back to article Single NFC bonk subjugated Samsung Galaxy SIII and slurped it out

A Galaxy SIII running Android 4.0.4 was infected with malware over an NFC connection at a hacking contest in Amsterdam using nothing more than a bump in the dark. Full details of the vulnerabilities exploited haven't been revealed by the team, who came from MWR InfoSecurity and were showing off at Mobile Pwn2Own this week, as …

COMMENTS

This topic is closed for new posts.
  1. Shagbag

    STD

    No, not a Sexually Transmitted Disesase, but a Samsung-Transimitted-Disaster.

    There ya go El Reg. A smutty innuendo in your end-oh!

    1. Anonymous Coward
      Anonymous Coward

      Re: STD

      Well more a Google Transmitted Disaster, sounds to me like its an Android flaw not Samsung....

      But one good thing about this exploit is that those of us who don't use the bonking transfers can just turn it off!

      1. Thomas 4
        IT Angle

        And this folks

        Is why we don't bonk random strangers.

        1. Anonymous Coward
          Pint

          Re: Re: And this folks

          Or why we do...

        2. Anonymous Coward
          Anonymous Coward

          Re: And this folks

          It's okay if you wear protection.

  2. This post has been deleted by its author

  3. I think so I am?
    Go

    MR Whippy bumps

    to own all ice-cream sandwiches.

  4. Anonymous Coward
    Anonymous Coward

    Is this specific to Samsung

    Or more of an Android issue and it just happens that Samsung are the ones with the best phone sporting NFC right now?

  5. FartingHippo

    Give the vendor's time to fix it?!?

    Given how infrequently Android users update their OS (often never - look at the number of devices still on Froyo or Gingerbread) is this really going to happen?

    I think there are going to be a helluva lot of vulnerable phones out there, meaning standing next to a stranger on a train with an NFC enabled phone will be a risky proposition.

    1. Anonymous Coward
      Anonymous Coward

      Re: Give the vendor's time to fix it?!?

      Load of scaremongering.

      Not only do you have to stand next to someone with a phone with the vulnerability, you have to pretty much touch their phone with yours in the right spot, (NFC will only work if the two devices are -very- close.) which has to be done over 100 times. (185 from the article) Then the attacker has to hope that the stock browser is on there, instead of Firefox or Chrome.

      Yes its a hole, which isn't great, but come on, it'll take a lot of work to do. Its not like a vulnerability in a browser so it can be 'owned' by a dodgy adframe.

      1. Anonymous Coward
        Anonymous Coward

        Re: Give the vendor's time to fix it?!?

        AC 09:35

        I'm sure you're aware that NFC range can be boosted? Right now you just need to be close enough, try a crowded train for example.

        The 100 tries is all software, not actual bonks. As the article said those 185 tries were done in less than a minute.

      2. Anonymous Coward
        Anonymous Coward

        Re: Give the vendor's time to fix it?!?

        It may be a small problem now, but it will be a big problem later if unfixed.

        One use of NFC is wireless payments. While there's a limit of about £20 a transaction I would still be annoyed to have been robbed of £20.

    2. DaddyHoggy

      Re: Give the vendor's time to fix it?!?

      Why are you blaming Android users for not updating? My Samsung Galaxy Ace from 3 is only 6 months old and into a 24m contract. It came with Gingerbread and, unless I want to root it, that's my OS until 3 offer an upgrade. Which they're not going to apparently because the Ace, being a very modest phone, would take an unacceptable performance hit on ICS never mind JB.

  6. Anonymous Coward
    Anonymous Coward

    Just pay with cash you freakazoids

    1. FartingHippo
      FAIL

      Luddite

      Why no go the whole hog and move back to barter.

      I'll swap you three cabbages and a spoon for a pint of milk and a pair of socks.

      1. Anonymous Coward
        Anonymous Coward

        Because of the properties, man, the properties.

        "Paying" is passing a couple beer tokens, virtual or otherwise, to someone else, right?

        So why does it need to involve shoddy software with holes enough to stack exploits through? Or hardware that you're expected to replace every year? My wallet is at least five years old and the previous two, each lasting at least as long, are the exact same model. Or why does it have to involve passing your name, payment history, by extension a list of where you've been, and a whole lot of other things that cash can do without? Why does it have to involve numerous third, fourth, fifth parties, some of whom may or may not have joined up in some industry body or other, possibly swapping out even more information? All of them caring for stacks of hardware, and a fault anywhere can put a wrench in the machinery. Why does my ability to lend a couple of quid to me mate have to depend to all that plus the charge level in the smartphone? What's with all the folderol, when simply passing over a couple tokens would otherwise be enough?

        Make me a digital system that is as provably anonymous, as robust, as simple, and as simple and easy to use as cash, and then I'll consider it. Before that, sticking to cash isn't a fail. It makes good, objective sense. For verily, the technology isn't being pushed for the problems it's solving. It's being pushed for the business opportunities of all the middle men that're aching for a bit of payment pie.

  7. Dan 55 Silver badge
    Megaphone

    Cyanogen

    That is all.

    1. Anonymous Coward
      Anonymous Coward

      Re: Cyanogen

      ..that is all except that it's not in anything like a finished state for the S3 yet, of course, so that's crap advice.

      Just checking that all the spurious "features" you don't actually use are switched off is a flying start for any piece of complex computer-based tech, and is a lot less likely to screw up your ability to take/make calls than the current state of Cyanogen on the S3.

      (That said, it's fine on my old HTC Desire, I am in favour of it in principle, when it's stable)

  8. Richard Tobin

    NFC off by default

    You have to enable NFC explicitly, so most users will not be vulnerable.

    1. Havin_it
      Stop

      Re: NFC off by default

      ^This. And I for one will be wanting a pretty compelling reason to ever turn it on, let alone leave it on for any length of time. File transfer certainly ain't it (we can both turn Bluetooth on just as easily and with mutual identification); moving money around ain't it for as long as I can possibly avoid it (my money and all my personal info in one pocketable package? What could possibly go wrong?)

  9. thesykes

    Do you have to accept a file transfer request over Beam or does the phone just accept whatever gets sent? Or does the attack take place when the phone is talking to the attacking device before the file gets sent?

  10. Anonymous Coward
    Go

    Miller already predicted such NFC attacks at Black Hat USA

    http://www.theregister.co.uk/2012/08/02/nfc_security/

  11. Piro Silver badge

    No big deal

    Because the perp will be in range to beat with your bare hands.

  12. John Tserkezis
    Unhappy

    Turned mine off.

    Especially since we have no NFC commercial offerings here in Oz that work anyway (yet?), and I tried to get file transfers to work between two S3's and failed every time.

    After twenty mintues of getting what looked like two turtles to mate, we gave up hoping everyone else didn't think we were weird or something.

    We failed. :-(

    1. KjetilS
      WTF?

      Re: Turned mine off.

      ... how is it possible to fail at that?

      You put the two phones back-to-back and tap the screen when it says "tap the screen to transfer" or something to that effect.

      I tried it with two S3's and it worked perfectly.

      I'm thinking PEBCAK, or in this case; PEBPAK

      1. Anonymous Coward
        Anonymous Coward

        Re: Turned mine off.

        >how is it possible to fail at that?

        Very possible. Mr Tserkezis might have been trying with individual phones that were being awkward for some reason... perhaps a different version of the Samsung firmware was on his units, perhaps one suffered from a hardware fault.

        If it were me, I'd try my best to explore the possibility of user error before deciding it something else is at thought, and we have no reason to assume Mr Tserkezis hasn't done so.

This topic is closed for new posts.

Other stories you might like