Are dumb phones sufficiently secure? Say something monochrome from the 90's? Heard rumors operators can update the firmware on a lot of models, not sure how true is this.
On Tue, Jul 22, 2014 at 12:48:35PM -0700, coderman wrote: > On Tue, Jul 22, 2014 at 5:21 AM, Georgi Guninski <[email protected]> > wrote: > > Alleged IOS backdoors > > > > http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms.pdf > > > > Identifying Back Doors, Attack > > Points, and Surveillance > > Mechanisms in iOS Devices > > note that Google is no better. back in 2011 i reported the abuse of > Google Voice Search as easily accessible (no permissions required) and > excellent for eavesdropping (always on should not be possible). > > the more things change, the more they stay the same ;) > > best regards, > > > --- > > '... nearly all Android devices equipped with Google Services > Framework can be affected by GVS-Attack' > > > http://arxiv.org/abs/1407.4923 > """ > Previous research about sensor based attacks on Android platform > focused mainly on accessing or controlling over sensitive device > components, such as camera, microphone and GPS. These approaches get > data from sensors directly and need corresponding sensor invoking > permissions. > > This paper presents a novel approach (GVS-Attack) to launch permission > bypassing attacks from a zero permission Android application > (VoicEmployer) through the speaker. The idea of GVS-Attack utilizes an > Android system built-in voice assistant module -- Google Voice Search. > Through Android Intent mechanism, VoicEmployer triggers Google Voice > Search to the foreground, and then plays prepared audio files (like > "call number 1234 5678") in the background. Google Voice Search can > recognize this voice command and execute corresponding operations. > With ingenious designs, our GVS-Attack can forge SMS/Email, access > privacy information, transmit sensitive data and achieve remote > control without any permission. > > Also we found a vulnerability of status checking in Google Search app, > which can be utilized by GVS-Attack to dial arbitrary numbers even > when the phone is securely locked with password. A prototype of > VoicEmployer has been implemented to demonstrate the feasibility of > GVS-Attack in real world. In theory, nearly all Android devices > equipped with Google Services Framework can be affected by GVS-Attack. > This study may inspire application developers and researchers rethink > that zero permission doesn't mean safety and the speaker can be > treated as a new attack surface. > """
