Developers of the Free Software Foundation-endorsed Replicant OS have uncovered a backdoor through Android on Samsung Galaxy devices and the Nexus S. The research indicates the proprietary Android versions have a blob handling communication with the modem using Samsung's IPC protocol and in turn there's a set of commands that allow the modem to do remote I/O operations on the phone's storage. Replicant's open-source version of Android does away with the Samsung library to fend off the potential backdoor issue.

http://mobile.slashdot.org/story/14/...galaxy-devices