::: left till the conference

Exploring the Galaxy. Building emulators to find vulnerabilities in modern phones

45 min
Main Stage

In this talk, I will talk about vulnerabilities in the Secure Bootloader (S-Boot), Hypervisor (RKP) and TrustZone apps (TEEGRIS) on Samsung Galaxy phones with Exynos SoCs. We’ll cover approaches to finding bugs and their impact on the end-user security. The focus will be on building custom emulators based on QEMU to facilitate debugging proprietary components, and how such emulators help in developing an exploit. I will also discuss what developers/the industry could have done better to try to avoid such issues, as well as the limits of security engineering which unfortunately mean it’s impossible to prevent vulnerabilities entirely. All of the issues have been responsibly disclosed to the vendor and have been patched by Samsung in 2019-2020. This talk does not present unpatched zero-days and I hope most end-users are well protected by the updates.

Alexander Tarasikov
Other Reports
Main Stage
Trojans and backdoors in feature phones sold in Russia
Web Village
HotPics 2021
Web Village
New ways to alert: Prototype Pollution