blob: 5e4c670bb8cab9c23e947887c5ef0f3ee5518a36 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
tags: Privacy/security, Replicant images release, Paul Kocialkowski
date: 2012-09-30 12:55
title: Replicant 2.3 0005 images, fixing the USSD vulnerability
---
Earlier this week, we were noticed that an USSD vulnerability was discovered
in Android. After doing a bit of research, we came to understand the nature of
the vulnerability: intents can basically dial a number and start a call
without asking confirmation to the user. That could seem harmless at first
sight, but it turns out it also works with USSD codes, and some of them are
very powerful. This is mostly the case of vendor-specific USSD codes (that are
not included in Replicant), which could erase the phone’s user data.
What’s also problematic about this is that web pages can trigger such intents
(through an iframe with the `tel:` prefix for instance).
Since this vulnerability was present in our Replicant images (although the
damage was reduced as we don’t include vendor-specific USSD codes), we decided
to include the fix in our code base and release new images. That’s nearly the
only new feature of these images (Galaxy S also got a nasty graphic bug
fixed).
You can download the images from the [ReplicantImages][1] page and find
[installation instructions][2] as well as [build guides][3] on the [Replicant
wiki][4].
[1]:
<http://redmine.replicant.us/projects/replicant/wiki/ReplicantImages#Replicant-23-0005-images>
[2]: <http://redmine.replicant.us/projects/replicant/wiki#Installing-
Replicant>
[3]: <http://redmine.replicant.us/projects/replicant/wiki#Building-
Replicant>
[4]: <http://redmine.replicant.us/projects/replicant/wiki/>
|
