One of these days the 'BootStomp' attack is gonna walk all over your smartmobe
University of California Santa Barbara researchers have turned up bootloader vulnerabilities across a bunch of Android chipsets from six vendors. The team of nine researchers decided to look at a little-studied aspect Android architecture – the interaction between OS and chip at power-up. To get inside that operation, they built a tool dubbed “BootStomp” “designed to locate problematic areas where input from an attacker in control of the OS can compromise the bootloader’s execution, or...