Sign in / up

back to article Blindly accepting network update texts could have pwned your mobe, say researchers

Over-the-air provisioning is the latest attack vector threatening your innocent Android mobe, according to Check Point today. The Israeli threat intel biz reckons that a single malicious SMS can pwn a targeted device, allowing an attacker to do such nefarious things as intercepting emails, text messages and so on. "Given the …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Steve Aubrey
    Joke

    Calling Carl Sagan

    "Check Point claimed the vulns affected billions of devices."

    Shouldn't that have been "beeellions"? Or even "beeellions and beeellions"?

    3 0 Reply
  2. Chris Gray 1
    Facepalm

    Updates?

    "Check Point claimed the vulns affected billions of devices. While possibly true from a theoretical point of view back in March when discovered, the majority of those will have incorporated the patches, either through routine updates or updates pushed (legitimately) from mobile networks."

    Do the numbers show that "the majority" of phones *get* updates?? Lots are out of the support range of the manufacturer or carrier.

    7 0 Reply

    1. This post has been deleted by its author

    2. This post has been deleted by its author

  3. Anonymous Coward
    Anonymous Coward

    Slight mix up

    You’ve confused SIM OTA that Gemalto describe with terminal OTA settings updates.

    I believe checkpoint are referring to terminal OTA settings updates.

    The SIM OTA updates were previously breached by Karsten Nohl:

    https://www.theregister.co.uk/2013/09/23/white_hat_sim_hacker_disillusioned_and_dismayed_by_operator_response/

    3 0 Reply
    1. Dan 55 Silver badge
      Reply Icon

      Re: Slight mix up

      I think Checkpoint is referring to Android updates which catch and ignore the fake SIM updates when received.

      I guess all it would require is a message app update which would be easy to do through the Play Store or Samsung's Store.

      0 0 Reply
    2. Aidan242
      Reply Icon

      Re: Slight mix up

      Agreed, this is the terminal settings. The OTA CP provisioning documents claim this about the SEC parameter: "The parameter specifies the security mechanism used (if it is not present, no security is used). " [1]

      This seems that CheckPoint is calling out manufacturers for following the specification, rather than highlighting the fact that the specification is faulty. This leaves you wondering if any handsets deviate from the specification in this area...

      [1] http://www.openmobilealliance.org/release/ClientProv/V1_1-20090728-A/OMA-WAP-TS-ProvCont-V1_1-20090728-A.pdf

      0 0 Reply
  4. Anonymous Coward
    Anonymous Coward

    Patches, we don't need no stinkin patches

    so says my vendor - when was the last time you got a security patch?

    4 0 Reply
    1. Richard 12 Silver badge
      Reply Icon

      Re: Patches, we don't need no stinkin patches

      About a week ago, I think?

      3 0 Reply
    2. mark l 2 Silver badge
      Reply Icon

      Re: Patches, we don't need no stinkin patches

      My Nokia 5.1 updated this morning

      Now if only Nokia would fix their annoying battery management tech which decides to kill off any apps in the background to save battery life, but is not configurable so your messaging apps get killed off and you dont receive notifications unless you have them opened all the time.

      1 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: Patches, we don't need no stinkin patches

        Do you have a source for this info - that it is the battery management tech which is at fault? I would love to track the issue and be notified when it is fixed.

        0 0 Reply
    3. Michael Wojcik Silver badge
      Reply Icon

      Re: Patches, we don't need no stinkin patches

      Indeed. While my current phone - a refurbished Samsung Galaxy S6 - has on occasion received updates, most of the ones I've had in the past never did. That includes various new and refurbished models from Samsung, Sony, Asus, and LG. I don't buy from the carrier, and I use an MVNO; that sort of arrangement apparently orphans most models.

      Google botched the Android update process by leaving it to manufacturers to package updates, and carriers to make them available. That's the long and short of it.

      0 0 Reply
  5. soni singh

    Blindly accepted??? , mostly people do same ....

    Is't this hilarious ???Well there are many people who are using phones but are not aware like this news, or some messages, they simply allow all the notifications and other updates. Its necessary to aware people .

    0 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Blindly accepted??? , mostly people do same ....

      Looks like the warning came too late for Soni Singh :'-(

      0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like