Printed from http://www.electronista.com

Android BlackPhone hacked at DefCon, BlackBerry 10 next?

updated 11:24 am EDT, Tue August 12, 2014

Device hacked enabling root access, SecureCircle apps unaffected

The "super-secure" Android Blackphone has been hacked by an attendee at the DefCon conference. In less than five minutes, the Google-backed device surrendered root access without unlocking the Android bootloader. Initially contested by the manufacturer, the company, Geeksphone, later thanked "Justin Case" for pointing out the flaw.

The Spanish company, headquartered in Madrid, that specializes in the development, promotion and commercialization of "open source" mobile telephony solutions. Geeksphone became the first European brand to launch an Android smartphone in 2009, and launched the world's first Firefox OS-powered smartphone in 2013.

The combined initiative is spearheaded by notable figures in the security industry, including Phil Zimmermann, creator of PGP; Javier Aguera, co-founder of Geeksphone; Jon Callas, co-founder of PGP Inc. and CTO of Silent Circle; Rodrigo Silva-Ramos, co-founder of Geeksphone; and Mike Janke, CEO of Silent Circle and former US Navy SEAL.

Blackphone runs PrivatOS, a heavily forked version of Android. The device started shipping to users in June. While the flaws expose the phone's operating system to attack, the Silent Circle application security remains unbroken.

The attack exploited a flaw in Android itself, which enabled the hacker to enable the Android Debug Bridge (ADB). The ADB is a command-line tool which allows developers to communicate with an Android device at a Kernel level. This can be used to install a variety of exploits if enabled on a phone.

"We are under the impression that this vulnerability affects many OEMs and not just Blackphone. When the vulnerability becomes public, we will implement the fix faster than any other OEM." said Chief Security Officer Dan Ford of the vulnerability.

Provoked by BlackBerry fans on Twitter, tweets from "Justin" now say that he is looking to break the security of BlackBerry 10 next. He is focusing on a flaw discussed at the DefCon conference with the Open Mobile Alliance Device Management protocol and other deprecated encryption methods.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Sponsor

toggle

Most Commented

 
toggle

Popular News