We recently found a vulnerability in the Samsung Galaxy SII and Galaxy Camera which could leak touch events and other sensitive data to any application running on the phone. A video demo is posted at:
In the demo, we show that an application without any permission can read the touch screen coordinates, which can cause serious security problems like password leakage, stealing phone numbers, emails, text messages and even banking account. This vulnerability affects Samsung Galaxy SII(running Android 4.0.3) and Samsung Galaxy Camera(running Android 4.0.3). The problem comes from a wrong configuration file on the Samsung Galaxy SII phones. Specifically, the /dev/input/event* nodes are set to 0666 which are globally accessible by any application. The ueventd.shw-m250k.rc file publically exposes all the input events. This problem does not exist on the original Android OS. It is caused by Samsung’s customization. In our attack, we ran a program that uses Java JNI to read from the /dev/input/event files and print the touch screen events. This vulnerability also leaks the data of compass_sensor, touchkey, gyro_sensor and proximity sensor because all those data is exposed in the /dev/input/event* files.
by Security Research Team @ Indiana University, Bloomington.
XDA Developers was founded by developers, for developers. It is now a valuable resource for people who want to make the most of their mobile devices, from customizing the look and feel to adding new functionality. Are you a developer?