Replicant developers find and close Samsung Galaxy backdoor — Free Software Foundation — Working together for free software

Replicant developers find and close Samsung Galaxy backdoor — Free Software Foundation — Working together for free software
Skip to content
or
skip to search
You
are here:
Blogs
Community
Replicant developers find and close Samsung Galaxy backdoor
Info
Replicant developers find and close Samsung Galaxy backdoor
by
Paul K
Contributions
Published on
Mar 12, 2014 04:50 PM
While working on Replicant, a fully free/libre
version of Android, we discovered that the proprietary program running
on the applications processor in charge of handling the communication
protocol with the modem actually implements a backdoor that lets the
modem perform remote file I/O operations on the file system.
This is a guest post by
Replicant
developer Paul Kocialkowski. The
Free Software Foundation supports Replicant through its Working
Together for Free Software fund.
Your
donations to Replicant
support this important work.
Today's phones come with two separate processors: one is a
general-purpose applications processor that runs the main operating system, e.g. Android; the
other, known as the modem, baseband, or radio, is in charge of
communications with the mobile telephony network. This processor
always runs a proprietary operating system, and these systems are
known to have backdoors that make it possible to remotely convert the
modem into a remote spying device. The spying can involve activating the device's microphone, but it could also use the precise GPS location of the device and access the camera, as well as the user data stored on the phone. Moreover, modems are connected most of the time to the operator's network, making the backdoors nearly always accessible.
It is possible to build a device that isolates the modem from the rest
of the phone, so it can't mess with the main processor or access other
components such as the camera or the GPS. Very few devices offer such
guarantees. In most devices, for all we know, the modem may have total
control over the applications processor and the system, but that's
nothing new.
While working on
Replicant
, a fully free/libre
version of Android, we discovered that the proprietary program running
on the applications processor in charge of handling the communication
protocol with the modem actually implements a backdoor that lets the
modem perform remote file I/O operations on the file system. This
program is shipped with the Samsung Galaxy devices and makes it
possible for the modem to read, write, and delete files on the phone's
storage. On several phone models, this program runs with sufficient
rights to access and modify the user's personal data. A technical
description of the issue, as well as the list of known affected
devices is
available at the Replicant wiki
Provided that the modem runs proprietary software and can be remotely
controlled, that backdoor provides remote access to the phone's data,
even in the case where the modem is isolated and cannot access the
storage directly. This is yet another example of what unacceptable
behavior proprietary software permits! Our free replacement for that
non-free program does not implement this backdoor. If the modem asks
to read or write files, Replicant does not cooperate with it.
Replicant does not cooperate with backdoors, but if the modem can take
control of the main processor and rewrite the software in the latter,
there is no way for a main processor system such as Replicant to stop
it. But at least we know we have closed one specific backdoor.
The FSF encourages all current Samsung Galaxy owners to appeal
publicly to
SamsungMobile
for an explanation (they can also be
emailed
). Samsung
should release this program as free software, without the backdoor,
so that Replicant doesn't have to continue defusing the traps they
have apparently left for their users.
Support the Free Software Foundation by
joining as an associate member today.
Document Actions
Share on social networks
Syndicate:
News
Events
Blogs
Jobs
GNU
1PC9aZC4hNX2rmmrt7uHTfYAS3hRbph4UN
Plan a LibreLocal 2026 meetup!
You can help build the
free software
community, and it's as
simple
as organizing a
meetup
at your favorite cafe or bar.
FSF community blog
Licensing Compliance Lab blog
Associate Membership blog
System Administrator's blog
Free Software Directory blog
GNU Press blog
News
Job opportunity: Engineering and Certification Manager at the Free Software Foundation
Mar 10, 2026
The FSF announces global call for FSF's LibreLocal 2026 meetups
Feb 24, 2026
Eko K. A. Owen joins the FSF board as the union staff pick
Dec 29, 2025
More news…
Recent blogs
RAIL: Nonfree and unethical
You cannot use the GNU (A)GPL to take software freedom away
Relicensing versus license compatibility
March GNU Spotlight with Amin Bandali featuring eighteen new GNU releases: Autoconf, PSPP, and more!
Recent blogs -
More…
Upcoming Events
Free Software Directory meeting on IRC: Friday, April 24, starting at 12:00 EDT (16:00 UTC)
Apr 24, 2026 12:00 PM - 03:00 PM
#fsf on libera.chat
LibreLocal meetup in Beijing, China
May 01, 2026 02:00 PM - 09:00 PM
META SPACE Coffee&Bar, Dong Sheng Yuan Gong Yu, Heqing St., Haidian District, Beijing
Previous events…
Upcoming events…
The FSF is a charity with a worldwide mission to advance software freedom —
learn about our history and work.
fsf.org is powered by:
Plone
Zope
Python
CiviCRM
HTML5