Smartphones: Radio Firmware Vulnerability Allows Attackers to Take Control of iPhone or Android Devices
January 19th, 2011Via: InfoWorld:
More than three years after the iPhone was first hacked, computer security experts think they’ve found a whole new way to break into mobile phones — one that could become a big headache for Apple, or for smartphone makers using Google’s Android software.
In a presentation set for next week’s Black Hat conference in Washington D.C., University of Luxembourg research associate Ralf-Philipp Weinmann says he plans to demonstrate his new technique on an iPhone and an Android device, showing how they could be converted into clandestine spying systems. “I will demo how to use the auto-answer feature present in most phones to turn the telephone into a remote listening device,” he said in an e-mail interview.
Weinmann says he can do this by breaking the phone’s “baseband” processor, used to send and receive radio signals as the device communicates on its cellular network. He has found bugs in the way the firmware used in chips sold by Qualcomm and Infineon Technologies processes radio signals on the GSM (Global System for Mobile Communications) networks used by the majority of the world’s wireless carriers.