Samsung Galaxy devices running proprietary Android versions come with a back-door that provides remote access to the data stored on the device.

In particular, the proprietary software that is in charge of handling the communications with the modem, using the Samsung IPC protocol, implements a class of requests known as RFS commands, that allows the modem to perform remote I/O operations on the phone’s storage. As the modem is running proprietary software, it is likely that it offers over-the-air remote control, that could then be used to issue the incriminated RFS messages and access the phone’s file system.

via SamsungGalaxyBackdoor – Replicant.

Which goes to show – closed, proprietary code is almost never a good thing!