Crypto News – According to Solana Labs, a recent video from blockchain security company CertiK made a number of “inaccurate” statements regarding a possible security flaw in Solana’s cryptocurrency-enabled Saga phone.
Solana Saga Smartphone Has Bootloader Vulnerability, According to CertiK Reports
CertiK asserted in a post on X on November 15 that the Saga phone had a serious flaw that could be exploited by a hostile actor to install a backdoor or “bootloader unlock” attack.
The bootloader unlock, according to CertiK’s report, would “allow an attacker with physical access to a phone to load custom firmware containing a root backdoor.”
We demonstrate that this can compromise the most sensitive data stored on the phone, including cryptocurrency private keys,
CertiK’s report
Solana Explains Why the Allegations Cannot Be True
That being said, a representative for Solana Labs stated that CertiK’s assertions are untrue and that the Saga gadget poses no real harm, according to their video.
The CertiK video does not reveal any known vulnerability or security threat to Saga holders.
a Solana Labs spokesperson
A bootloader can be unlocked on a variety of Android devices, according to the official Open Source Project literature from Android. An attacker would need to complete a number of steps, which are only possible once the device has been unlocked using the user’s passcode or fingerprint, according to Solana Labs, in order to unlock the bootloader and install modified software.
Unlocking the bootloader wipes the device, which users are alerted about multiple times when unlocking the bootloader, so it’s not a process that can take place without users’ active participation or awareness,
Solana Labs
Leave a comment