Google says hackers could silently own your phone until Samsung fixes its modems

Samsung always has a grand vulnerability each year. Like clockwork!<p>In 2015, a vulnerability in Samsung&#x27;s SwiftKey keyboard was discovered that allowed attackers to remotely execute code on the device.<p>In 2016, researchers discovered a flaw in Samsung&#x27;s Knox security software that could allow an attacker to escalate privileges and gain root access to the device.<p>In 2017, a vulnerability was discovered that allowed attackers to take control of Samsung&#x27;s SmartCam cameras.<p>In 2018, researchers found a flaw in Samsung&#x27;s Secure Boot feature that allowed attackers to install malicious firmware on the device.<p>In 2019, researchers discovered a vulnerability in Samsung&#x27;s Galaxy S10 fingerprint scanner that allowed anyone to unlock the phone with a 3D printed fingerprint.

As an industry, if we can consider software broadly as one industry, it is disappointing that we simply do not have a quality and correctness and safety culture. It has been true for decades and still appears to be true that the more hidden a program is from the user, the more slapdash its implementation will be. Device firmware is universally garbage. It&#x27;s just like that TPM 2.0 reference implementation thing that was on HN earlier this week. It&#x27;s just written by clowns in clown language and when they find the flaws instead of fixing the process that led to the flaws they just put in one more line of ClownLang to hack around it. Something from outside the industry needs to come in with some reform mandates.

This is a duplicate of <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35190811" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35190811</a> with a clickbait title.

This kind of feels like I stopped building my own computers and moved to the Apple ecosystem with prebuilt systems. It was always easy for everyone to point their fingers somewhere else when something didn’t work. It’s a problem with the hardware, no the OS, no the software, no those two peripherals conflict…<p>There are still issues that crop up from time to time now that I’m on a Mac, but there’s also <i>one</i> place to turn to when there’s a problem and they generally do a pretty good job of resolving things (although the last big issue I had—which ultimately ended with my laptop going through a Ship of Theseus complete replacement took a while but that was also in November–December of 2020 when everything was pretty messed up &amp; the service person was able to give me my choice of anything from the Apple store under $200 as compensation).

Does that mean we can get free (as in freedom) rooting that does not trigger Knox? I will take that any day.

Previously discussed here: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35190811" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=35190811</a>

How many carriers require VoLTE for voice now? I keep getting nastygrams from my carrier telling me to upgrade my old non-VoLTE-capable phone or I&#x27;ll lose voice &#x27;any day now&#x27;, with a drop-dead date that&#x27;s moved several times.

How do I know if my model has this chipset? I have the S22 Ultra but I cannot find what chipset it&#x27;s using from the settings.<p>Ordered it from their website and I am located in Sweden.

Samsung is remarkably good at making Android worse.

Why are people still buying these phones? - They fake your pictures - i.e. replacing the real moon with a fake one; - Full of vulnerabilities in the wild.. all the time; - Shady connections with Asia<p>the list goes on and on.