back to article The SMS of DEATH - Can it crash your phone?

Many mainstream mobiles can be crashed after opening a maliciously constructed SMS message. The so-called 'SMS of death' attacks affects mobiles from Samsung, Sony Ericsson, Motorola and LG, among others. Details of the attack, a variant of earlier attacks along the same lines, were outlined by security researchers Collin …

COMMENTS

This topic is closed for new posts.
Headmaster

Sent from your Jesus Phone?

Interesting article John..but it looks like your predictive texting is shagged or you have fat fingers (too much beer & xmas pud?) judging by the general unproof-readness.

Read txt b4 send init!

3
0
Anonymous Coward

Crash a Smartphone

I've got an iPhone 3GS.

I don't need to receive a malicious crafted SMS message to make it crash. Just use it to make a phonecall and it'll crash within 3 minutes.

I think it might be a feature to stop people running up huge call bills.

9
4

troll much?

If your phone is crashing, even at a percentage of that rate, and you have not notified apple to replace it, you've got issues....

Between a 2G, a 3GS and a 4, and more than 3 years of service for me and the wife, we've only dropped 11 calls, combined. I've not rebooted my iPhone on purpose since the early days of OS 2.x. I don't even reboot to install apps unless the app explicitly recommends I do so (and I usually avoid those apps, apple gave devs proper ways to avoid that, which means bad devs....). Typically, unless i forget to plug it in for more than 2 days in a row and completely kill the battery, it never reboots.

Last blackberry I had used to crash about 1-2 times a week, I had it replaced 3 times before they simply gave me a different (higher end) model. I retuned 2 different Palm phones for much the same reason. I do not tollerate flaky hardware or software. iOS and the iPhone platform are rock solid stable, you;re an ass. no one disputes iPhone stability (only features of the phone and the AT&T network).

6
6
Silver badge
Grenade

@ Michael C

"you;re an ass. no one disputes iPhone stability "

I think you need to take a trip over to the Apple forums. Search for "iphone crashes during call". Some of the forums run to 110 PAGES of complaints. There is a KNOWN PROBLEM with some models of iPhone and iOS, and the only fix is a replacement. (If you read the posts, Apple stores routinely replace phones without question if the user reports the phone crashing, so while Apple aren't publicly admitting a fault, they do know it exists).

If my phone was still under warranty, I'd have got Apple to replace it. Sadly they expect me to pay for new hardware due to a fault raised by their faulty software. Everything worked under iOS3, but you can't downgrade.

Now go back to fondling your Jesus slab and don't call me an ass again.

4
2
Gold badge

Duh

"There is a KNOWN PROBLEM with some models of iPhone and iOS, and the only fix is a replacement."

It's called a hardware fault. I take it you think hardware faults should be fixable in software?

Given how phones and other fragile devices get thrown around during shipping I'm not surprised there's a few lemons in the field.

It's always easy to blame Apple, but they don't produce the thing. The components are off the shelf parts (mostly) and manufacturing is outsourced to Foxxconn.

0
0
Jobs Horns

To Giles

"It's always easy to blame Apple, but they don't produce the thing. The components are off the shelf parts (mostly) and manufacturing is outsourced to Foxxconn."

Really? I can't blame the brand on the product because the OEM isn't the brand's company? Who exactly outsourced it to Foxxconn if not Apple? Surely Apple could build things in the United States (or China) in Apple-owned factories if Apple so desired. People don't buy Foxxconn iPhone 4, they buy Apple iPhone 4.

1
0
Silver badge

This reminds me..

...of some of the crap that The Coca Cola Company's various bottlers have gotten up to. When the bottlers do something that could generate good press, head office goes all "LOOK WHAT WE DID THIS YEAR!"

When the bottlers hire thugs to shoot union reps, or a plant that requires huge amounts of water to operate opens up in an Indian drought zone and screws the local population over for irrigation and drinking water, it's "not our responsibility, we're a franchise, we only make the syrup."

Sorry guys, but it says "Coca Cola" in big letters on the bottle. You want to avoid responsibility? Try letting your bottlers call it "Super Columbian Cola Plus, now with extra protection money!" Have a little "uses genuine cola cola syrup" on one of the borders. But hey, you wouldn't do that, would you?

Ditto Apple.

0
0
WTF?

Eh?

"A lot of effort in security circles over recent months has gone into discovering flaws in Android, iPhone and other smartphones by 84 per cent of phone in use are less advanced feature phones."

That made perfect sense! Was this translated online using a dodgy translator from a foreign language?

2
0
Anonymous Coward

A title is required

Is it just me that thinks "a dodgy translator" sounds like someone you could have a lot of fun with?

3
0
Happy

my nipples explode with delight!

my hovercraft however...

2
0
Troll

but what we all want to know....

is the judas phone at risk to these attacks too....

the article near enough says every other mobile phone is at risk, but no mention of the judas phone?

0
2

not the iphone...

between AT&T filtering for such messages in the US, and the iPhone OS method for handling SMS, its immune. It wasn't always (they fixed it back in 2.x-something.

0
0

.... will be in a different article

The article isn't about any smartphone be it Apple, Android or WinMo, it's about conventional mobiles which WAY more people have.

2
0
Silver badge

If the phone is more then a month old

"Both researchers called for suppliers to increase the frequency of security updates as well as making updates easier to apply. "

The telcos will not bother to hack up a custom version of the new software since they have already moved to a different phone and everyone is stuck with V1.0.

I wish more phone companies were like Apple and didn't let the phone companies hack up the software.

1
1
Silver badge
Pint

Nothing new here

"Many mainstream mobiles can be crashed after opening a maliciously constructed SMS message."

Well, I managed to crash my Sony-Ericsson cheapo phone by sending it a slightly-wrongly (not maliciously) constructed SMS. Only moving the SIM card to another phone, then clearing out the message brought relief.

Companies should really stop using stressed-out underpaid monkeys to write protocol code.

6
0
Silver badge
Happy

RE: Nothing new here

From the article: "....bugs in supported Java apps....." I sense the problem is more to do with the language used.

And I laughed like a drain at Micheal C's "troll much" response - looks very much a case of pot meet kettle! ".....more than 3 years of service for me and the wife, we've only dropped 11 calls...." EXACTLY eleven? Not "about a dozen"? What, you counted them, recorded them in your diaries (more likely in equally vacuous blogs, no doubt)? Yeah, right! I sense the fanboism is strong with this one. And then we see the knee-jerk attack on a non-Jobsian vendor: ".....Last blackberry I had used to crash about 1-2 times a week...." I can't remember the last time my BB crashed, but that might be because I have one connected to a BES. The advantage of a BES is that the admins can restrict what happens on the individual devices, which stops lusers that don't know better (that would be you, Mr C) doing half the stupid things they try to do.

2
2
Grenade

step 1

The carrier should be data validating text messages entering their network in the first place, not simply passing on garbage unfiltered content to mobiles.

"malformed" really does mean malformed in this case, including characters often not even possible to type on cell phones even with virtual keyboards. Folks, if it ain't basic alphas, nums, and simply symbols, bounce it back to the sender....

1
0
Silver badge

Oops.

And yet, the response from many telcos or even phone manufacturers as to "when will I get updated firmware" is "when you buy a new phone."

Maybe when something happens that crashes the entire bloody network, they'll get a clue? That or a suitably large class action, but who's going to bother bringing one of them over a stuck phone? How many will even know what the problem is, instead saying "oh it's broken, time to buy a new one"?

2
0

Well

That's exactly the way Joe Public deals with PCs/Printers/TVs/DVD players/Yadda Yadda...

The manufacturers know this and play to it.

0
0
Anonymous Coward

Suicide by SMS

Working in the other direction, I can crash my otherwise-trusty old Nokia 6230i by typing "..." in an outgoing text while in predictive mode. Unfortunately it's so old it doesn't support firmware updates so I suppose I'm stuck with it... oops...

0
0
Anonymous Coward

6230i firmware

All Nokia phones can be updated, though the older phones were upgradeable only in a Nokia service shop, with a flashing kit. If you can have it done for free or cheaply go for it, otherwise you can probably buy a new phone for the same price.

Check your fw version by dialing *#0000#

Latest firmware is 3.89. Here's the change log if interested:

http://hunajatehdas.net/nokia/firmware/en/model:6230i

0
0
Flame

Serendipity?

I like the way this article has a banner down the side linking to ElReg's roundup of cheapo mobile phones.

I'd like to see the review reopened with a test for vulnerability to "SMS of Death" :-)

Anyway, what are the chances of getting a firmware update on a sub £100 cheapo phone?

Hell, my Nokia E50 had a fatal bug from practically day zero that Nokia never fixed and that was a flagship business phone.

I can see SMS of Death becoming a top playground jolly jape fairly soon...

1
0
Alert

Android text appears to be broken anyway...

I happened to read this thread in Google code this morning, about a long-standing issue with sms going to the wrong recipient if anything interrupts you while you're composing it...

http://code.google.com/p/android/issues/detail?id=9392

I wonder how many divorces/sackings/decapitations that's caused?

1
0

Phones

My phone does just that, it does not crash it just keeps working, its a cheap old phone only.

New gimmick items WILL give problems as they are still experimental to a point. Just accept that the rich and stupid are being used as test beds, why should the company pay for its experiments when there are so many willing suckers.

0
0
Megaphone

Nokia need to get their updates sorted

Nokia phone updates have to come down via the PC.

For Linux customers, we're stuffed.

You hear me Nokia? Get your back side in to gear, or my next phone will be Android.

0
0
Grenade

Going to have to learn how to do this

It could be far more fun than sending faxes to the mobile numbers of 419 scammers.

AC, because it's probably illegal.

0
0
This topic is closed for new posts.

Forums