News - Solana denies "security flaw" in Saga Phone
The development team of Solana, Solana Labs, has made allegations of existing security holes in the Web3 cell phone Saga Phone rejected. On Wednesday, blockchain security firm CertiK pointed out vulnerabilities in the code of the Solana cell phone. This apparently makes it possible for attackers to install a backdoor on the device and take over sensitive data. The exact process was shown in a video.
Ever wondered about the security of your Web3 devices?— CertiK (@CertiK) November 15, 2023
Our newest exploration reveals a significant bootloader vulnerability in the Solana Phone, a challenge not just for this device but for the entire industry. Our commitment to enhancing security standards is unwavering. 🔐… pic.twitter.com/lHZ5W7hXzy
It is not clear whether this is specifically a weakness of the Saga phone or of Android devices in general. However, members of Solana Labs claim that the vulnerability cannot be recreated under normal circumstances. "Unlocking the bootloader" is performed by default. To exploit the vulnerability, users or attackers would have to make settings that clean up the device. It would also require the user's biometric data.
The events shown are not a realistic threat to the security of Saga users, as a member of Solana explained. Saga is an Android-based smartphone with Web3 features designed and developed for the Solana blockchain.