::: left till the conference

Exploring the Galaxy. Building emulators to find vulnerabilities in modern phones

11:25
45 min
Main Stage

In this talk, I will talk about vulnerabilities in the Secure Bootloader (S-Boot), Hypervisor (RKP) and TrustZone apps (TEEGRIS) on Samsung Galaxy phones with Exynos SoCs. We’ll cover approaches to finding bugs and their impact on the end-user security. The focus will be on building custom emulators based on QEMU to facilitate debugging proprietary components, and how such emulators help in developing an exploit. I will also discuss what developers/the industry could have done better to try to avoid such issues, as well as the limits of security engineering which unfortunately mean it’s impossible to prevent vulnerabilities entirely. All of the issues have been responsibly disclosed to the vendor and have been patched by Samsung in 2019-2020. This talk does not present unpatched zero-days and I hope most end-users are well protected by the updates.

Speakers
Alexander Tarasikov
Share
Other Reports
Web Village
Sentry and (non)private view of exceptions
Main Stage
Chip Red Pill: How we achieved to execute arbitrary [micro]code inside Intel Atom CPUs
Hardware Zone
Exploring the types of Flash memory
Up