This is just so theoretical... for starters they cannot really hijack an APN without a lot of work, APN name is resolved by closed-off pseudo-DNS system under operator's control. Often phone's traffic simply cannot get out to the Interned without the help of an operator's proxy, that is what the proxy is there for. All this attack will achieve is to disable the phone's data connection, unless the operator has put in specific measures to make the exploit work :)
Bank accounts? SSL anyone? The phones are much more picky about fake certificates than any Windows box, so even if an attacker manages to pull all of the above, they need to pull off a MITM with a phone screaming "bad cert". Finally, they say "Proper filtering of OMA Provisioning messages would entirely block the attack" - I believe this is a simple filter on SMSC, same as with the last December's Nokia "email message" bug that turned out to be a non-event, partly because it was so easy to filter out. V. On 4/06/09 8:00 PM, "Juha-Matti Laurio" <[email protected]> wrote: > "Accessing your bank account using your mobile phone might seem safe, > but security experts say would-be hackers can access confidential information > via a simple text message > seemingly from your service provider. > People in the industry aware of the risk see it as extremely small, > as only a few people use handsets to access their bank accounts, but it is > growing as mobile Internet usage rises. > In April, the flaw -- which enables criminals to access a cellphone data > connection, steal data or install or remove programmes -- > gained wider attention at the BlackHat Europe security conference. > "The hacker does not have to be especially skilled to do this," said Jukka > Tuomi, > chief technology officer at Finnish software firm ErAce Security Solutions. > ErAce said that in some phones using Microsoft's Windows software, users > cannot block the attack, > while Symbian phone users can block malicious messages." > --clip-- > > More at > http://www.guardian.co.uk/business/feedarticle/8535233 > > Juha-Matti > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
