Pwnd Android conference phone exposes risk of spies in the boardroom • The Register Forums

Wednesday 15th February 2017 15:05 GMT wolfetone

Taken from El Reg's article Google claims ‘massive’ Stagefright Android bug had 'sod all effect':

"Despite shrill wailings by computer security experts over vulnerabilities in Android, Google claims very, very few of people have ever suffered at the hands of its bugs."

Might want to rethink that line of propaganda Google.

4 3 Reply

Wednesday 15th February 2017 15:13 GMT Dan 55

Their security advisory is a joke

They say that ADB and DHCP should be disabled, a strong admin password should be used, and no physical access to the phone should be allowed.

How are you supposed to use it without physical access?

Anything to avoid updating it to Android 6 or 7.

7 0 Reply

Wednesday 15th February 2017 15:17 GMT Steve Evans

Android 2.3?

Good grief... Whatever next, cash machines running windows 3.1.1...

8 0 Reply

Wednesday 15th February 2017 15:39 GMT Charles 9

Re: Android 2.3?

I believe many ATMs still run OS/2 v3.

7 0 Reply
1. Wednesday 15th February 2017 16:18 GMT Anonymous Coward
  
  Re: Android 2.3?
  
  The ones of that age I worked on all used X.25 rather than TCP/IP to talk to the bank host.
  
  Far less vunerable to the hackers IMHO.
  
  4 1 Reply
  1. Wednesday 15th February 2017 18:18 GMT Anonymous Coward
    
    Re: Android 2.3?
    
    The way ATMs are attacked these days, the protocol is irrelevant as they're not trying to hack back to the host but to attack the users to glean account numbers and PINs.
    
    1 0 Reply
    1. Wednesday 15th February 2017 19:36 GMT allthecoolshortnamesweretaken
      
      Re: ATMs
      
      "The way ATMs are attacked these days, the protocol is irrelevant as they're not trying to hack back to the host but to attack the users to glean account numbers and PINs."
      
      Around here, they usually just blow them up.
      
      All you need is duct tape, propane or butane and a lighter.
      
      1 0 Reply
      1. Friday 17th February 2017 12:50 GMT Charles 9
        
        Re: ATMs
        
        Around here, they just steal a truck and haul the machines WHOLE to the hideouts. In which case the thieves are after the cash, not the credentials, which involve a whole other set of thieves.
        
        0 0 Reply
Wednesday 15th February 2017 20:08 GMT Crazy Operations Guy

Re: Android 2.3?

Funny enough, Windows 3.11 (and DOS 6.2.2) is still supported by Microsoft (if you have an agreement with them)... It was very popular for applications where you needed just a basic UI. I've seen it in automation systems, factory control units, point-of-sale terminals, ATMs, military weapons systems, and even Vehicle Control systems (Such as trains, aircraft, and passenger/cargo ships).

It was the perfect combination of features, customization, and size. I have an old system sitting on my desk with a customized version of Windows 3.11 burned into a bank of a PROM chips (16x 16 Mbit chips), 32 MB of Static RAM, a 10-BaseT network card, a 28.8k modem, 8 RS-232 compliant serial ports, a floppy disk controller with two drives, and a massive proprietary card (Three slots wide, and full length, has a couple of odd connectors on the back, no markings other than a hand-written serial number)

2 0 Reply
1. This post has been deleted by its author