RSS



Go Back   bit-tech.net Forums > bit-tech.net > Article Discussion
Reload this Page News Symbian DoS attack revealed
Register FAQ / Rules Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
Old 5th Jan 2009, 14:17   #1
CardJoe
Player Character
bit-tech Staff
 
CardJoe's Avatar
 
Join Date: Apr 2007
Posts: 7,940
CardJoe is a splendid one to beholdCardJoe is a splendid one to beholdCardJoe is a splendid one to beholdCardJoe is a splendid one to beholdCardJoe is a splendid one to beholdCardJoe is a splendid one to beholdCardJoe is a splendid one to beholdCardJoe is a splendid one to behold
Symbian DoS attack revealed
http://www.bit-tech.net/news/2009/01...ack-revealed/1

A security researcher has unveiled a simple attack that leaves Symbian S60 smartphone handsets unable to receive SMS or MMS messages until factory reset

__________________
CardJoe is offline   Reply With Quote
Old 5th Jan 2009, 15:36   #2
n3mo
Multimodder
 
Join Date: Oct 2007
Posts: 184
n3mo is on a distinguished road
First things first - 3rd FP2 are vulnerable too, it just takes 11 of those messages to "silence" them.

And the second - as much as I support free access to information, I think that publishing such info is not so good. The main problem is that this vulnerability is extremely easy to exploit, such message can be easily sent from any Nokia phone (probably other manufacturers too), without any modification or even deeper knowledge. Two minutes after publishing it, every kid in the world will be sending those like mad. And despite what Nokia says, none of the operators in Europe implemented any filter as for now.

And the only known remedy is formatting phone memory (a.k.a. factory reset)
n3mo is offline   Reply With Quote
Old 5th Jan 2009, 15:56   #3
wuyanxu
quad fuelled, GTX200 powered
 
wuyanxu's Avatar
 
Join Date: Aug 2007
Location: in a room near Soton Uni. UK
Posts: 3,938
wuyanxu has a spectacular aura aboutwuyanxu has a spectacular aura aboutwuyanxu has a spectacular aura about
ok, tell me what message to type in my iPhone and i'll send it all my friends
__________________
Death to consolification !!!
Core i7 860 @ 4Ghz Cooled by Corsair H50 // Asus P7P55D Deluxe // 8GB of Corsair Dominators @ 1528Mhz 8-8-8-24 //
BFG gtx260+ OC2 MaxCore 216SP 896MB // Samsung 64GB SSD // WD Raptor 74GB + Black 1TB + Green 1TB // Corsair Hx620w // Antec p182 // Samsung 24" T240
wuyanxu is offline   Reply With Quote
Old 5th Jan 2009, 19:09   #4
raGe82
Minimodder
 
Join Date: Feb 2007
Location: Bydgoszcz, Poland
Posts: 26
raGe82 is on a distinguished road
Quote:
Originally Posted by n3mo
And the second - as much as I support free access to information, I think that publishing such info is not so good. The main problem is that this vulnerability is extremely easy to exploit, such message can be easily sent from any Nokia phone (probably other manufacturers too), without any modification or even deeper knowledge. Two minutes after publishing it, every kid in the world will be sending those like mad. And despite what Nokia says, none of the operators in Europe implemented any filter as for now.
Ok, so you say, that BT shouldn't publish such information. But I see that beside this you already do the same thing - no operator in Europe uses such filter as for now. Right...
raGe82 is offline   Reply With Quote
Old 5th Jan 2009, 19:16   #5
bahgger
Supermodder
 
Join Date: Apr 2005
Posts: 584
bahgger is on a distinguished road
Quote:
Originally Posted by wuyanxu
ok, tell me what message to type in my iPhone and i'll send it all my friends
I'm not too sure of the iPhone phrase, but you should type reboot on your G1 to get te message to your friends for epic lulz!
bahgger is offline   Reply With Quote
Old 5th Jan 2009, 20:17   #6
widmod
Stopp the Relix guy
 
widmod's Avatar
 
Join Date: Oct 2006
Location: AUSTRIA
Posts: 382
widmod is on a distinguished road
I'm just glad my N95 is uanaffected by this attack
__________________
Gaffa-Tape is a very simple modding device
<sings>I'm from AUSTRIA</sings>and NO we have no kangaroos
Microsoft NEVER stopped the beta phase of any of its operating systems
i will not apologize for my language skills
widmod is offline   Reply With Quote
Old 5th Jan 2009, 22:00   #7
wuyanxu
quad fuelled, GTX200 powered
 
wuyanxu's Avatar
 
Join Date: Aug 2007
Location: in a room near Soton Uni. UK
Posts: 3,938
wuyanxu has a spectacular aura aboutwuyanxu has a spectacular aura aboutwuyanxu has a spectacular aura about
Quote:
Originally Posted by bahgger View Post
I'm not too sure of the iPhone phrase, but you should type reboot on your G1 to get te message to your friends for epic lulz!
nice try, we all know that little trick with the Android platform.
__________________
Death to consolification !!!
Core i7 860 @ 4Ghz Cooled by Corsair H50 // Asus P7P55D Deluxe // 8GB of Corsair Dominators @ 1528Mhz 8-8-8-24 //
BFG gtx260+ OC2 MaxCore 216SP 896MB // Samsung 64GB SSD // WD Raptor 74GB + Black 1TB + Green 1TB // Corsair Hx620w // Antec p182 // Samsung 24" T240
wuyanxu is offline   Reply With Quote
Old 6th Jan 2009, 03:09   #8
Vigilante
What's a Dremel?
 
Join Date: May 2008
Posts: 11
Vigilante is on a distinguished road
I work for Vodafone UK and any S60 handset owners on our network don't need to worry about this. We recieved advanced notification of this issue from Nokia and Symbian 3 weeks ago, and the network level filtering was implemented on the 28th.

Not that I'm suggesting anyone should get complacent with updating their phone software, that should still be done as soon as there is an update to address this issue. But at least you don't have to worry in the meantime.

Quote:
Originally Posted by n3mo View Post
And despite what Nokia says, none of the operators in Europe implemented any filter as for now.
As to the above poster, just because networks haven't told anyone they have implemented this filter yet, does not mean they haven't. Case in point, Vodafone UK.
Vigilante is offline   Reply With Quote
Old 6th Jan 2009, 17:17   #9
n3mo
Multimodder
 
Join Date: Oct 2007
Posts: 184
n3mo is on a distinguished road
Quote:
Originally Posted by Vigilante
As to the above poster, just because networks haven't told anyone they have implemented this filter yet, does not mean they haven't. Case in point, Vodafone UK.
I happen to own my old, but still active british Orange sim, and the exploit still works. O2 also (didn't confirm myself, but my friend says that it worked yesterday).
Bear in mind that UK is just a small country in a big Europe.

Quote:
Originally Posted by widmod
I'm just glad my N95 is uanaffected by this attack
It is, it just takes 11 of those messages to silence it.


@raGe82
BT should by all means publish such info. But first give Nokia some time to ready updates and operators to ready filters. We all know that such information is gold for stupid kids (or stupid adults for that matter), and it's not just a case of resetting your phone - if you make a backup of phone memory than after formatting and using backup your phone is still silenced. Only option is to format without using backup, which of course leads to losing lots of important data. Well, you can still recover it, but most people wouldn't know how.
And once the information about the possibility of silencing a s60 phone is known, it's just a case of a minute with Google to find any info you would want about it - complete with a list of all European operators filtering it (currently 1, plus Vodafone UK from what Vigilante says).
n3mo is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 20:50.
Powered by: vBulletin Version 3
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.

Contact Us - bit-tech.net - Top