Solana refutes CertiK’s claims of security flaws in Saga phones: According to CertiK, a cyber hacker might use this vulnerability to create a hidden gateway to access personal information on a Saga phone.
Solana Labs has categorically denied assertions made by blockchain research firm CertiK that Saga devices have security issues. Solana Labs owns the Saga smartphone brand, which includes crypto-friendly features such as an in-built digital wallet.
CertiK stated in a recent post on X that this smartphone from Solana Labs has a ‘major vulnerability’ that may be used to install malicious software when the phone’s bootloader is opened. According to CertiK, a cyber hacker might use this vulnerability to create a hidden gateway to access personal information on a Saga phone.
CertiK cautioned not only Solana Labs but all smartphone manufacturers, in its post on X, of the potential of malware being installed via the bootloader. The platform published a one-minute video illustrating the infecting procedure on a Solana Saga smartphone.
Solana Labs told CoinTelegraph that CertiK’s conclusions are ‘inaccurate’. “The CertiK video does not reveal any known vulnerability or security threat to Saga holders. Unlocking the bootloader wipes the device, which users are alerted about multiple times when unlocking the bootloader, so it’s not a process that can take place without users’ active participation or awareness,” Solana Labs said, according to CoinTelegraph.
As a security feature, modern smartphones include a bootloader that is locked. A bootloader that is locked only loads authorized code, safeguarding users from abuse. Unlocking the bootloader on a smartphone can pose a serious security risk because the method is supported on many Android phones and entirely destroys the data on the smartphone.
The blockchain business also mentioned that unlocking a bootloader may be done on a variety of Android devices, citing documentation from the Android Open-Source Project.
Solana’s Saga smartphone was announced in April 2022 as the world’s first generation of crypto and Web3-centric cellphones. The Saga smartphone, which runs Android, was priced around $1,000 (around Rs. 78,300). According to the business, in addition to a Solana Pay crypto payment, a ‘seed vault’ is pre-installed on the Saga device to safely keep any private keys associated with the device.