Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.

View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 
79 posts

Master Geek
+1 received by user: 2


  Reply # 692934 28-Sep-2012 14:28 Send private message

johnr: No it's JohnR response!

Sure we have Blocked certain handsets that have caused high I levels on our network / Cells, If you want to get into the nitty gritty of things bring it on!


Any links to articles? And are we talking brands that the Cellcos sell in there shops or brands parallel imported/knock offs? As I could see the no brand knockoffs not having the quality and testing but then you won't be testing their updates anyway. I just don't see Samsung, Google, Moto, Sharp, LG. Apple, Nokia, HTC, ZTE, Sony, Huawei, etc releasing a phone or update that makes a mess of things as it is brand damaging.

Maybe an idea would be to sit down with Geekzone or ComputerWorld NZ and do a series of articles on the actual testing done, a demo of a broken update showing the consequences to cell sites, infrastructure and other mobiles/users. And the time frames that you work to; do you only start after Google/ODM release the update or do you start working during alphas and betas? Do you push your test cases upstream and sample network kit so that more of your testing can be done upstream and earlier? What testing do you do on the Android version in general Vs the specific phone? A piece on why Android updates need testing yet Apple updates don't need testing? And how you weight up the risks of an update e.g. this USSD one on Samsung with the users security versus the greater network? With that maybe the user base can understand it better than "we need to test stuff to ensure it doesn't break" and that is why you aren't getting the update yet other have. What is different about your network that needs testing as X update is working fine in Y country so why isn't it here? If it was going to break things wouldn't Y country be suffering it? And a look to the future what plans do you have in place to try and speed this up in the future to get updates out faster to more phones? 2011 was the year of Adobe security issues, 2012 is the year of Java security issues, when will Android have its big security year? 2013 maybe do you have plans for that?

79 posts

Master Geek
+1 received by user: 2


  Reply # 692940 28-Sep-2012 14:44 Send private message

And how often do you find issues? When you do find an issue do you get fixed or just don't release it? As I don't see new versions of Android spun that often which would be an external indicator that Cellcos are finding issues and getting them fixed before rolling them out.

Do the Cellcos here co operate in this testing? (in NZ and Internationally)  Are there ways to crowd source this testing to speed the cycles up? Or methodologies of stage rollout e.g. roll out to trusted group then 10% week 1, then 20% week 2 etc? Thus taking a risk by rolling out to phones slowly and monitoring carefully and stopping if there is an issue and only need to deal with a smaller sub set of phones?

BDFL
49529 posts

Uber Geek
+1 received by user: 4376

Administrator
Trusted
Geekzone
Subscriber

  Reply # 692984 28-Sep-2012 15:55 Send private message

Just received:


Today, Bitdefender have released a free tool, Wipe Stopper, which will protect Android users and prevent attackers from remotely wiping Android devices or causing other damage through the recently discovered USSD vulnerability.

Bitdefender’s Wipe Stopper, is now available for free on via the following link: https://play.google.com/store/apps/details?id=com.bitdefender.ussdstopper





Aussie
2184 posts

Uber Geek
+1 received by user: 197

Trusted
Subscriber

  Reply # 693062 28-Sep-2012 17:50 Send private message

joff_nz: My bone stock Telecom sgs3, when visiting the above link brings up the dialler but doesn't input any numbers. Should I be worried?


No, that is a normal, safe response. My S3 running last leaked 4.1.1 does the same.


XDA say that this is a non-issue after 4.04 (on S3 only). So if you have a launch S3 that has had an update from your telco in the last 6-8 weeks, there should be no problem.



197 posts

Master Geek


  Reply # 693117 28-Sep-2012 19:37 Send private message

Huawei Ascend Y200 b offered by TCL and Vodafone is affected by this flaw...

2 posts

Wannabe Geek

Trusted
BitDefender

  Reply # 694472 1-Oct-2012 20:15 Send private message

Hi there,

Just wanted to let you know that we (Bitdefender) already released a tool on the Play Store that protects against this vulnerability. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.

You can download it from: http://bit.ly/BD_USSD_Wipe_Stopper

1892 posts

Uber Geek
+1 received by user: 179

Trusted
Subscriber

Reply # 694504 1-Oct-2012 21:02 Send private message

amvlad: Hi there,

Just wanted to let you know that we (Bitdefender) already released a tool on the Play Store that protects against this vulnerability. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.

You can download it from: http://bit.ly/BD_USSD_Wipe_Stopper

Nice work, thanks very much!

Oh, and welcome to Geekzone :-)




Vodafone VDSL:

2 posts

Wannabe Geek

Trusted
BitDefender

  Reply # 694506 1-Oct-2012 21:04 Send private message

Dratsab:
amvlad: Hi there,

Just wanted to let you know that we (Bitdefender) already released a tool on the Play Store that protects against this vulnerability. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.

You can download it from: http://bit.ly/BD_USSD_Wipe_Stopper

Nice work, thanks very much!

Oh, and welcome to Geekzone :-)


Glad to help and glad to be here. :)

IcI

33 posts

Geek


Reply # 702320 17-Oct-2012 08:51 Send private message

Hi.
Has anybody tried visiting the web page with anti-virus / privacy protecting tools installed?

I've only got 2.3.6 on my Acer Mini. This exploit does not work for me with Avast installed. Uninstalling Avast is not worth the effort currently. (I did try to disable the web shield and that made no difference)

Anybody got Lookout and willing to give it a try?


3585 posts

Uber Geek
+1 received by user: 879

Trusted

  Reply # 702448 17-Oct-2012 12:29 Send private message

I use this instead, which came out almost on the day of exploit being published
https://play.google.com/store/apps/details?id=org.mulliner.telstop

Aussie
2184 posts

Uber Geek
+1 received by user: 197

Trusted
Subscriber

  Reply # 702650 17-Oct-2012 19:44 Send private message

IcI: Hi.

Anybody got Lookout and willing to give it a try?



Lookout catches it.

1 | 2 | 3 
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Does NZ need better gun laws?
Created by mattwnz, last reply by mattwnz on 2-Sep-2014 13:58 (98 replies)
Pages... 5 6 7


Warning: Rage Ahead - Campbell Live and childhood poverty
Created by kawaii, last reply by BarTender on 2-Sep-2014 13:53 (70 replies)
Pages... 3 4 5


VideoEZY OnDemand
Created by Andib, last reply by mattwnz on 2-Sep-2014 13:53 (56 replies)
Pages... 2 3 4


Judith Collins: I am resigning
Created by Presso, last reply by gzt on 2-Sep-2014 11:42 (109 replies)
Pages... 6 7 8


What tyre brand/model to look at ?
Created by Mark, last reply by Mark on 2-Sep-2014 13:45 (25 replies)
Pages... 2


Cirque du Soleil Cellphone Hijack
Created by myopinion, last reply by PhantomNVD on 1-Sep-2014 18:01 (21 replies)
Pages... 2


Orcon Global Mode launched
Created by freitasm, last reply by shk292 on 1-Sep-2014 11:32 (132 replies)
Pages... 7 8 9


Lightbox press event release
Created by freitasm, last reply by IcI on 30-Aug-2014 17:54 (562 replies)
Pages... 36 37 38



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.