Skip to Content

New to the Mac? Check out TUAW's Mac 101
AOL Tech

exploit posts

Nokia issues SMS Cleaner to cure 'Curse of Silence' bug

by Darren Murph posted Jan 29th 2009 @ 8:08PM


If your Nokia S60 handset has been stricken by the oh-so-cold 'Curse of Silence,' you'll probably want to pay attention here. Nokia has just loosed the SMS Cleaner on the world, not even a full month after the aforementioned exploit arrived on the scene. The handset maker claims that the application can "clean a Nokia S60 3rd Edition (Initial or Feature Pack 1) based device, which may have received a so called 'Curse of Silence' SMS message, and thereby restricted from receiving any new SMS messages." Installation looks to be pretty straightforward, and the file itself weighs in at a shockingly light 42KB. The read link's where it's all at, so head on down and get your sure-to-be-brief download on.

[Via IntoMobile]

'Curse of Silence' exploit squelches inbound SMS/MMS to Nokia S60 devices

by Ross Miller posted Dec 31st 2008 @ 10:37AM

Here's an odd one for you. Tobias Engel of the Chaos Communication Congress has discovered a rather nasty exploit that'll cause any Nokia S60 devices running versions 2.6, 2.8, 3.0 or 3.1 to stop receiving SMS and MMS messages. The "Curse of Silence," which has been independently verified by F-Secure, is triggered by sending an SMS that begins with an email address that's at least 32 characters long. The attacker must also change the protocol identifier to internet electronic mail before sending. Devices with versions 2.8 and 3.1 lock up after 11 such messages and still have some limited receiving capabilities, while 2.6 and 3.0 devices will go completely mum after just one attack. In both cases a factory reset is required to fix it, and he says there is no other known workaround for the user. We don't imagine this being a pervasive issue, but if you've got any tech-savvy enemies or malevolent pranksters in your life, you've been warned. Video demonstration is after the break, or hit up the read link to see if your device is among those listed at risk.

[Via Hack a Day]

Read - Vulnerability Advisory
Read - F-Secure Verification

Continue reading 'Curse of Silence' exploit squelches inbound SMS/MMS to Nokia S60 devices

Refurbished iPhones are an excellent source of previous users' data

by Nilay Patel posted May 20th 2008 @ 3:59PM


It looks like you might have to think twice before flipping that old iPhone on eBay when the 3G version finally hits -- it appears that restoring the phone doesn't actually erase the contents of the flash, meaning that your data is available to anyone with the proper tools until it's overwritten. Making matters worse, it appears that Apple doesn't do a low-level format when refurbishing iPhones either -- an Oregon State Police detective was able to use forensic software to pull files, emails, and screenshots off an out-of-the-box refurbished iPhone. This actually shouldn't be surprising to anyone -- we've seen several utilities that access "deleted" portions of storage -- but since Apple doesn't provide users direct access to the iPhone's filesystem, it's basically impossible to clear your personal data off the device short of restoring and filling the disk with junk data. Hopefully iPhone 2.0's Exchange-based "remote wipe" feature is a bit more secure, eh?

[Via TUAW]

iPhone / iPod touch v1.1.1 jailbreak code posted

by Evan Blass posted Oct 21st 2007 @ 1:18PM Breaking News


Well if you like looking through line after line of incomprehensible programming gibberish, make sure to hit up the Read link below, in which the TIFF exploit-based firmware v1.1.1 jailbreak code from team Toc2rta is posted in its entirety. More of an academic exercise for curious geeks than a useful bit of knowledge for the average iPod owner, we're sure there's still some interest out there in seeing exactly how this hack was developed. And as usual, if you do decide to go about 'breaking your device as previously described on these pages, we're, like, totally not responsible for any undesired consequences.

Safari exploit gives hackers full control over iPhones and possibly PCs and Macs

by Thomas Ricker posted Jul 23rd 2007 @ 3:05AM Breaking News

Oops, researchers just unveiled a pretty serious security vulnerability in the iPhone. More specifically, it's Apple's Safari web browser which exhibits the vulnerability. Researchers at Independent Security Evaluators have used the vulnerability to take malicious control of the iPhone from rogue websites loaded with the exploit. Once in, researchers have full administrative access over the phone allowing them to listen in on room audio or snatch the SMS log, address book, call history, email passwords and more -- we're talking full access to your phone. Researchers note that the only way to stay safe is to check those URLs and only visit sites that you trust (which isn't very reassuring) and "may or may not be exploitable" from Mac and PC versions of Safari -- the same vulnerability exists only they haven't written the proof-of-concept exploit to test it yet. Apple has been notified of the vulnerability and a proposed fix with full public disclosure coming at the BlackHat conference on August 2nd. You listening InfoSec Sellout? That's how you report a bug. Check the exploit in video form after the break.

[Via MacRumors]

Continue reading Safari exploit gives hackers full control over iPhones and possibly PCs and Macs

MMS exploit targets Windows Mobile 2003

by Chris Ziegler posted Jan 2nd 2007 @ 3:27PM

What's scarier than a text message luring you into getting your PC all hosed up with virii? An MMS message that somehow manages to do the infection honors all by its lonesome, that's what. Details are now emerging on what appears to be the world's first proof of concept for an MMS virus, exploiting a weakness in the way Windows Mobile 2003 handles SMIL (Synchronized Mutlimedia Integration Language) to cause a buffer overflow -- which in turn leads to the dreaded "arbitrary code execution." The fella responsible for the exploit apparently gave Microsoft the heads-up a solid six months ago; when he never heard back, he went public with it in a big way at Berlin's Chaos Communication Congress. The good news (if you can call it that) is that it's only been tested on the i-mate PDA2K and HP iPaq h6315, both of which are approaching the tail ends of their useful shelf lives. No word on whether the vulnerability applies (or can be easily adapted to) Windows Mobile 2005, but somehow, "we hope not" simply doesn't properly express our sentiments.

[Via El Reg]

MMS spam: a battery-killing attack?

by Chris Ziegler posted Aug 31st 2006 @ 5:49AM

Modern smartphones struggle to eke out a day or two of moderate use as it is without malicious folk tapping into your battery; sadly, researchers at UC Davis have apparently managed to do exactly that, exploiting fundamental flaws in the way most phones handle the MMS protocol to drain juice. It seems the trouble stems from "junk data" sent via MMS, which causes the phone to wake from standby, realize the data doesn't constitute a valid message, and discard it, all without any notification to the user. Rapidly repeat the process, and, well, you can see where this leads. All the attacker needs is the target phone's number, and before you know it, your battery's history (the researchers were able to do the deed at about 20 times the normal drain rate, to be exact). Their work wasn't all gloom and doom, though -- another MMS exploit allowed the wily grad students to fire off messages free of charge. Of course, with a dead battery, you won't be firing off much of anything.

[Via textually.org]




    AOL News

    Joystiq

    Download Squad

    TUAW

    Daily Finance

    Urlesque

    Autoblog