Q
Problem solve Get help with specific problems with your technologies, process and projects.

Pork Explosion flaw: How is it used to create an Android backdoor?

The Pork Explosion vulnerability present in some Foxconn-created app bootloaders can be used to create an Android backdoor. Expert Nick Lewis explains how the flaw works.

A vulnerability called Pork Explosion with the ability to create an Android backdoor was found in the app bootloader...

from device manufacturer Foxconn. While the scope of the devices is small, the vulnerability may have serious risks. What does the app bootloader do in this case, and how is the backdoor created?

The information security industry continues to satirize itself with the Pork Explosion vulnerability. Researcher Jon Sawyer found a vulnerability in InFocus and Nextbit smartphones that was introduced by Foxconn during the building and assembly of the devices.

The backdoor was created during Foxconn's design and manufacturing process and appears to be part of the debugging environment used to troubleshoot the device when it was still in development. Including a debug environment is necessary, but it is typically disabled prior to mass production to help protect the security of the device.

The Pork Explosion vulnerability allows an attacker to connect via USB to gain unrestricted root shell access via the app bootloader when booting. The bootloader performs the basic task of hardware initialization and loads the Linux kernel. During this time, the kernel protections are not available.

The risk from this vulnerability is high for physical access to vulnerable devices, but since these devices are not as widely deployed as those made by Samsung or other major manufacturers, the overall risk is low.

Nextbit remediated this vulnerability by removing the file system used in the debug environment.

Enterprises that contract out device or component manufacturing may want to check their supply chains to determine if they have been exposed to vulnerabilities similar to Pork Explosion. If so, those enterprises may want to ensure they have integrated security into their supply chains to prevent vulnerabilities from being introduced that way.

Enterprises may also want to ensure any third parties in their supply chain are responsible for any vulnerabilities they introduce into a device, since the enterprise might not be able to fix the vulnerability themselves.

Next Steps

Find out how to differentiate between a backdoor and a security vulnerability

Read about the Android backdoor that was found in budget device firmware

Learn how security ratings services grade the security postures of third parties

This was last published in March 2017

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

What has your enterprise's experience been with the Pork Explosion vulnerability?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close