1337 indeed

+Eric "Ozzy" Osburn Yes, but then they find your program to accvess those files and you're fucked :p

as he said, it's literally not accessable because the system itself can't see it...

So don't keep the access program on the device. Also if it's "literally not accessable" then how does his malware access it? It's not paradoxical memory.

he states here he can still call into the memory address, is just the device wont recognize the bit as a good bit and wont read or write to it kzfaq.info/get/bejne/nbGFn8iI3szZpGQ.htmlm28s

Wouldn't you need to reverse engineer the nand and data written on it in that case? How can you read it manually if the first thing it asks is "is this block bad? Then it's not here" and refuses to acknowledge it's existence? You would need to program the nand so it doesn't do so, which seems like a fundamental change to how NAND operates as opposed to a defense in regards to how it works now. We're talking convincing an industry to relinquish control of the systems that operate their products. That's not an easy ask.

He did explain that the source is based on the kernel based nand, I thought that was implying it was "universal" that way.. BTW, did anyone do an "um" count? Lost track lol

He used an Android 4.0.4 device from Sony, which is a "little bit" newer than Gingerbread. It is entirely possible to do this with EMMC too - the controller in EMMC is not stand-alone and the main processor talks to it. Remember the "sudden death" epidemic that plagued the Galaxy SIII and Note 2? That was due to a bug in the EMMC code that ended up frying it if a particular function was called accidentally. Some phones (maybe 20%) could be recovered via a full flash (emergency boot card to put it into Download Mode and complete firmware with PIT file, then IMEI and network repair with z3x box or similar), but most of them had the EMMC fried, and would need a replacement EMMC plus the complete flashing and software repair process to come back to life. It's entirely possible that something like this could have actually been at the root of the issue.

they first have to get in, right?

YumekuiNeru Exactly, that was his reason for talking about 0-Days, and how the real magic (and fun) is after you get in (hidden persistence).

a bug or exploit in something that's been there since day 0 and hasn't been found yet. their relatively common and malicious hackers often log them to sell to someone later for lots of money.

"oh days", "oh days", "oh days". that's a zero. guy can't read his own damn slides