Security researchers have uncovered a flaw that creates a means to plant bugging software on Palm Pre devices. The vulnerability means that the Palm Pre phone might be compromised through the receipt of a maliciously constructed vCard. A doctored electronic business card sent by SMS or exchanged could be used to place a backdoor …
We're all childish to laugh at this again, right?
"specialises in penetration"
prophylactics for phones
"As always, mobile phone users can protect themselves by only visiting websites and using wifi networks they trust." - now doesn't that just take all the fun out of it?
Re: "As always, mobile phone users can protect themselves by only visiting websites and using wifi networks they trust."
How the hell do you determine if you should trust a given wifi network? Kind of like how you learn about hot water. Until you actually get burned the first time you're totally ignorant, but once you do get burned you connect the steam and heat radiated with pain.
If you're going to make comments like this moron did you at least need to recommend how to do what you say should do. Otherwise you're just one more web junkie passing out worthless advice while having the feel of an educated idiot who needs and craves self aggrandizement.
my thoughts exactly
additionally, what assurances do you have that "trusted sites" are always safe? Or are there no website attacks anymore?
Trust nobody :)
Any unknown WiFi network can't be trusted, those are the best places to start a man-in-the-middle attack on you.
I use a VPN over every WiFi Network which is not mine, i.E. all but one.
Black Helicopters, just because I'm paranoid does not mean they are not after me!
hacking via SMS
I've always been a bit surprised that this is possible, in as much as why does the message function need to have access to the parts of the device, that would make this possible.
I seem to remember (some time ago) that there was a bug in some of the old Nokia handsets (5110 and others around that time) where if they received an SMS comprised of entirely ........ it would lock up the handset.
It has been fixed and acknowledged
for quite some time now.
Mine's the one with the press pass in the pocket.
latest android software?
"and it has been fixed in the latest version of our Android software."
are they referring to 2.2? half of the android phone owners today will probably never get to run 2.2
Quote from the article: ", and it has been fixed in the latest version of our Android software."
... which the vast majority of Android users can't download and install. Brilliant.
I thought this was supposed to be the benefit of an open platform? People get things fixed quicker than the big corps?
Or you could go root and download the latest version? Not a techie? Just go get a new froyo handset. Your handset maker and operator will be happy. Google won't car either way.
Someone's gone to the trouble of finding a vuln on the Palm Pre?
Oh well I guess that's the last nail in the coffin of "security through obscurity" then....
Good work, more like this from British researchers please - IOActive and other American firms seem to have stolen the lead lately in vulnerability research...
Only visit websites you trust... but the sites I visit show ads and those are served by sites I would never trust (only a fool would trust an advertiser)
Surprised all the apple Fanbolis are not in here getting their retaliation for the a$$ kicking you all gave them over the PDF exploit on iOS, which is even harder to pull off than this....
I thought I was going to be in that half as I have a first generation android . woke up this morning and had a system update. I'm now on 2.2. I wounder was it google or my carrier that did the update .
- Vid Antarctic ice THICKER than first feared – penguin-bot boffins
- Antique Code Show World of Warcraft then and now: From Orcs and Humans to Warlords of Draenor
- iPhone sales set to PLUMMET: Bleak times ahead for Apple
- Regin: The super-spyware the security industry has been silent about
- Review Amazon Fire Phone: What's MISSING... and why it WON'T set the world alight