Android Hacked Via NFC On the Samsung Galaxy S 3 198
An anonymous reader writes with an item from The Next Web: "Security researchers participating in the Mobile Pwn2Own contest at the EuSecWest Conference in Amsterdam [Wednesday] demonstrated how to hack Android through a Near Field Communication (NFC) vulnerability. The 0day exploit was developed by four MWR Labs employees (two in South Africa and two in the UK) for a Samsung Galaxy S 3 phone running Android 4.0.4 (Ice Cream Sandwich). Two separate security holes were leveraged to completely take over the device, and download all the data from it."
Re:Is it really such a big deal? (Score:4, Interesting)
The Hacks just prove that there is a rush to implement new technology without considering the security implications of the tech.
This is just history repeating itself. Every company wants to be the first to announce this brand new, 'cool' feature, but none will wait for the 'geeks' to test it for security issues.
Re:Not exactly practical (Score:4, Interesting)
They don't need to. Just upload a little executable that sends everything over wifi/3G to them, and listens to new commands over those interfaces as well.
Re:And... iOS6 (Score:2, Interesting)
Worse? People visit a dozen websites everyday, but how often do they bump phones with somebody else?
More than that, to prevent NFC hack you just have to flip it off, but to prevent hack via rogue ad iframe... well, if it was Android, you could just block the ads, for example, even with hosts file, or use a different browser, but on iOS you're SoL.
Good thing for Apple this is before iOS6 release, not right after.