Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3
Watchmaker Wizard
2404 posts

Uber Geek
+1 received by user: 57

Subscriber

  Reply # 692174 27-Sep-2012 12:34 Send private message

Alternatively, Root the phone, freeze\disable the phone application and use a 3rd party app like GoContacts.

This will probably cause the phone to no longer receive OTA updates though.




5388 posts

Uber Geek
+1 received by user: 222

Subscriber

  Reply # 692197 27-Sep-2012 13:05 Send private message

Just tested this with my SGS2 running ICS. The Chrome browser brought up the IMEI but using Opera Mobile 12 it was clear which is my default browser.. So go and install Opera Mobile 12..




Regards,

Old3eyes

752 posts

Ultimate Geek
+1 received by user: 17


  Reply # 692363 27-Sep-2012 17:09 Send private message

Does anyone else find it strange how this comes out just as the iPhone 5 launches? Considering it is essentially as basic as a website using mailto links for whatever reasons

2620 posts

Uber Geek
+1 received by user: 57

Trusted
Subscriber

  Reply # 692379 27-Sep-2012 17:48 Send private message

karit: I happens on my Nexus One with 2.3.6.

https://dylanreeve.posterous.com/remote-ussd-attack has a link to http://dylanreeve.com/phone.php which will utilise the same security flaw but show you the IMEI number instead of wiping your phone. This will indicate if you are at risk when you visit that URL on your phone.

Current mitigation is to install an alternate dial e.g. https://play.google.com/store/apps/details?id=kz.mek.DialerOne is suggested in link above and is what I currently have in place as a mitigation strategy.

Now just waiting for the QR codes and dodgy links to be placed around the place and start wiping phones. Hopefully this is exploited heavily and in the media so the Cellcos and Google start doing updates. Even minor patches e.g. 2.3.7 for instance. From what I read they fix/patch was written three months ago.............


My LG Optimus 3D Max (running stock Android v2.3.6) is NOT vulnerable to attack. Good to know. :-)  




____________________________________________________
If you're not curious, your brain is already dying...if not dead.



333 posts

Ultimate Geek
+1 received by user: 22


  Reply # 692469 27-Sep-2012 20:21 Send private message

My bone stock Telecom sgs3, when visiting the above link brings up the dialler but doesn't input any numbers. Should I be worried?




Usual disclaimer regarding my employer
http://twitter.com/joff_nz

gzt

4504 posts

Uber Geek
+1 received by user: 223

Subscriber

  Reply # 692476 27-Sep-2012 20:36 Send private message

juha: I've got to say given the number of affected devices - and we don't yet know what a creative attacker can do with USSD codes that vary from device to device - the industry response has been remarkably casual. Good on Samsung for stepping up and issuing patches, but what about the rest?

It is not good but this is the normal response. This has been the standard practice so far. In this case appearances are worse because any phone user can easily understand it, because it is related to a user function performed by phone UI.

156 posts

Master Geek
+1 received by user: 1


  Reply # 692485 27-Sep-2012 20:49 Send private message

Tried it on my galaxy s2, the default browser did it, but opera didn't.



644 posts

Ultimate Geek
+1 received by user: 72


  Reply # 692575 28-Sep-2012 02:02 Send private message

And once again we have carriers deliberately sabotage Android - Yes they're dramatic words but honestly, give the scope of such a security blunder I would have thought that the carriers would be talking to Samsung to get the updates out the door asap without any delays.




MacBook Pro 13.3" Mid-2012; iMac 3.4Ghz 27-inch (BTO) Late-2012; iPhone 5S 'Space Grey' (64GB), Huawei HD659b


16388 posts

Uber Geek
+1 received by user: 1349

Trusted
Vodafone NZ

  Reply # 692576 28-Sep-2012 02:10 Send private message

If anyone is that worried about it just do a backup of the data on your handset




644 posts

Ultimate Geek
+1 received by user: 72


  Reply # 692578 28-Sep-2012 02:15 Send private message

johnr: If anyone is that worried about it just do a backup of the data on your handset


Why don't' the carriers pull finger and approve the fix straight away? if the confidence in Samsung releasing an update that doesn't screw things up is that low then maybe questions should be asked whether the carriers should sell Samsung in the first place given the lack of confidence said organisations have in Samsung's own QA process.




MacBook Pro 13.3" Mid-2012; iMac 3.4Ghz 27-inch (BTO) Late-2012; iPhone 5S 'Space Grey' (64GB), Huawei HD659b


16388 posts

Uber Geek
+1 received by user: 1349

Trusted
Vodafone NZ

  Reply # 692579 28-Sep-2012 02:50 Send private message

Drama Queen




79 posts

Master Geek
+1 received by user: 2


  Reply # 692647 28-Sep-2012 08:19 Send private message

johnr: If anyone is that worried about it just do a backup of the data on your handset


Seriously that is VF response? I am so glad I am no longer with you.

Will you be increasing everyone data plans to allow for realtime backup of everything?

If there is a hole in Windows I am sure MS wouldn't say make sure you backup and leave it at that, they would release a patch and all the ISPs would heavily encourage their userbase to update as quickly as possible.

Carriers say it might break our network (or bloatware) can someone please post me to a link where the firmware on a phone had broken a cell network? As I don't know of any instances and currently this is FUD and my assumption is it more about getting people to buy new phones than "protecting" their network kit. I challenge you to prove me wrong. Preferable with an Android example; a 1g phone example from the 80s won't really cut it.

5388 posts

Uber Geek
+1 received by user: 222

Subscriber

  Reply # 692893 28-Sep-2012 13:35 Send private message

kawaii:
johnr: If anyone is that worried about it just do a backup of the data on your handset


Why don't' the carriers pull finger and approve the fix straight away? if the confidence in Samsung releasing an update that doesn't screw things up is that low then maybe questions should be asked whether the carriers should sell Samsung in the first place given the lack of confidence said organisations have in Samsung's own QA process.


I believe it's not only a Samsung thing..




Regards,

Old3eyes

79 posts

Master Geek
+1 received by user: 2


  Reply # 692899 28-Sep-2012 13:40 Send private message

old3eyes:
kawaii:
johnr: If anyone is that worried about it just do a backup of the data on your handset


Why don't' the carriers pull finger and approve the fix straight away? if the confidence in Samsung releasing an update that doesn't screw things up is that low then maybe questions should be asked whether the carriers should sell Samsung in the first place given the lack of confidence said organisations have in Samsung's own QA process.


I believe it's not only a Samsung thing..


Reading more it appears the running of codes is widespread across Android version, but the particular factory reset code only appears to be on a sub set of Samsung phones. (And will be that way until the reset codes for other phones are found)

16388 posts

Uber Geek
+1 received by user: 1349

Trusted
Vodafone NZ

  Reply # 692907 28-Sep-2012 13:51 Send private message

karit:
johnr: If anyone is that worried about it just do a backup of the data on your handset


Seriously that is VF response? I am so glad I am no longer with you.

Will you be increasing everyone data plans to allow for realtime backup of everything?

If there is a hole in Windows I am sure MS wouldn't say make sure you backup and leave it at that, they would release a patch and all the ISPs would heavily encourage their userbase to update as quickly as possible.

Carriers say it might break our network (or bloatware) can someone please post me to a link where the firmware on a phone had broken a cell network? As I don't know of any instances and currently this is FUD and my assumption is it more about getting people to buy new phones than "protecting" their network kit. I challenge you to prove me wrong. Preferable with an Android example; a 1g phone example from the 80s won't really cut it.


No it's JohnR response!

Sure we have Blocked certain handsets that have caused high I levels on our network / Cells, If you want to get into the nitty gritty of things bring it on!




1 | 2 | 3
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Windows 10 announced, as well as developer preview
Created by macuser, last reply by Regs on 1-Oct-2014 22:24 (48 replies)
Pages... 2 3 4


Moment of Truth?
Created by BarTender, last reply by JimmyC on 29-Sep-2014 09:16 (441 replies)
Pages... 28 29 30


Can i have 2 ISP's at home?
Created by ReckITT, last reply by Lazarui on 30-Sep-2014 18:15 (49 replies)
Pages... 2 3 4


Why is your nickname what it is, what are the origins of it?
Created by Presso, last reply by hsvhel on 1-Oct-2014 11:52 (89 replies)
Pages... 4 5 6


What time will the Apple Store online be selling the iPhone 6?
Created by scotiwis, last reply by thewanderingv on 1-Oct-2014 22:49 (110 replies)
Pages... 6 7 8


iPhone 6 From Spark - Order Dates and Pricing?
Created by Otagolad, last reply by mahdibassam on 1-Oct-2014 17:03 (348 replies)
Pages... 22 23 24


Easiest way to have iPhone warranty service
Created by JoshWright, last reply by nitrotech on 30-Sep-2014 21:37 (15 replies)

Passwords and pesky teenagers
Created by martyyn, last reply by DaveDog on 1-Oct-2014 12:28 (26 replies)
Pages... 2



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.