Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Buying anything on Amazon? Please use the Geekzone Amazon aff link.




1722 posts

Uber Geek
+1 received by user: 137


Topic # 109782 26-Sep-2012 16:12 Send private message

Looks like something peps should know about...

How the hack works

Manufacturers like Samsung use special USSD codes that can be typed into the dial pad by end-users to make it easy for handset makers and telcos to do support over the phone with their customers. One such code - *#06# - is used to display a phone's IMEI number on the screen. Another code resets the phone.

What Borgaonkar discovered was that a person could craft a website with the reset code embedded - in Samsung's case *2767*3855# (do not type this into your phone!) - and get the code to automatically run when a user visited it.

A hacker could also exploit an affected phone by getting a user to scan a malicious QR code or by sending them a malicious SMS or NFC transmission.


http://www.stuff.co.nz/technology/gadgets/7732438/Security-risk-for-millions-of-Android-users

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2 | 3
79 posts

Master Geek
+1 received by user: 2


  Reply # 691788 26-Sep-2012 16:32 Send private message

I happens on my Nexus One with 2.3.6.

https://dylanreeve.posterous.com/remote-ussd-attack has a link to http://dylanreeve.com/phone.php which will utilise the same security flaw but show you the IMEI number instead of wiping your phone. This will indicate if you are at risk when you visit that URL on your phone.

Current mitigation is to install an alternate dial e.g. https://play.google.com/store/apps/details?id=kz.mek.DialerOne is suggested in link above and is what I currently have in place as a mitigation strategy.

Now just waiting for the QR codes and dodgy links to be placed around the place and start wiping phones. Hopefully this is exploited heavily and in the media so the Cellcos and Google start doing updates. Even minor patches e.g. 2.3.7 for instance. From what I read they fix/patch was written three months ago.............

Voice Engineer @ Orcon
1999 posts

Uber Geek
+1 received by user: 472

Trusted
Orcon
Subscriber

  Reply # 691795 26-Sep-2012 16:38 Send private message

Jelly Bean doesn't have the vulnerability from what I can gather; eg. GN with 4.1.1

79 posts

Master Geek
+1 received by user: 2


  Reply # 691803 26-Sep-2012 16:46 Send private message

ubergeeknz: Jelly Bean doesn't have the vulnerability from what I can gather; eg. GN with 4.1.1


From what I have read 4.1.1 no 4.1.0 yes. Though the test link about is a way to test better to be safe than sorry as just opening a web page that has a dodgy ad could trigger it with no user intervention.

437 posts

Ultimate Geek
+1 received by user: 9
Inactive user


  Reply # 692014 27-Sep-2012 08:50 Send private message

Roll on 2 Degrees 4.1.1!

79 posts

Master Geek
+1 received by user: 2


  Reply # 692022 27-Sep-2012 08:59 Send private message

DoggNZ: Roll on 2 Degrees 4.1.1!

Unfortunately the risk of the fix damaging the Cellcos network will be greater than having having phones wipe themselves so given experience I will guess you will have to buy a new in six months or so when some models will have the update.

Though would be incredibly happy for a Cellco to prove me wrong. Hell they even may pick up new customers for actually showing due care around security seeing none currently take the security of their customers seriously.

817 posts

Ultimate Geek
+1 received by user: 37


  Reply # 692042 27-Sep-2012 09:35 Send private message


79 posts

Master Geek
+1 received by user: 2


  Reply # 692045 27-Sep-2012 09:40 Send private message

MurrayM: Samsung offers up patch for Galaxy S3 remote wipe vulnerability

Vodafone, 2D and Telecom are you going to offer it though?

SIII update is all great but what about all the other phones that are at risk?

817 posts

Ultimate Geek
+1 received by user: 37


  Reply # 692051 27-Sep-2012 09:50 Send private message

Does anyone know if the telcos need to approve every little update, like this security patch, or if it's just the big updates?

I've just tried a "Check for updates" on my phone and nothing was found.

79 posts

Master Geek
+1 received by user: 2


  Reply # 692061 27-Sep-2012 09:57 Send private message

MurrayM: Does anyone know if the telcos need to approve every little update, like this security patch, or if it's just the big updates?

I've just tried a "Check for updates" on my phone and nothing was found.


The Cellcos have to approve every update be it minor or major and individually for each phone.

BDFL
50195 posts

Uber Geek
+1 received by user: 4744

Administrator
Trusted
Geekzone
Subscriber

  Reply # 692063 27-Sep-2012 09:59 Send private message

"The company says that device owners can download an over-the-air update to fix the flaw."

We know this is available from Samsung, but for it to be applied telcos need to approve those. And for each model they sell. Not a quick process - and not guaranteed it will even happen.

And therein lies the whole problem. Your mobile is not your mobile. You have no control of patches and security updates like we have on a personal computer.




gzt

4686 posts

Uber Geek
+1 received by user: 270


  Reply # 692067 27-Sep-2012 10:02 Send private message

I would guess every little update. The problem is they don't know if any given update will negatively affect some badly thought out kludge included in the distribution a particular phone is using and/or in some cases affect borkware the telco included in the phone when it was sold.

Android phone architecture is nothing like PC architecture where os and bios/hardware functions are neatly divided and segregated. That day will come but cheap is the order of the day and many competitors keeping a patch.

Juha
1316 posts

Uber Geek
+1 received by user: 4

Trusted
Subscriber

  Reply # 692083 27-Sep-2012 10:19 Send private message

I've got to say given the number of affected devices - and we don't yet know what a creative attacker can do with USSD codes that vary from device to device - the industry response has been remarkably casual. Good on Samsung for stepping up and issuing patches, but what about the rest?

Cutting millions of customers adrift in this manner is really bad.




817 posts

Ultimate Geek
+1 received by user: 37


  Reply # 692084 27-Sep-2012 10:20 Send private message

So if I switched to the international ROM then I'd get updates as soon as Samsung made them available and I wouldn't have to wait for my telco to approve it? Makes a good argument for switching, so far I've resisted switching to a custom ROM because I wanted to keep TouchWiz and all of the other Samsung stuff.

79 posts

Master Geek
+1 received by user: 2


  Reply # 692093 27-Sep-2012 10:34 Send private message

MurrayM: So if I switched to the international ROM then I'd get updates as soon as Samsung made them available and I wouldn't have to wait for my telco to approve it? Makes a good argument for switching, so far I've resisted switching to a custom ROM because I wanted to keep TouchWiz and all of the other Samsung stuff.


I doubt you will find the Samsung ROM (with Nexus One you could find the Google ROM which was nice as only Google had to approve it) though you could get a different carrier's version that was updated sooner, but then get their bloatware and default language. Plus say if using 2D and Snapper's touch 2 pay you mightn't get the additional drivers needed for that in the firmware (currently only 2D versions of the firmware have the additional drivers in the NZ market).

Then there are the third party ROM and that is a different kettle of fish.

437 posts

Ultimate Geek
+1 received by user: 9
Inactive user


  Reply # 692126 27-Sep-2012 11:23 Send private message

karit:
MurrayM: So if I switched to the international ROM then I'd get updates as soon as Samsung made them available and I wouldn't have to wait for my telco to approve it? Makes a good argument for switching, so far I've resisted switching to a custom ROM because I wanted to keep TouchWiz and all of the other Samsung stuff.


I doubt you will find the Samsung ROM (with Nexus One you could find the Google ROM which was nice as only Google had to approve it) though you could get a different carrier's version that was updated sooner, but then get their bloatware and default language. Plus say if using 2D and Snapper's touch 2 pay you mightn't get the additional drivers needed for that in the firmware (currently only 2D versions of the firmware have the additional drivers in the NZ market).

Then there are the third party ROM and that is a different kettle of fish.


That's the boat I'm in (2D and Touch2Pay)

Installed TelStop in the meantime and it appears to do the trick

 1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





Trending now »

Hot discussions in our forums right now:

Gigatown winner town and plans
Created by freitasm, last reply by Aredwood on 26-Nov-2014 22:39 (42 replies)
Pages... 2 3


Click Monday Deals
Created by mrtoken, last reply by Krishant007 on 24-Nov-2014 17:11 (25 replies)
Pages... 2


Gull Employment Dispute.
Created by networkn, last reply by Geektastic on 26-Nov-2014 16:35 (142 replies)
Pages... 8 9 10


Letter from Vodafone Speed Decrease WTF
Created by rokki, last reply by rokki on 26-Nov-2014 21:25 (20 replies)
Pages... 2


HP Stream 7 arrives
Created by gnfb, last reply by gnfb on 26-Nov-2014 22:49 (19 replies)
Pages... 2


The Warehouse pulling R18 games and DVD's
Created by semigeek, last reply by mattwnz on 26-Nov-2014 16:13 (56 replies)
Pages... 2 3 4


Harmoney Credit Offer
Created by rendezvous, last reply by Aredwood on 26-Nov-2014 22:45 (13 replies)

Playing with G.722 HD Voice
Created by aw, last reply by aw on 26-Nov-2014 20:26 (13 replies)


Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.