The Free Software Foundation has put out a release claiming that developers working on the Replicant fork of Android have found a backdoor on Samsung Galaxy handsets. "While working on Replicant, a fully free/libre version of Android, we discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a back-door that lets the modem perform remote file I/O operations on the file system. This program is shipped with the Samsung Galaxy devices and makes it possible for the modem to read, write and delete files on the phone's storage. On several phone models, this program runs with sufficient rights to access and modify the user's personal data."
March 12, 2014
FSF: Replicant Developers Find and Close Samsung Galaxy Back-Door
Read more at LWN