back to article Security flaw creates Android, Palm Pre snoop risk

Security researchers have uncovered a flaw that creates a means to plant bugging software on Palm Pre devices. The vulnerability means that the Palm Pre phone might be compromised through the receipt of a maliciously constructed vCard. A doctored electronic business card sent by SMS or exchanged could be used to place a backdoor …

COMMENTS

This topic is closed for new posts.
Joke

ha..

We're all childish to laugh at this again, right?

"specialises in penetration"

0
0
Silver badge
Coat

prophylactics for phones

"As always, mobile phone users can protect themselves by only visiting websites and using wifi networks they trust." - now doesn't that just take all the fun out of it?

0
1
Go

Yeah Right!

Re: "As always, mobile phone users can protect themselves by only visiting websites and using wifi networks they trust."

How the hell do you determine if you should trust a given wifi network? Kind of like how you learn about hot water. Until you actually get burned the first time you're totally ignorant, but once you do get burned you connect the steam and heat radiated with pain.

If you're going to make comments like this moron did you at least need to recommend how to do what you say should do. Otherwise you're just one more web junkie passing out worthless advice while having the feel of an educated idiot who needs and craves self aggrandizement.

4
1
FAIL

my thoughts exactly

additionally, what assurances do you have that "trusted sites" are always safe? Or are there no website attacks anymore?

0
0
Black Helicopters

Trust nobody :)

Any unknown WiFi network can't be trusted, those are the best places to start a man-in-the-middle attack on you.

I use a VPN over every WiFi Network which is not mine, i.E. all but one.

Black Helicopters, just because I'm paranoid does not mean they are not after me!

0
0
Bronze badge
FAIL

hacking via SMS

I've always been a bit surprised that this is possible, in as much as why does the message function need to have access to the parts of the device, that would make this possible.

I seem to remember (some time ago) that there was a bug in some of the old Nokia handsets (5110 and others around that time) where if they received an SMS comprised of entirely ........ it would lock up the handset.

1
0
Coat

It has been fixed and acknowledged

for quite some time now.

http://kb.palm.com/wps/portal/kb/na/pre/p100eww/sprint/solutions/article/50607_en.html#145

Mine's the one with the press pass in the pocket.

0
0

latest android software?

"and it has been fixed in the latest version of our Android software."

are they referring to 2.2? half of the android phone owners today will probably never get to run 2.2

0
0
Anonymous Coward

Er...

Quote from the article: ", and it has been fixed in the latest version of our Android software."

... which the vast majority of Android users can't download and install. Brilliant.

1
0
Anonymous Coward

Just ....

I thought this was supposed to be the benefit of an open platform? People get things fixed quicker than the big corps?

Or you could go root and download the latest version? Not a techie? Just go get a new froyo handset. Your handset maker and operator will be happy. Google won't car either way.

0
0
Gold badge
WTF?

Palm Pre?

Someone's gone to the trouble of finding a vuln on the Palm Pre?

Oh well I guess that's the last nail in the coffin of "security through obscurity" then....

1
0
Thumb Up

Congrats MWR

Good work, more like this from British researchers please - IOActive and other American firms seem to have stolen the lead lately in vulnerability research...

0
0
Anonymous Coward

Trust?

Only visit websites you trust... but the sites I visit show ads and those are served by sites I would never trust (only a fool would trust an advertiser)

0
0

Wow

Surprised all the apple Fanbolis are not in here getting their retaliation for the a$$ kicking you all gave them over the PDF exploit on iOS, which is even harder to pull off than this....

0
0

@vegister

I thought I was going to be in that half as I have a first generation android . woke up this morning and had a system update. I'm now on 2.2. I wounder was it google or my carrier that did the update .

0
0
This topic is closed for new posts.

Forums