Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wprss domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/web/domains/solanachain.news/public_html/wp-includes/functions.php on line 6114
Solana Disputes CertiK Report on Alleged Security Flaws in Saga Phone – Solana Chain News – One Stop News Solution for Solana

Solana Disputes CertiK Report on Alleged Security Flaws in Saga Phone

CertiK Allegations and Solana Labs’ Response

Blockchain security firm CertiK recently claimed that Solana’s Saga smartphone harbors a critical “bootloader vulnerability.” Solana Labs, however, disputes these allegations, asserting that the claims are entirely inaccurate.

CertiK’s Claims and Solana’s Response

In a video released on November 15 and posted on X (formerly Twitter), CertiK alleged that the Saga phone contains a “critical vulnerability” in the form of a “bootloader unlock” attack. This purported vulnerability could allow a malicious actor to install a hidden backdoor in the phone, according to CertiK.

CertiK’s report sent to Cointelegraph stated that the bootloader unlock would “allow an attacker with physical access to a phone to load custom firmware containing a root backdoor.”

However, a spokesperson from Solana Labs informed Cointelegraph that CertiK’s claims are inaccurate, and the video does not reveal any legitimate threat to the Saga device.

“The CertiK video does not reveal any known vulnerability or security threat to Saga holders,” the spokesperson said.

Unlocking Bootloader Process

Android’s internal Open Source Project documentation shows that unlocking a bootloader is a process applicable to a wide range of Android devices. Solana Labs emphasized that to unlock the bootloader and install custom firmware, an attacker would need to go through multiple steps, achievable only after unlocking the device with the user’s passcode or fingerprint.

“Unlocking the bootloader wipes the device, which users are alerted about multiple times when unlocking the bootloader, so it’s not a process that can take place without users’ active participation or awareness,” Solana Labs explained.

Additionally, users who proceed to unlock the bootloader on an Android device receive a series of warnings about the implications of the process. Ignoring these warnings results in the device being wiped, along with their private keys.

Solana Saga Phone Overview

The Solana Saga phone, released in April 2022 at a price of $1,099, offers a Web3-native decentralized application store, aiming to integrate crypto apps into tech hardware. However, four months after launch, Solana reduced the phone’s price to $599 due to a significant decline in sales.

CertiK’s Response

As of now, CertiK has not responded to a request for comment on Solana Labs’ rebuttal.

Leave a Reply

Your email address will not be published. Required fields are marked *