Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 
80 posts

Master Geek
+1 received by user: 2


  Reply # 692934 28-Sep-2012 14:28
Send private message

johnr: No it's JohnR response!

Sure we have Blocked certain handsets that have caused high I levels on our network / Cells, If you want to get into the nitty gritty of things bring it on!


Any links to articles? And are we talking brands that the Cellcos sell in there shops or brands parallel imported/knock offs? As I could see the no brand knockoffs not having the quality and testing but then you won't be testing their updates anyway. I just don't see Samsung, Google, Moto, Sharp, LG. Apple, Nokia, HTC, ZTE, Sony, Huawei, etc releasing a phone or update that makes a mess of things as it is brand damaging.

Maybe an idea would be to sit down with Geekzone or ComputerWorld NZ and do a series of articles on the actual testing done, a demo of a broken update showing the consequences to cell sites, infrastructure and other mobiles/users. And the time frames that you work to; do you only start after Google/ODM release the update or do you start working during alphas and betas? Do you push your test cases upstream and sample network kit so that more of your testing can be done upstream and earlier? What testing do you do on the Android version in general Vs the specific phone? A piece on why Android updates need testing yet Apple updates don't need testing? And how you weight up the risks of an update e.g. this USSD one on Samsung with the users security versus the greater network? With that maybe the user base can understand it better than "we need to test stuff to ensure it doesn't break" and that is why you aren't getting the update yet other have. What is different about your network that needs testing as X update is working fine in Y country so why isn't it here? If it was going to break things wouldn't Y country be suffering it? And a look to the future what plans do you have in place to try and speed this up in the future to get updates out faster to more phones? 2011 was the year of Adobe security issues, 2012 is the year of Java security issues, when will Android have its big security year? 2013 maybe do you have plans for that?

80 posts

Master Geek
+1 received by user: 2


  Reply # 692940 28-Sep-2012 14:44
Send private message

And how often do you find issues? When you do find an issue do you get fixed or just don't release it? As I don't see new versions of Android spun that often which would be an external indicator that Cellcos are finding issues and getting them fixed before rolling them out.

Do the Cellcos here co operate in this testing? (in NZ and Internationally)  Are there ways to crowd source this testing to speed the cycles up? Or methodologies of stage rollout e.g. roll out to trusted group then 10% week 1, then 20% week 2 etc? Thus taking a risk by rolling out to phones slowly and monitoring carefully and stopping if there is an issue and only need to deal with a smaller sub set of phones?

 
 
 
 


BDFL - Memuneh
58928 posts

Uber Geek
+1 received by user: 10298

Administrator
Trusted
Geekzone
Subscriber

  Reply # 692984 28-Sep-2012 15:55
Send private message

Just received:


Today, Bitdefender have released a free tool, Wipe Stopper, which will protect Android users and prevent attackers from remotely wiping Android devices or causing other damage through the recently discovered USSD vulnerability.

Bitdefender’s Wipe Stopper, is now available for free on via the following link: https://play.google.com/store/apps/details?id=com.bitdefender.ussdstopper





Aussie
3860 posts

Uber Geek
+1 received by user: 996

Trusted
Subscriber

  Reply # 693062 28-Sep-2012 17:50
Send private message

joff_nz: My bone stock Telecom sgs3, when visiting the above link brings up the dialler but doesn't input any numbers. Should I be worried?


No, that is a normal, safe response. My S3 running last leaked 4.1.1 does the same.


XDA say that this is a non-issue after 4.04 (on S3 only). So if you have a launch S3 that has had an update from your telco in the last 6-8 weeks, there should be no problem.



242 posts

Master Geek
+1 received by user: 2


  Reply # 693117 28-Sep-2012 19:37
Send private message

Huawei Ascend Y200 b offered by TCL and Vodafone is affected by this flaw...

2 posts

Wannabe Geek

Trusted
BitDefender

  Reply # 694472 1-Oct-2012 20:15
Send private message

Hi there,

Just wanted to let you know that we (Bitdefender) already released a tool on the Play Store that protects against this vulnerability. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.

You can download it from: http://bit.ly/BD_USSD_Wipe_Stopper

2909 posts

Uber Geek
+1 received by user: 828

Trusted
Subscriber

Reply # 694504 1-Oct-2012 21:02
Send private message

amvlad: Hi there,

Just wanted to let you know that we (Bitdefender) already released a tool on the Play Store that protects against this vulnerability. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.

You can download it from: http://bit.ly/BD_USSD_Wipe_Stopper

Nice work, thanks very much!

Oh, and welcome to Geekzone :-)

2 posts

Wannabe Geek

Trusted
BitDefender

  Reply # 694506 1-Oct-2012 21:04
Send private message

Dratsab:
amvlad: Hi there,

Just wanted to let you know that we (Bitdefender) already released a tool on the Play Store that protects against this vulnerability. Now, once you would tap on a exploiting link, Bitdefender will intercept the wipe command and ask you to decide what to do next. You may, if unsure, dismiss the USSD command.

You can download it from: http://bit.ly/BD_USSD_Wipe_Stopper

Nice work, thanks very much!

Oh, and welcome to Geekzone :-)


Glad to help and glad to be here. :)

IcI

460 posts

Ultimate Geek
+1 received by user: 101

Trusted

Reply # 702320 17-Oct-2012 08:51
Send private message

Hi.
Has anybody tried visiting the web page with anti-virus / privacy protecting tools installed?

I've only got 2.3.6 on my Acer Mini. This exploit does not work for me with Avast installed. Uninstalling Avast is not worth the effort currently. (I did try to disable the web shield and that made no difference)

Anybody got Lookout and willing to give it a try?


4025 posts

Uber Geek
+1 received by user: 1076

Trusted

  Reply # 702448 17-Oct-2012 12:29
Send private message

I use this instead, which came out almost on the day of exploit being published
https://play.google.com/store/apps/details?id=org.mulliner.telstop

Aussie
3860 posts

Uber Geek
+1 received by user: 996

Trusted
Subscriber

  Reply # 702650 17-Oct-2012 19:44
Send private message

IcI: Hi.

Anybody got Lookout and willing to give it a try?



Lookout catches it.

1 | 2 | 3 
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Vodafone TV — television in the cloud
Posted 17-Oct-2017 19:29


Nokia 8 review: Classy midrange pure Android phone
Posted 16-Oct-2017 07:27


Why carriers might want to embrace Commerce Commission study, MVNOs
Posted 13-Oct-2017 09:42


Fitbit launches Ionic, its health and fitness smartwatch
Posted 12-Oct-2017 15:52


Xero launches machine learning automation to improve coding accuracy for small businesses
Posted 12-Oct-2017 15:45


Bank of New Zealand uses Intel AI to detect financial crime
Posted 12-Oct-2017 15:39


Sony launches Xperia XZ1, a smartphone with real-time 3D capture
Posted 11-Oct-2017 10:26


Notes on Nokia’s phone comeback
Posted 10-Oct-2017 10:06


Air New Zealand begins Inflight Wi-Fi rollout
Posted 9-Oct-2017 20:16


The latest mobile phones in perspective
Posted 9-Oct-2017 18:34


Review: Acronis True Image 2018 — serious backup
Posted 8-Oct-2017 11:22


Lenovo launches ThinkPad Anniversary Edition 25
Posted 7-Oct-2017 23:16


Less fone, more tech as Vodafone gets brand make-over
Posted 6-Oct-2017 08:16


API Talent Achieves AWS MSP Partner Status
Posted 5-Oct-2017 21:20


Stellar Consulting Group now a Domo Partner
Posted 5-Oct-2017 21:03



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.