Gather a group of experienced hackers and give them a week to crack the security of a popular Android phone. What do you get? Apparently, a lot of serious security flaws
Project Zero, Google’s team of expert security researchers, has done exactly that with Samsung’s Galaxy S6 Edge, devoting a week to find as many serious security holes as they can. As a result, 11 “high-impact security issues” were discovered, including one that lets an attacker write a file to the victim’s system without permission.
To find the holes, Project Zero divided into two teams — the North American and the European one — and focused on finding ways to either gain access to the phone’s contacts, photos and messages remotely or through an app installed from Google Play which has no permissions to do so. Finally, the researchers tried to make their unauthorized code “stick” to the phone even if it was wiped.