I was planning to open a blog since some months, but I decided to do it only now, to summarize some of the findings of a quick look I gave at a couple of Samsung Android devices.
But let's start at the beginning. During last Christmas holidays I finally had some free time to try to better understand the inner workings of some Samsung devices, focusing on the manufacturer's customizations to the Android system. I confess I was quite surprised to see how many Samsung applications are included in the original firmware image, including several customizations to lots of Android core packages.
To make a long story short, I soon started to find some exploitable bugs, affecting both "old" device models (e.g., my Galaxy Tab GT-P1000) and newer devices (e.g., my Galaxy S3). All these issues were caused by Samsung-specific software or customizations. I must say I have nothing against Samsung: on the contrary I'm a happy Samsung customer, and I think their phones and tablets are quite cool, probably among the best devices around. However, their market share is making them an attractive target for attackers.
read more...........http://randomthoughts.greyhats.it/2013/03/owning-samsung-phones-for-fun-but-with.html