Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security The Almighty Buck Wireless Networking

Researcher Wows Black Hat With NFC-based Smartphone Hacking Demo 95

Posted by samzenpus from the unsafe-at-any-speed dept.
alphadogg writes "At the Black Hat Conference in Las Vegas Wednesday, Accuvant Labs researcher Charlie Miller showed how he figured out a way to break into both the Google/Samsung Nexus S and Nokia N9 by means of the Near Field Communication (NFC) capability in the smartphones. NFC is still new but it's starting to become adopted for use in smartphone-based purchasing in particular. The experimentation that Miller did, which he demonstrated at the event, showed it's possible to set up NFC-based radio communication to share content with the smartphones to play tricks, such as writing an exploit to crash phones and even in certain circumstances read files on the phone and more."
This discussion has been archived. No new comments can be posted.

Researcher Wows Black Hat With NFC-based Smartphone Hacking Demo More

Researcher Wows Black Hat With NFC-based Smartphone Hacking Demo

Comments Filter:

  • Re:Hmm (Score:5, Informative)

    by Emetophobe ( 878584 ) on Thursday July 26, 2012 @07:17PM (#40785071)

    You can disable NFC in the android settings.

    System Settings -> More... -> NFC (uncheck it).

  • Re:Hmm (Score:4, Informative)

    by SpzToid ( 869795 ) on Thursday July 26, 2012 @07:36PM (#40785253)

    The Nokia N9 is mentioned, and the NFC settings required for this exploit are turned off by default. I first read this detail on arstechnica.com and then double-checked on my own device; it is true.

  • My quick tests with NFC (Score:4, Informative)

    by witherstaff ( 713820 ) on Thursday July 26, 2012 @08:18PM (#40785659) Homepage

    I've played with distances using a few different smart cards, a USB NFC reader, and a nexus S. I couldn't get a smartcard to read through the front of the phone or the side. I could get a USB NFC reader to detect if smartphone was placed face down. From the back it is about 3 inches with a USB reader, 1-2 inches with a smartcard.

    NFC is also a battery hog. I don't see having it running all the time.

  • Re:Fact? Who needs em. (Score:5, Informative)

    by iluvcapra ( 782887 ) on Thursday July 26, 2012 @08:22PM (#40785703)

    Here are some videos [forbes.com]. He represents the phones as unmodified, though running an old version.

    The distance isn't so much of an issue because he was able to use an NFC tag, not a transmitter, not an active device of any kind, but a mere tag to cause the phone to switch on its bluetooth radio and give him a sudoer's command line over the BT radio. An attacker could hide an NFC tag in a table or at waist level in a public place, or in a tag that's disguised to be legitimate, where people are liable to stand for more than 10 seconds: the tag cracks the phone open, and then someone with a laptop within BT distance conducts a brief session to grab what they can, or install a rootkit.

  • Re:Hmm (Score:5, Informative)

    by SomePgmr ( 2021234 ) on Thursday July 26, 2012 @08:33PM (#40785785) Homepage

    Well, that's an important bit of info I didn't see in the article.

    And I suppose it's worth reminding everyone that this is NFC. Your phone would have to be in near-contact with the exploiting hardware. Not impossible I suppose, given that skimming happens with traditional payment cards.

    I didn't understand the two word description of the problem with Android, so I looked up that Ars article you mentioned...

    The Nexus Sâ"when running the Gingerbread (2.3), by far the most dominant Android installationâ"contains multiple memory-corruption bugs. They allow Millerâ"using nothing more than a specially designed tagâ"to take control of the application "daemon" that controls NFC functions. With additional work, he said the tag could be modified to execute malicious code on the device. Some, but possibly not all of those bugs were fixed in the Ice Cream Sandwich (4.0) version of Android, so the attacks may also work against that release and Jelly Bean (4.1) as well.

    Ah. So upgrade your phone.

    http://arstechnica.com/security/2012/07/android-nokia-smartphone-hack/ [arstechnica.com]

  • Re:Fact? Who needs em. (Score:4, Informative)

    by wierd_w ( 1375923 ) on Thursday July 26, 2012 @09:50PM (#40786309)

    The near field is within the first 1.5 wavelengths of the frequency used. It has certain special properties related to it having a higher (proportionally) density of virtual photons entangled with the source antenna than does the far field.

    (A connection on the near field will actively change the resistance and resonance characteristics of the signalling antenna, where a far field connection will not.)

    Giving a set distance is moot. Saying it is near field is accurate, and sufficient. The distance in which NFC is possible is inseperable from the chosen comm frequency. A very short wavelength frequency will have a very tiny near field. A long wavelength frequency will have a very large near field.

    Cellular devices in the ghz band will have only a few millimeters around the antenna as the NFC reception range.

    The deal that I would consider to be the threat, is that you can't have a near field without a far field. The far field will also have broadcasted data encoded into it, and will travel much further. It could well be intercepted.

  • Re:Hmm (Score:4, Informative)

    by sjames ( 1099 ) on Friday July 27, 2012 @05:17AM (#40788313) Homepage Journal

    Have a look here [tombom.co.uk](PDF doc).

    I know it has been demonstrated at 217 feet (well short of a kilometer but well more than the industry claimed) with a U.S. passport, but the paper above indicates 2 miles is theoretically possible.

Slashdot Top Deals

Ya'll hear about the geometer who went to the beach to catch some rays and became a tangent ?

Close