[Cryptography] Android Full Disk Encryption Broken - Extracting Qualcomm's KeyMaster Keys

Mon Jul 4 03:13:40 PDT 2016

Jeffrey Schiller <jis at mit.edu> writes:

>If you look at the exploit you will see it is a simple case of failing to
>check array/string bounds.

... which is exactly what was exploited in the 2013 attack, alongside a whole
boatload of other missing defensive features, no DEP, no ASLR, executable
stack, strcpy()s all over the place, it was described at the time as a "hack
like it's 1999" attack.  As I said in the previous post, security is more than
just a fancy name and a lot of marketing, you have to actually make an effort
to make it secure.

Oh, and given that this looks like a repeat of the same flaws from three years
ago, patching your insecure code also helps.

Peter.