Printed from http://www.electronista.com

Android BlackPhone hacked at DefCon, BlackBerry 10 next?

updated 11:24 am EDT, Tue August 12, 2014

Device hacked enabling root access, SecureCircle apps unaffected

The "super-secure" Android Blackphone has been hacked by an attendee at the DefCon conference. In less than five minutes, the Google-backed device surrendered root access without unlocking the Android bootloader. Initially contested by the manufacturer, the company, Geeksphone, later thanked "Justin Case" for pointing out the flaw.

The Spanish company, headquartered in Madrid, that specializes in the development, promotion and commercialization of "open source" mobile telephony solutions. Geeksphone became the first European brand to launch an Android smartphone in 2009, and launched the world's first Firefox OS-powered smartphone in 2013.

The combined initiative is spearheaded by notable figures in the security industry, including Phil Zimmermann, creator of PGP; Javier Aguera, co-founder of Geeksphone; Jon Callas, co-founder of PGP Inc. and CTO of Silent Circle; Rodrigo Silva-Ramos, co-founder of Geeksphone; and Mike Janke, CEO of Silent Circle and former US Navy SEAL.

Blackphone runs PrivatOS, a heavily forked version of Android. The device started shipping to users in June. While the flaws expose the phone's operating system to attack, the Silent Circle application security remains unbroken.

The attack exploited a flaw in Android itself, which enabled the hacker to enable the Android Debug Bridge (ADB). The ADB is a command-line tool which allows developers to communicate with an Android device at a Kernel level. This can be used to install a variety of exploits if enabled on a phone.

"We are under the impression that this vulnerability affects many OEMs and not just Blackphone. When the vulnerability becomes public, we will implement the fix faster than any other OEM." said Chief Security Officer Dan Ford of the vulnerability.

Provoked by BlackBerry fans on Twitter, tweets from "Justin" now say that he is looking to break the security of BlackBerry 10 next. He is focusing on a flaw discussed at the DefCon conference with the Open Mobile Alliance Device Management protocol and other deprecated encryption methods.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Crucial MX100 256GB SATA-3 SSD

While the price-per-gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for ...

Narrative Clip

With the advent of social media technology, people have been searching for new ways to share the events of their daily lives -- be it ...

Blue's Mikey Digital

Blue Microphones, a company that makes some of the most popular digital USB microphones among podcasters and musicians, has for some t ...

Sponsor

toggle

Most Commented

 
toggle

Popular News