USB Bug in Android???
Ok, on another board (not Android related), one of the members was posting a piece on cryptography. Interesting stuff. His intent was to encourage people to start using encrypted communications more.
Another member then asked about any apps that you could run on your smartphone such as an Android based device. The OP stated that using such an app on Android is useless because with physical access, he could install any app on your phone (such as a keylogger) and the encryption is moot. Here is his exact quote:
I do though. You can sideload an APK into a phone, even if USB debug isn't turned on, it's password protected, and even if the device storage is encrypted. There's a 'bug' in the USB stack of Android that's never been fixed. There's a similar bug in IOS. Some PDs even have a device that does exactly this. I really don't want to get too much into exactly how it happens, but it affects every phone I've ever played with. It's about as difficult as breaking into a warded padlock. All you need is the shim.
Does such a bug still exist? If so, has any XDA dev ever considered patching it for security's sake so that a law enforcement agency would not be able to access your device?