As you may recall, about 190 gigabytes of Samsung’s source code was packed up and put on the web by a group calling itself Lapsus$. The code includes the keys and methods required to update the chipset firmware, intercept anything involved with security, and basically everything required to make that secure sexy Galaxy phone into a malware sponge.
I’ve been sitting watching the torrent for a while now, and while I’ve been sitting here idling, somewhere in the neighborhood of 200 clients have reached 100%. 461 systems out there at time of writing are in complete possession and seeding to 755 more on the tracker I’m watching.
Samsung can change the keys and push updates to anything they support to get around bad actors (who probably have already got exploits written,) chances are good however older phones like my beloved Note 8 have the same keys and will not be receiving any updates, which would bite a big suck biscuit.
I haven’t heard anything earth shattering to have come out of this yet. I’d imagine it takes more than a couple of days to go through 191 gigs of compressed source code, but as hundreds of people a day are gaining access to it chances of finding something evil/useful/damaging grow.
I really hope some good actors find any problems first. This has always been my fear about the slightly open source ecosystem we have. Code that can be examined running on chips and an underlying firmware that can’t isn’t a great way to go through life. You never know what’s in the firmware that could be compromised.
Then again, at 191 gigs of compressed source code you also probably don’t have any idea what’s in the open source portions that could be compromised either just from the sheet volume of data.
This will be listed as the poster child for why work from home is bad, I’m sure.