back to article Nokia admits major Series 40 security problems

Nokia has admitted that the security flaws exposed by Adam Gowdiak of Security Explorations are genuine, and that a miscreant exploiting them could do whatever they like to a Series 40 phone just by knowing the phone number. Gowdiak posted some details earlier this month, with claims that by exploiting the flaws he could …

COMMENTS

This topic is closed for new posts.
  1. Gordon Ross Silver badge
    Dead Vulture

    Humble Pie...

    "but it seems our cynicism was misplaced"

    How does humble pie taste ?

    (At least you've got the balls to admit you were wrong)

  2. Uwe Dippel
    Paris Hilton

    Proposal

    Nuclear war, maybe?

    Paris, because she wouldn't know the answer either

  3. Anonymous Coward
    Flame

    Nokee-ah: burn in hell !!

    Oh really? Admits problems? How noble of them!

    Perhaps another researcher can discover the "n80 series problem" (faulty cables) with the N80 phones where after 10 - 20 months your fucking n80 starts dying. Some problem with the "flex cable" inside it. Go google it.

    I don't know, I feel like this phone in particular was a Beta testing phone.

    I called Nokia Care or whatever it is marketing calls them, "We're sorry, our repair shop in your country was closed some months ago, go fuck yourself"

    These companies only admit their flaws when publicly exposed and embarrased.

    My next phone will be Samsung or LG, I hate thee Nokee-ah, burn in hell!!!

  4. Andy Watt
    Alert

    Nokia, nokia. Foot shot, toes bleed.

    - Nokia has been a week or two getting back to us, but this morning admitted that they have "been investigating the allegations made, using our normal processes and comprehensive testing... We can confirm that both claims are valid in some of our products."

    Comprehensive testing? I think we can all see the flaw in this argument.

    Incidentally, I did a little hunting for the fella who found the flaw on the web. Once I saw his previous in this area, I was convinced he wouldn't lie about it. Why were the staffers so cynical? Did you _really_ think Nokia would have found this in testing? Come on.

    Registered interest alert: I was a mobile phone software test engineer (including Java virtual machines) for 7 years... NOT FOR NOKIA, I might add.

  5. EmperorFromage
    Pirate

    Guessing the vector

    Adam has excluded WAP push as the vector. MMS is then the next likely suspect. This begs the question if a virus / worm could use the vector as a replicator. The network meltdown caused by 100M+ infected client devices would be one of biblical proportions.

  6. Rob

    Plus side

    If anyone with the know-how can insert an app on to your phone and run it without you knowing, then the same could also be done by Nokia installing a security fix.

    Welcome to the most interesting security race of the year :)

  7. dervheid
    Black Helicopters

    6 Comments?

    there's NO WAY that you've only had 6 comments on this story.

    I know this to be a fact, as I posted to this yesterday, and so far...

    Now, this has to be one of the biggest potential mobile security issues in a very long time!

    100 million affected handsets. 6 comments?

    Icon!

  8. Mike Skinner
    Coat

    @Andy Watts

    As always, valid points and well made.

    Registered interest alert: But Nokia are still in business (just?)

This topic is closed for new posts.

Other stories you might like