Feeds

How to slay a cellphone with a single text

SMS of Death explained

Protecting against web application threats using SSL

Feature phone fuzzer

There's virtually no software for performing vulnerability analysis on feature phones, so the researchers created a crude fuzzer of sorts for monitoring the effect various SMS messages had on each handset model. They ordered dozens of used phones on eBay and connected them to their own 2G network that cost them about €3,000. To avoid running afoul of any laws, they isolated the network inside a faraday cage.

The researchers then subjected the phones to no fewer than 120,000 different variations of SMS messages and logged each response, which usually was limited to an acknowledgment, an error message or no response at all.

“If it doesn't arrive, we knew that something really went wrong, because there should be either an acknowledgment or an error.” Golde said.

They quickly built up a war chest of SMS texts that caused problems and did further analysis to isolate the ones that caused the handsets to crash.

Many of the SMS death messages contain special binary characters, while others have header information that is longer than specifications allow. In still other cases, the malicious messages had faulty information indicating they had been broken up into 10 pieces when in fact there were only seven, five, or some different number of pieces.

The worst of the malicious texts had the effect of creating disruptions that were hard or impossible to recover from. In some cases, the only way to break out of a repeated crash cycle was to remove the phone's SIM card and put it in a handset that wasn't vulnerable to the attack. In the most extreme cases, the attacked phones could no longer be reflashed and had to be put out to pasture.

None of the smartphones the researchers tested were susceptible to the messages. It turns out the common weakness among the less advanced phones was their simplicity.

“Feature phones normally run on just one chip, which runs all the radio communications and the built-in applications,” Mulliner explained. “So if we get just one small part of the phone to misbehave or crash or do something strange, probably the whole phone is going to be crashing, rebooting or doing weird things. Just by finding small bugs, you probably have a large impact.” ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.