re thinking of buying one, you might want to pay attention to this Neowin story that seems to indicate that these drives have a problem. They die far quicker than they should:

When you buy the fastest flagship SSD on the market, you expect a certain level of reliability and confidence from its performance, but things can and do go wrong sometimes, and customer support is paramount at instilling continued confidence in the brand. This has typically been the case for past Samsung drives, actually, even the non-flagship models have been highly reliable and perform excellently with very few that I have seen needing an RMA.

Colour me with sadness when within just a couple of days of buying the 990 Pro 2TB, I noticed that the drive health according to SMART data from both Samsung Magician and third party tools had dropped to 99%. For the record I have other Samsung SSDs with over 40TB written and still at 99% health 1.5 years later, so I knew this was not normal.

Within another day or so it had dropped to 98%, by this point I’d not even written 2TB to the drive. Fast forward a couple more days and the drive health was sitting at 95%.

To reiterate, what is being described here is not in the same universe as normal. So the writer of this story sent the drive back to Samsung, only to have the drive returned to him claiming that there was no defect found. Which if this was an isolated incident, you could say that might be the case, even though it’s clearly not. But it’s not an isolated case:

Around the same time I posted to OcUK and reddit to see if others had seen the same problem, as it turns out, they had, and there is a lengthy thread over at Overclock.net about it.

And:

More owners of the 990 Pro have come forward reporting degraded health reporting in another reddit thread, this time in the r/hardware subreddit.

So this isn’t an isolated problem. And once this story got out there, Samsung changed course:

Samsung’s RMA division, Hanaro, have reached out and offered to A) Replace this SSD, and B) Try to replicate the problem. Quite why both of these options were not on the table before the issue became public is a mystery. We still request that readers continue to share their 990 Pro drive health stats and what region of the world they are in so that a better overall picture can be drawn of what appears to be a potentially developing situation.

I would agree with that and go one step further. If you’re looking to put an SSD into your latest PC build, avoiding this drive entirely would be my advice as clearly it has issues that Samsung either hasn’t gotten to the bottom of, or is looking the other way until they’re forced to deal with it. And this is happening after the previous generation drive the 980 Pro had issues as well. Clearly something is wrong over at Samsung as consumers should not be Samsung’s QA department. And until Samsung comes out with a root cause analysis along with detailing how they are going to ensure that stuff like this isn’t going to happen in the future so that consumers can trust their SSDs, I’d be steering clear of all of their SSDs to be safe. After all, it’s your data on those SSDs and your data is vaulable.

It Seems That Samsung May Have Another Battery Fiasco On Its Hands

Posted in Commentary with tags on September 27, 2022 by itnerd

Remember the Samsung Galaxy Note 7 fiasco? The one where phones were literally exploding all over the place due to swelling batteries and Samsung had to take every one of them back? Well, it might be happening again.

YouTuber Mrwhosetheboss has posted a video that shows that some Samsung smartphones are suffering from a swollen battery issue. He noted his S6 (2015), Note 8 (2017) and S10 (2019) all had swollen batteries. So he tweeted about it. Samsung saw that tweet and asked him to send the phones for examination. And that’s the last he heard from Samsung as they’ve gone silent for 50 days. Thus the need for him to make a video:

And it appears that he’s not the only one who’s noted this:

JerryRigEveryting offers this commentary:

This is not a good look for Samsung and it will be interesting to see how or if they respond to this. In the meantime, if you have a Samsung phone hiding in a desk drawer or a storage locker someplace, you might want to check on it. I say that because when lithium comes into contact with air, it creates a very violent reaction that can burn your house down. Thus this is a non-trivial situation that you might want to take seriously until all the facts are known.

Samsung Partners With iFixit To Provide Parts And Tools Repair Samsung Phones…. Are You Paying Attention Apple?

Posted in Commentary with tags on April 1, 2022 by itnerd

Last year Apple came out with a self repair program. I was less than impressed at the time and my impressions with this could be summed up with this statement:

The bottom line is that this is an optics exercise for Apple. If they really wanted to embrace right to repair, they would go further than what was announced. But they haven’t. So don’t be fooled by this announcement. It isn’t what you think it is, and it’s not going to get the results that you think it will.

Fast forward to today and Samsung shows how to do a self repair program properly. Let’s start with this press release from Samsung:

Today, Samsung Electronics America announced that Galaxy device owners will be able to take product repair into their own hands for Samsung’s most popular models, the Galaxy S20 and S21 family of products, and the Galaxy Tab S7+ beginning this summer. Samsung consumers will get access to genuine device parts, repair tools, and intuitive, visual, step-by-step repair guides. Samsung is collaborating with iFixit, the leading online repair community, on this program. More information will be shared once self-repair is available.

To start, Galaxy device owners will be able to replace display assemblies, back glass, and charging ports — and return used parts to Samsung for responsible recycling. In the future, Samsung plans to expand self-repair to more devices and repairs from our extensive product portfolio.

Now assuming that Samsung follows through on this, which I believe they will as they have an interest in making Apple look bad, this makes what Apple is offering look rather pathetic and underlines the fact that Apple does not take self repair seriously as they are too busy finding new and creative ways to sell you another iPhone or MacBook.

I wonder if this move by Samsung will force Apple to get a clue and get with the times?

Samsung Becomes The Latest Company To Ditch Russia

Posted in Commentary with tags , on March 6, 2022 by itnerd

Bloomberg is reporting that Samsung has stopped shipments of everything from consumer electronics like smartphones and TVs to chips to Russia in light of the Kremlin’s invasion of Ukraine:

“Our thoughts are with everyone who has been impacted and our priority is to ensure the safety of all our employees and their families,” Samsung said in the statement. The company is donating $6 million, including $1 million in consumer electronics products, to humanitarian efforts in the region.

I am guessing that this was in response to this Tweet from Mykhailo Fedorov, who serves as Ukraine’s vice prime minister and oversees digital operations:

This is gaining so much steam that soon you won’t be able to buy anything in Russia. Which is fine by me given their inexcusable behaviour.

Samsung Caught Throttling Apps…. Thousands Of Them

Posted in Commentary with tags on March 3, 2022 by itnerd

Android Authority is reporting that Korean Twitter users have compiled a list of 10,000 apps that are marked as subject to “performance limits” imposed by Samsung’s Game Optimizing Service. But if you go through the list, you’ll note that apps like Microsoft Office apps, Netflix, Google Keep and TikTok are on the list. And those aren’t games. And what makes this worse is that Samsung own apps such as Samsung Cloud, and even the default phone dialer preloaded on Samsung phones are affected. But benchmark apps such as Geekbench aren’t affected.

I can see three possibilities for this:

  • Samsung could use the list to keep battery drain down on some of the world’s most popular apps, artificially inflating battery runtime tests performed by users and themselves for marketing purposes.
  • Samsung could also be attempting to game the benchmarking tests commonly performed on tests and not delivering that speed to all apps evenly.
  • This could be a coding mistake that Samsung somehow needs to fix assure customers that they aren’t trying to cheat.

It isn’t clear which this is. But when Samsung was approached about this issue, this happened:

Samsung is apparently investigating the GOS issue pointed out below. According to information circulation on Naver, the company is conducting an internal investigation and approaching the issue as seriously as the Galaxy Note 7 debacle. Samsung is also expected to make an official announcement regarding the matter soon.

Clearly Samsung is aware how bad this looks. And I for one will be very interested in what they have to say on this as this is not a good look for Samsung.

Research Paper Claims Samsung Shipped 100 Million Phones With Flawed Encryption

Posted in Commentary with tags on February 24, 2022 by itnerd

According to a research paper, Samsung reportedly shipped an estimated 100 million smartphones with botched encryption. In short, researchers at Tel Aviv University in Israel found that millions of Samsung Galaxy S8, Galaxy S9, Galaxy S10, Galaxy S20, and Galaxy S21 devices were shipped to customers with a security loophole that could have allowed hackers to steal sensitive information:

ARM-based Android smartphones rely on the TrustZone hardware support for a Trusted Execution Environment (TEE) to implement security-sensitive functions. The TEE runs a separate, isolated, TrustZone Operating System (TZOS), in parallel to Android. The implementation of the cryptographic functions within the TZOS is left to the device vendors, who create proprietary undocumented designs.

In this work, we expose the cryptographic design and imple- mentation of Android’s Hardware-Backed Keystore in Samsung’s Galaxy S8, S9, S10, S20, and S21 flagship devices. We reversed-engineered and provide a detailed description of the cryptographic design and code structure, and we unveil severe design flaws. We present an IV reuse attack on AES- GCM that allows an attacker to extract hardware-protected key material, and a downgrade attack that makes even the latest Samsung devices vulnerable to the IV reuse attack. We demonstrate working key extraction attacks on the latest devices. We also show the implications of our attacks on two higher-level cryptographic protocols between the TrustZone and a remote server: we demonstrate a working FIDO2 WebAuthn login bypass and a compromise of Google’s Secure Key Import.

We discuss multiple flaws in the design flow of TrustZone based protocols. Although our specific attacks only apply to the ≈100 million devices made by Samsung, it raises the much more general requirement for open and proven standards for critical cryptographic and security designs.

Yikes!

The good news is that the researchers approached Samsung last May and July with the details of the vulnerabilities. Then Samsung fixed them via patches that went out to the affected devices. But here’s where I would be nervous if I were a Samsung user. Unlike iPhone in which every iPhone on Earth gets patched at roughly the same time, Android phones in general don’t get the same treatment. Patches might come from Samsung, Google, or your carrier. And they may be region specific. Thus it may take weeks or months before a patch hits your phone. If it hits your phone at all. So it is possible that not all of the phone that were affected by this are patched. And that’s a problem as it’s a safe bet that threat actors are looking at this paper and seeing how they can exploit any phone that still has these flaws. Thus my advice would be to make sure that your Samsung phone is running the latest security update. More info on that can be found here.

TD Canada Angers Google Users By Supporting Samsung Pay & Apple Pay, But Not Google Pay

Posted in Commentary with tags , , on September 16, 2021 by itnerd

Samsung yesterday announced that TD cards, TD Access Cards and TD credit cards are now supported by Samsung Pay in Canada. Instructions for setting that up can be found here. This joins TD Canada’s support for Apple Pay.

Now that should have been a good news day for TD. But it wasn’t. TD in Canada doesn’t support Google Pay. And they aren’t handling the blowback from that very well. Here’s an example:

That’s a horrible response from whomever is in charge of their Twitter account. But I am not surprised as this example illustrates that TD Canada really needs to rethink how they deal with customers over social media. Because right now they aren’t doing a great job of doing so and it isn’t helping their cause. Neither is the fact that that there’s now a petition that is gaining steam. It currently has just over 1500 signatures as I type this. Which is also not a good look for TD Canada.

My $0.02 worth: I find it mind blowing that in 2021 TD Canada doesn’t support Google Pay as there are a ton of Android phones out there due to the fact that a number of companies make Android phones with the hardware to do contactless payments. TD Canada really needs to do something about this because this is a serious #Fail and at some point, customers of TD Canada will start dealing with other banks in Canada who supported Google Pay ages ago.

Samsung Galaxy Z Flip3 5G & Galaxy Z Fold3 5G Are Now Available For Pre-Order At TELUS

Posted in Commentary with tags , on August 12, 2021 by itnerd

TELUS is excited to confirm that the Samsung Galaxy Z Flip3 5G and Galaxy Z Fold3 5G devices are now available for pre-order at TELUS.

Customers can get these new devices using TELUS Easy Payment® device financing, starting at $0 upfront, on the TELUS 5G network. Plus, customers who get these devices on a minimum two year term will receive two gifts with purchase, including the new Samsung Galaxy Buds2 and Wireless Duo Charger. Customers who purchase the Galaxy Z Fold3 5G will also receive the S Pen Fold Edition. 

The latest Samsung devices will be available for purchase at telus.com on August 27, 2021.