Forgot your password?
typodupeerror
Cellphones Communications Security

New Attack Can Disable Phones Via SMS 62

Posted by timothy
from the actually-don't-txt-me-lol dept.
Trailrunner7 writes "A pair of security researchers from Germany demonstrated several techniques at the CanSecWest conference here Wednesday that enable them to remotely reboot, shut down or even completely disable many popular mobile phones with SMS messages. The technique that Nico Golde and Collin Mulliner discussed relies on setting up a GSM network and sending specially crafted SMS messages to handsets. The pair showed a video demonstration of phones from a wide range of manufacturers, including LG, Sony Ericsson, Nokia and others rebooting, freezing and generally acting flaky after receiving the crafted SMS messages they sent."
This discussion has been archived. No new comments can be posted.

New Attack Can Disable Phones Via SMS

Comments Filter:
  • by mxs (42717) on Thursday March 10, 2011 @05:30PM (#35447518)

    The presentation from the 27th Chaos Communication Congress in Berlin last December (http://events.ccc.de/congress/2010/Fahrplan/events/4060.en.html) is available at http://www.youtube.com/watch?v=8bkg3AjY6fs [youtube.com] or http://mirror.fem-net.de/CCC/27C3/mp4-h264-HQ/27c3-4060-en-attacking_mobile_phones.mp4 [fem-net.de] .

  • Re:Next up twitter? (Score:2, Informative)

    by Anonymous Coward on Thursday March 10, 2011 @08:08PM (#35448844)

    I don't think you realize exactly what SMS is.

    SMS was originally a control channel designed for sending configuration and command messages. Then someone noticed it could be used to little text messages "out of band", and shortly after people started using it for mostly that.

    The SMS spec defines all sorts of things you wouldn't believe. You can send binary messages that configure all sorts of things on the handset, or pop up messages on the phone, or even get delivered to applications that are running on the phone or sim card. The sim card is actually a small computer, it has storage, ram, and a processor, some sim cards even run a java variant VM (JavaCard), and they can communicate with the handset using AT commands (how cool is that) and the network with SMS.

    There is a complete port-based delivery system, a hugely complicated encoding mechanism, a complete spec for how to encode xml into compact binary form (wbxml), and dozens if not hundreds of different specs for various messages that can be sent. Want to configure the access points on a phone? yep it can. Want to configure the home page of the browser? yes, download a ringtone? yep, send a picture? of course.

    Now consider the number of handset manufactures, the number of different handsets, with different firmware, and the varying range of support for all these things. It's absolutely no surprise you can crash a phone with a well (or badly) crafted message.

  • by Linker3000 (626634) on Thursday March 10, 2011 @08:47PM (#35449068) Journal
    The Iphone 4 has a special 'safe-mode grip' the user can do with their hand that blocks these dangerous messages. It's a 'feature'.

I wish you humans would leave me alone.

Working...