Blackphone, the Android-powered smartphone that boasts security and privacy as its top features, was rooted at the DEF CON Hacking Conference in just five minutes.
If you’re reading about the Blackphone for the first time, it’s a Tegra 4i-powered smartphone that runs PrivatOS – a security-focused mobile OS based on Android KitKat. Blackphone describes their smartphone as “an unparalleled product ideal for information workers, executives, public figures, and anyone else unwilling to give up their privacy.”
That claim just got challenged as Justin Case, aka @TeamAndIRC, found a way to gain root access on the Blackphone in just five minutes. In addition to that feat, Case was able to do it without unlocking the phone’s bootloader.
hey @Blackphone_ch look, adb enabled without unlocking your bootloader pic.twitter.com/fVa6dTHR6g— Justin Case (@TeamAndIRC) August 9, 2014
Boom escalation to system on the @blackphone_ch with @timstrazz , root in 5 minutes— Justin Case (@TeamAndIRC) August 9, 2014
Simply put, Case was able to gain access to parts of the phone that users are not supposed to have access to. For a smartphone that specializes on privacy and security, that’s quite an issue. According to Case, the exploit is now partially fixed and not exploitable without user intent.
Of course, expect the $629 Blackphone to be updated to fully patch things up and further enhance its security features. But after this root incident, it kinda makes you wonder if Android, or any mobile platform, will ever be totally “secure”.
{via}
I dont want to be mamaru pero 2.3 gingerbread i already solved that before they released it in 4.0.
adb_enabled is just a few keys from the shell command. madali lang yan. sh commands.
Sus. nagsearch ka lang ng adb_enabled sa google ngayon eh.
Wala yan sa lolo ko. Kaya niya tirahin using DOS yan. :)
err…@shutter, i don’t know if it was supposed to be a joke but adb commands are actually executed in the DOS prompt using DOS files provided by Google.