Crashing A Nokia Phone Via SMS

Atryn writes "An article at the Register reports that a recent Black Hat conference presenter demonstrated how to crash Nokia cell phones using malformed headers in SMS messaging protocols. Though the SIM card can be recovered by moving to a new phone, this is perhaps an interesting preview of security issues as data goes wireless." Of course, when you live in the US, where your wireless services are about eight years behind the curve, this is less of an issue. *grin*

Sucks to have a cell phone.

Oh, and first p0st0rz. I rule, yo!

Nostalgia

[Iamthefallen]

I remeber the days when a phone was actually used to call with, damn i feel old now...

Re:Nostalgia

[F2F]

I concur!

Nostalgia was better when I was young too, I might add.

i think your mom gives malformed headers

[neal+n+bob]

'nough said!

Old news?

[OblongPlatypus]

Isn't this extremely old news?

Re:Old news?

Apparently /. doesn't like posted up to date news. This story was posted on the register 2 days ago. I just tried to submit a story about exodus being bought. It got rejected, but chances are, it will be posted in a day or two.

Re:Old news?

[FatRatBastard]

Not sure? According to the CNN article its a temporary thing. The Reg says its a lot nastier.

Plus, I think the Reg's angle was that there's now a Script Kiddie tool to do the job.

Re:Old news?

[Not2Bryt64]

No. This is a new exploit, which I beleive does more damage. The old one just required a hard reboot (remove battery). The register article says that the phone cannot be turned back on until the message is removed from the SIM card.

Being behind the times is a security feature!

[The+Turd+Report]

No text.

BLING BLING

I gotz da skillz to make da Benjaminz and dose pay da billz

swell

[hawk]

Just what I need, a crashing phone. I *knew* there was another reason I never bothered with a cell phone.

Now the *truly* malicious can set out to infect 911 with a virus that attacks the phone of callers . . .

hawk, who now sees that touch-tone was a slippery slope and should have been stopped

Black hats

Is it at all possible to have any sort of technology without assholes coming along and ruining it for everyone?

Re:Black hats

[Ledge]

Nope, see also: Aircraft, Pharmaceuticals, Firearms, and Indoor Plumbing.

Re:Black hats

No.


Rate my troll at : Am I IP banned or Not?

Re:Black hats

[SirSlud]

Just like any technology, it can be used and abused. If I were the type who didn't like the word asshole, I might be justified in lamenting:

Is it at all possible to have any sort of message board without people coming along and using the word asshole?

Any other way, and you wouldn't be on planet earth, bub. Stop whining about it, and start questionting which you value more: crashable cell phones, or no cell phones?

Society must accept the inevitability of technology as an unbiased tool. Technology CANNOT be created for good. Like it or not, as a society, we must accept that when we adopted cell phones, we accepted the possibility that they may not always work, in the same way that as a society we value the use of cars more so than the lives of the thousands upon thousands of people who die as a result of them every year.

Anyone who thinks technology puts powers only in the hands of the righteous (whatever the hell that is) is a fool. In the case of Black Hats, I'd rather the concaine junkies in my neighbourhood congregate and do their thing in the middle of daylight in the park rather than at night, in allys, if you catch my drift. The fact that this was demonstrated at a conference is a good thing .. would you prefer to crack down on these people, and drive their activities into the underground where you are upable to keep an eye on them?

Re:Black hats

I think a covert operation designed to inflict 'heart attacks', 'diabetic strokes', and 'car accidents' upon attendees of these conferences would be the best way to go.

Re:Black hats

[morcheeba]

Oh, you mean some sort of simple technology, like a stick, or, say, maybe a rock or maybe just dirt? It's the technology's fault that it gets corrupted.

Re:Black hats

Just as its the woman's fault for being raped?

Re:Black hats

[Trekologer]

• Is it at all possible to have any sort of technology without assholes coming along and ruining it for everyone

Who's the bigger asshole? The one who exploits flaws in products or the one that releases products without checking for flaws that could be exploited?

One could say that the "black hats" are really "white hats" in demonstrating flaws so that they do get fixed (in reality there are shades of gray in between, depending on what the discoverer does with that information).

Of course, if Microsoft had their way, we wouldn't even know about flaws such as this and have to put our faith in the vendors fixing these "secret" flaws (read: Ralph Nadar's Unsafe at any Speed). Of course, where's the motivation to fix flaws that the public doesn't know about?

Re:Black hats

Note that I didn't say white hats or hackers were the assholes. The black hats, script kiddies, and other criminals who misuse and abuse technologies are the assholes.

How this ever became a Microsoft bashing thread is beyond me. Will it gain you karma?

Re:Black hats

[zangdesign]

Regardless of the technology, there will always be those who use it for good and those who use it for ill. It is impossible to predict just exactly how someone will use a tool without some sort of objective control source.

Case in point: how many ways can you use a simple 14' ethernet cable to kill someone?

The restriction on use should not be built into the technology, but rather built into the person, by their own conscience. It is up to the individual to determine, through trial and error, what works and what does not in the context of a society.

Sometimes the experiments fail and we wind up with hackers (colloquial usage) and terrorists. Sometimes you get professors and teachers.

Re:Black hats

[secolactico]

Who's the bigger asshole? The one who exploits flaws in products or the one that releases products without checking for flaws that could be exploited?

I have the feeling that no matter how much they check, something will (almost) always slip by. When the technology is complicated enough, the product will always be released with bugs, sometimes exploitable. I don't think it would be appropiate to label the developers as bigger assholes than the exploiters.

Lots of technologies (software and otherwise) that are acknowledged by the public in general as the leaders on their field have had flaws at one time or another. The important thing is that they are acknowledged and corrected before the damage becomes too great.

Re:Black hats

[Trekologer]

I have the feeling that no matter how much they check, something will (almost) always slip by. When the technology is complicated enough, the product will always be released with bugs, sometimes exploitable. I don't think it would be appropiate to label the developers as bigger assholes than the exploiters.

If you read the article, you would have known that Nokea has been aware of this problem for a while and aparently has done nothing to correct it. And this is not a matter of a bug that causes the phone to drop a connection; the phone becomes permantly useless.

Besides, an explot like this is something that should have been looked for. Why? There are several examples of "malformed data" causing problems with software (most notably web browsers).

Re:Black hats

[Trekologer]

Note that I didn't say white hats or hackers were the assholes. The black hats, script kiddies, and other criminals who misuse and abuse technologies are the assholes.

You didn't really say much at all, just that you wondered why "assholes" must ruin new technology. You did not differentiate between those that find flaws or the ones that explot flaws for badness.

How this ever became a Microsoft bashing thread is beyond me. Will it gain you karma?

I mentioned Microsoft as an example. Microsoft wants security flaws kept under cover (see this story), presumably to prevent a bad light from being put on their products, especially with the "just trust us" idea of their .Net/Passport stuff. Nokea seems to being taking the same route here. The linked article suggests that Nokea knew about the problem but didn't do anything about it. Sounds like Microsoft's plan, doesn't it?

firewalls for phones

[friscolr]

once the nokia Netbsd port is done, we'll be able to protect our phones using ipf (or maybe even a pf port, if the ipf license still isn't to your liking) and should be fine.

Re:firewalls for phones

[monkeyserver.com]

hmm, "score 3: funny" so you think he's joking?

Re:firewalls for phones

I'd prefer to put all my devices in a bluetooth private network and have my Nokia NetBSD device act as a NAT router.

Quick! Update the phones

with a lameness filter! That should fix the problem.

Hey

[RJ11]

Being eight years behind the curve has its advantages.....like not being susceptible to this!

It's like using a KPro for your primary workstation, it's so old that no one will spending a lot of time finding new ways to crack it. And if they do, that's ummm, *really* pathetic.

Only eight years?

[slykens]

I just got back from India and Europe and am thoroughly embarrassed by our government's and wireless carriers' inability to play ball with the rest of the world. At least AT&T finally got the clue, I hope.

This talks about crashing a phone via SMS, but what about devices on CDPD or GPRS like those road signs or weather telemetry, or even electric meters in some locales. That's not only on the wireless network but on the IP network. Has anyone tried to muck with those devices yet? On most CDPD and GPRS plans the customer pays for each byte transmitted, what if someone just streams data towards a customer to run up their bill?

Re:Only eight years?

[SirSlud]

You are very unlikely to see much CDPD deployed on NA soil (I demo'd CDPD 5 years ago at a conference in Vancover .. if I'm wrong, someone let me know :). It's a technology which is perfect for the purposes you mention (telemetry, remote monitoring), but its cost and the fact that its most suited for geography that is both remote and difficult to access makes it somewhat difficult to justify why anyone would use it here (nevermind the limited bandwidth). Throw in that it'll likely never be a consumer level technology, and it seems that it is a technology which likely won't have a critical mass of deployment and visibility to make hacking a concern. Now that's not to say that it /couldn't/ be done .. :)

Re:Only eight years?

[gnurd]

sure, no CDPD in NA.

Re:Only eight years?

[tramm]

You are very unlikely to see much CDPD deployed on NA soil (I demo'd CDPD 5 years ago at a conference in Vancover .. if I'm wrong, someone let me know :)

It's been available for at least five years in the US. I had flat-rate service via Go America for several years for only $50/month. I even hacked my Novatel Minstrel to work with Linux so that I could use it with my laptop.

Re:Only eight years?

[SirSlud]

ahhhh, cmon, so someone offers it .. then again, 80% of the world's fiber optic cabling is dark. So I'm more interested in how many subscribers this company has? Whats the total consumer/business CDPD subscriber base in NA?

Re:Only eight years?

[SirSlud]

I know its been available :) like I said, I demo'd it 5 years ago .. I'm speaking more about its adoption .. clearly, I was wrong about not seeing it marketed towards the consumer market. Thanks for the correction!

Re:Only eight years?

[Dahan]

I dunno about Omnisky, but GoAmerica, which another poster mentioned, is partnered with Compaq. Compaq's iPAQnet CDPD service is through GoAmerica... a coworker got an iPAQ with iPAQnet service; it's kinda slow, but nifty. Seeing that Compaq is pushing CDPD as the wireless Internet solution for iPAQs, I suspect there are a decent number of subscribers.

Re:Only eight years?

On most CDPD and GPRS plans the customer pays for each byte transmitted, what if someone just streams data towards a customer to run up their bill?

If the customer pays for their bytes transmitted, how does forcing them to recieve data run up their bill?

Re:Only eight years?

[Cato]

GPRS initially allows only 'mobile originate', i.e. the phone initiates a GPRS session to a remote network (e.g. a walled-garden WAP service) and that network sends packets back. Unsolicited packets are dropped, so as long as nobody hacks into the WAP service this is fairly unlikely. The 'mobile terminate' feature would allow unsolicited packets to be sent to the phone is not yet implemented, I believe.

This is going to become an interesting issue as GPRS networks connect to the Internet (many are WAP only on a private IP network) - perhaps the only mitigating factor is that GPRS connections to the Internet will probably go via a NAT, making it harder for unsolicited packets to get in (they'd have to spoof an active server and guess the port number on the NAT device, as well as hoping that a UDP session was in use since spoofing TCP sequence numbers is pretty hard).

SMS proxy?

[chrysalis]

It's time to code firewalls and applicative filtering proxies for mobile phones...

Re:SMS proxy?

[jeriqo]

Not at all. It's time to code good software. You can't even DoS with SMS since they are *not* free. -J

Re:SMS proxy?

[Mr_Icon]

It's time to code firewalls

Wireless devices had had this stuff for years, except they're called "concretewalls".

Re:SMS proxy?

[Darren.Moffat]

Even in the US most of the telco's I've seen now have a webpage where you can send SMS messages to any phone on their network for free and without limit.

All it needs is a program that does contious HTTP POSTS to that form and you have a DoS to one or more phones.

If you are on a phone contract where you pay for incomming SMS this could really hurt financially. As an ex-pat Brit I still find it hard to come to terms with paying for incoming calls to a mobile phone in the US.

Re:SMS proxy?

[jeriqo]

> "Even in the US most of the telco's I've seen now have a webpage where you can send SMS messages to any phone on their network for free and without limit."

Well, we don't have these in Europe. You can only send like 3 SMS a day, and extra SMS cost around 0.1 USD.

Are you really sure it is really unlimited?
It would only take a few lines codes to make a program that would send like 10 SMS a sec on random numbers.
Spammers might like this stuff.

-J

Re:SMS proxy?

[-douggy]

ICQ has a free sms service.

Re:SMS proxy?

"Well, we don't have these in Europe."

Not like this or the other million SMS portals you have out there.

Re:SMS proxy?

[jstockdale]

What! your still using concretewalls?
havn't you seen the next generation of wireless firewalls?

Concrete(tm) Walls(tm) with Rebar(tm) and(tm^H^H^H Mesh Lateral(tm) Reinforcement?

8 years behind???

[DAldredge]

So I guess the HandSpring Visor GSM phone I have with GSM service via Voicestream dosen't exist???

Re:8 years behind???

[slykens]

So I guess the HandSpring Visor GSM phone I have with GSM service via Voicestream dosen't exist???

Yes, it does exist today, but how long have GSM networks been in the US? Maybe a few years at best. How about widespread deployment? Yah, in my small town (100,000 people) we just got our first GSM carrier this year, and they are some little podunk operation that won't do roaming. I can't wait until the AT&T conversion.

Re:8 years behind???

[dave_c]

Yes, it does exist today, but how long have GSM networks been in the US? Maybe a few years at best. How about widespread deployment?

Seriously. I have Voicestream GSM service & a tri-band phone, and have mediocre coverage in Washington, D.C., but last week had awesome coverage throughout Scotland and northern England (I'm talking small towns, not just cities like Edinburgh, etc.). Even got encrypted transmission service in Iceland. But in the U.S.? Nuthin' but crap.

Maybe cell phones are more like fashion than technology: we American's like it 2 years after it's popular in London.

Re:8 years behind???

[FatRatBastard]

Yes, it does exist today, but how long have GSM networks been in the US?

Actually, a while I belive. Wasn't Sprint Spectrum (claimed to be the first digital cell service in the states) GSM? I think they sold all of their GSM network to VoiceStream when it looked as if GSM was a dead duck in the states.

AFAIK that's how VoiceStream became as large as they did. They bought up Sprint Spectrum and a whole bunch of smaller, regional GSM networks in the states (for fairly cheap) when the conventional wisdom was GSM was dead (here in the US of A).

Re:8 years behind???

The GSM system in Iceland is one of the most advanced networks in the world. Everybody has a mobile. 9 year olds and up! :) Interesting fact! :)

Re:8 years behind???

[Myko]

GSM has been in the US since at least 1994 when Sprint Spectrum deployed it to the Washington DC Metro area.

Re:8 years behind???

[aminorex]

Not only are GSM phones available in most major
markets, but CDMA phones exist that support SMS.
I wonder if any of the vulnerable Nokia's are
CDMA phones.

Re:8 years behind???

[dave_c]

The GSM system in Iceland is one of the most advanced networks in the world. Everybody has a mobile. 9 year olds and up! :) Interesting fact! :)

Interestingly, I was just in Iceland last week, and my GSM phone had 1) the best reception I'd had anywhere (I'm from the States), 2) faster signal location than anywhere else (here in D.C. it takes a minute or so to find the nearest Voicestream tower), and 3) encrypted transmission between my phone and the tower (which I've never seen work anywhere else I've been).

Re:8 years behind???

LOOL
the vuln nokias are grps...

Re:8 years behind???

[ma2tias]

One place in the metro area! Oh yeah. You could also say that the US embassy had GSM coverage in London in 1990.

The first SMS was sent in London in December, 1992

Re:8 years behind???

[jfanning]

Everyone always mentions population density as an excuse for coverage in the US, but it seems like a pretty poor one.

Look at Finland as an example. There is an average density of less than 17 people per square kilometer, probably the lowest in Europe. Almost everyone lives in the main cities and the density in Lapland is extremely low plus a few reindeer. But check out the coverage of the main GSM network operator. The other main operator has almost equal coverage as well.

Re:8 years behind???

Actually, the US version of GSM is different from the Asia version of GSM. We utilize a different frequency that Asia. I'm not sure about Europe though.

I'm just waiting for the US to realize that GSM is the better standard and ditch TDMA and CDMA.

Re:8 years behind???

[yuri+benjamin]

Everyone always mentions population density as an excuse for coverage in the US, but it seems like a pretty poor one.

Especially since the population is just as dense inside a major US city as it is anywhere.
It is in-between cities that the population is sparce.
So don't let me hear any more excuses about population density!

Re:Quick! Update the phones

Hmm... An SMS message compression filter. That'd work...

Slashdot requires you to wait 2 minutes between each successful posting of a comment to allow everyone a fair chance at posting a comment.

It's been 1 minute since you last successfully posted a comment

If you this error seems to be incorrect, please provide the following in your report to SourceForge.net:

Browser type
User ID/Nickname or AC
What steps caused this error
Whether or not you know your ISP to be using a proxy or some sort of service that gives you an IP that others are using simultaneously.
How many posts to this form you successfully submitted during the day
* Please choose 'formkeys' for the category!
Thank you.

Just think.

[Patrick+Cable+II]

So many high schoolers have these; imagine what some disgruntled kid could do now!

Re:Just think.

Disabling some prep's phone would probably have a bigger impact on their social life than shooting them in the head anyways.

Worms

I thought nokia phones already shipped worms out-of-the-box.

Behind WHICH curve?

[bluGill]

Europe is ahead of the Us because they have a standard system. However the US has several systems which have features that are better than what Europe has. CDMA is a better standard than GMS overall, and there are others, which gives each a trial by fire. The best can then be combined into something that works. Generation 3 cell phones (if they ever make it) have been heavially influenced by what worked and didn't work in the US. If everyone was GSM like Europe is, then generation 3 would not be as good as it is.

Remember standardise early, but not too early.

I won't argue when you say it is convient to have one standard, but in real life most of the US has just as good of coverage as Europe. Sure there is only one provider, but who cares if the phone works? Get out from the major cities and there is no service, but a single GSM standard would't help much. Population densities are very low in the US, to there day there are many miles where there is no coverage on any system. (Unless there is a satalite system now)

Re:Behind WHICH curve?

[dave_c]

but in real life most of the US has just as good of coverage as Europe.

You obviously haven't tried using the same phone in both the U.S. and Europe. Get a tri-band GSM phone, take it to any large city in Europe, and you'll see you get much better coverage than in NYC/someother U.S. city.

Re:Behind WHICH curve?

[C_nemo]

behind the cell-curve curve I live in Norway(5 mill +large country) and we have GSM coverage virtualy on every mountain and wally(real walleys not like those puny US ones, and the UMTS network are about to, or has been opened Kaptein N

Re:Behind WHICH curve?

[karot]

Remember standardise early, but not too early.

An American friend one pointed out to me that the USA has the benefit of inventing many new technologies, and being the first to implement a massive number of them...

...This of course means that the USA tends to implement version 1.0 all across the country, and when you've covered an area that big with version 1.0, version 2.0 is gonna be a long time coming ;)

Steve

Re:Behind WHICH curve?

[bluGill]

Hmm, my current cell phone is in fact GSM, and every US city I've been to has had good coverage. Oh I agree that GSM doen'st have the best coverage, but it is there. GSM is not very common in the US, and there is still a lot of coverage.

And remember to differenciate between coverage in sparesly populated areas with densely populated areas. (NYC I know is dense, but I wouldn't want to visit there so you point is lost to me...)

Re:Behind WHICH curve?

[WolfWithoutAClause]

It's probably not true that Europe is ahead because they have a standard system; as far as I can tell, they are ahead because it became fashionable in the boom of the late 80's in London particularly to have a cell phone; partly because it was a way of doing more business for the brokers- it quickly became a status symbol. A fairly affordable it became too as it grew rapidly among the city and top businessmen and filtered its way down to basically everyone.

The fashion made the economics look better, and that in turn drove more manufacturers to enter the market and compete, driving the price down further.

The other feature that killed off the other mostly non-digital systems was security. After the 'squidgy' tape loads of people would only get digital, particularly Prince Charles- and the GSM phones were a convenient digital standard to go for at that time.

Britain is an ideal place for cell phones- the population density is pretty high, so less cells are required; most people I know have a cell phone in britain. Many of them don't have a fixed line at all anymore.

Incidentally, there IS a satellite phone system- Iridium, last time I checked it was very expensive, didn't work indoors or in cities, had low quality; and the handsets are really heavy.

The military loves them.

Re:Behind WHICH curve?

If everyone was GSM like Europe is, then generation 3 would not be as good as it is
This is good for Europe...

Remember standardise early, but not too early
CDMA is not 3G anyway. We all has to upgrade.

but in real life most of the US has just as good of coverage as Europe.
GSM works on the top of Kilimanjaro.

Sure there is only one provider, but who cares if the phone works?
I would care about paying even more than here in Europe.

Get out from the major cities and there is no service, but a single GSM standard would't help much. Population densities are very low in the US, to there day there are many miles where there is no coverage on any system. (Unless there is a satalite system now)
In Europe the operators have to provide near complete coverage, but this only makes any kind of economic sense if the market is not fragmented between different standards. Population density is very low in northern Sweden, but look at this map of Telia's coverage:
http://www.gsmworld.com/gsminfo/cov_sete.htm

Re:Behind WHICH curve?

[bluGill]

I live in Minnesota, about 3.5 million people, and about twice as much land as Norway. And MN is fairly heavily populated compared to many nearby states. (which also happen to be larger) covering a valley isn't that difficult from an engeering standpoint, just put a tower there. Covering a flat field of 100 miles profitably is extreamly diffiult if the entire population of the field is less then 75. I happen to know someone who lives in that exact situation.

Re:Behind WHICH curve?

[infiniti99]

CDMA is a better standard than GMS overall

What I find funny about this statement is that these two are not necessarily comparable. CDMA is a radio protocol, used by both Sprint PCS and Verizon here in the USA. GSM, on the other hand, fully describes a wireless network, from the radio protocol (TDMA), to the included services (voice, 9600bps data, SMS), all the way to the SIM chip.

While CDMA may be a better radio protocol than TDMA, it is definitely not a wireless network. You can't use a Sprint phone on the Verizon network can you? As far as I know, these are separate networks with their own definitions. They just happen to share a common radio protocol.

So when someone brings up the ancient war: CDMA vs TDMA vs GSM, be sure to reorganize this into: Sprint vs Verizon vs AT&T vs GSM. This is a much more sensible comparison. Anyhow, perhaps in the future GSM's radio protocol can be replaced with a CDMA incarnation.

Re:Behind WHICH curve?

[dachshund]

This of course means that the USA tends to implement version 1.0 all across the country, and when you've covered an area that big with version 1.0, version 2.0 is gonna be a long time coming ;)

Actually, it seems that the situation is reversed in this case. GSM uses a less-advanced technology (TDMA) than many US networks (CDMA). Europe/Asia/Africa have opted to standardize this older system, while some US carriers have gone ahead and adopted more advanced but incompatible systems. As we've got no expectations of compatibility (even when switching from one company to another), it's easier to skip to newer tech.

I don't entirely agree with the US companies' decision here, but I do think it may have some unexpected benefits. For one, we may be able to move in with a much more advanced 3G without being tied down by a whole lot of backwards-compatibility concerns. For another, it may turn out that the focus on standardized networks becomes less and less important as technology becomes more adaptable. The price and flexibility of wireless tech have been plunging and exploding, respectively. It may turn out that compatibility is more effectively acheived by cheap Taiwanese chipsets than by standardized networks.

Personally, having caught a glimpse of the projected cost of 3G (for not-terribly impressive data rates, and only in the cities), I'm skeptical of the whole project. I think the next generation of data/phone tech will take its cues from 802.11 tech, and GSM will become a relic. This is obviously a few years off, though. In the mean time, we Americans just have to rent phones when we get off the plane (not a terrible deal when you consider international roaming charges, I'm told.)

As to "America gets stuck on 1.0", there's plenty of precedent for the opposite; the Minitel in France (outmoded by the web) and analog HDTV in Japan. Sometimes our stubborness is actually an asset.

Re:Behind WHICH curve?

[mgv]

Population densities are very low in the US, to there day there are many miles where there is no coverage on any system. (Unless there is a satalite system now)

Australia uses multiple systems, but now supports mainly CDMA and GSM. Which is more popular? CDMA is better for covering distance - and please (unless you are posting from antartica) don't underestimate the issues faced in Australia. We have a land mass 2/3 the size of the US, but with a population of 18 million.

GSM is locked in by design to a 35 Km radius around the base station. Not an issue in say, NY, London or Europe for that matter. A big issue in Oz where your neighbour might be further away than that. Telstra (the major teleco in Australia) have modified GSM transmitters to provide a second 35-70 Km ring of coveravge from a base station. In outback Australia, you can easily get 70 km line of sight to a tower.

Despite all these limitations, GSM still wins hands down. The biggest reason? Competition I think. Being able to change service provider with a change of SIM card, rather than handset.

Plus the provision of enough features above and beyond phone - SMS messaging. Although primitive, it was flexible enough to make your phone a pager and message service in one.

In hindsight, the bandwidth limitations (9600 baud) and absence of packet radio (always on rather than dial in) features weren't enough of a liability to hold back its initial rollout.

You might call it the microsoft or VHS solution - near enough, good enough without actually being the best.

MIchael

Re:Behind WHICH curve?

[yggdrazil]

I'd say having a standardised system helped in many ways. We got down the prices of handsets very quickly. We had instant competition. And people could switch from one operator to another just by switching SIM-card. They nedn't throw away the whole phone, and change to another system.

Having a standardised system across the patchwork of countries which Europe is is also beneficial. Roaming works across the continent worked out of the box. If every country had gone for their own system, that wouldn't have happened.

Europe chose to select the mobile standard proposal out of technical merit, rather than political or national reasons. Which is a triumph for techies over politicians, I guess.

In the Nordic countries, stock broker fashions had very little to do with the very high mobile penetration we have here. Rather, ordinary people saw that the stuff worked, that coverage was good, it was easy to use, not that expensive, and it was easy to figure out what your calls would cost. You can get nearly 100% of the population to want a mobile phone if you only sell it as a yuppie (or drug dealer) toy.

Re:Behind WHICH curve?

[onion2k]

Another reason for mobile phones being further ahead in Europe is that the major innovators in the industry are European. Nokia, Ericsson, Siemens to name a few of the bigger manufacturers. There are others, such as Sony and Panasonic, but they're not often on anyones 'Favourite Phone' list.

Just give me a Nokia 7650 and I'll be happy.

Re:Behind WHICH curve?

[Debiant]

Yep, and main reason is the opening of telecommunications sector in those countries to competition which coincided with ability to do cellular
phones - and ability agree on technical standards that
helped to forms standards which were technically
sound. GSM was reliable from day one I started
to use in here Finland.

Much more reliable than internet connections I've
used much longer btw.....

Re:Behind WHICH curve?

[jquirke]

I Agree.

In Australia we have one of the lowest population densities in the world - only 19 million people across an area slightly smaller than the US, yet we have some of the best GSM coverage in the world, with some of the best GSM networks.

Take a look at the coverage on Australia's second largest network Optus.

We also have CDMA - but that sucks in buildings.

That throws the whole population-density argument out the window.

Re:Behind WHICH curve?

[Robert+S+Gormley]

I'm here in Australia, and I've used both CDMA and GSM. CDMA sucks ass. It degrades more gracefully than GSM, fading away rather than chopping in and out. America is still *way* behind the curve. I call someone regularly in the US whose cell drops out with Sprint whenever she leaves the interstate - in Michigan. You want to talk about population density? Australia's population density is 9% that of the US but the major players have still covered 92% of the population, and with a service so good and cheap that 63% of the population has a cellular service.

I'd probably argue a lot of Gen 3 stuff is heavily influenced by the Asian markets, a lot more on the uptake than the American cellular market, and where they already have cellulars with data capacity of 2mbps.

Re:Behind WHICH curve?

[thogard]

GSM is a technical solution to the problem of how do you keep the service inside your countries borders. This politial requirement makes for a very bad choice in places where you need huge coverage and have no problem of cross border calls. GSM is also only cost effective if you have a high density of people. The small cell sizes of GSM make it impossable to cover large rural areas effectively.

Re:Behind WHICH curve?

[mrm677]

CDMA IS-95a is a standard that defines everything.

GSM also has a similar standard, but the word "GSM" does not define everything.

Re:Behind WHICH curve?

Good coverage, but does it cover the entire continent?

Re:Behind WHICH curve?

[netwerk]

does it need to?

MOST of our continent is uninhabitable :)

if you need coverage in the middle of a desert then get a satellite phone

Re:Behind WHICH curve?

C'mon! you americans are "world's number one" in many areas. Cellular phone&wireless stuff is one of the very few exceptions, learn to live it. It just happens that sometimes some countries behave more logical than states.

Re:Behind WHICH curve?

wop, people.

excuse my accent ;) here in spain everybody
has a cell phone mainly becouse they are
nearly free (free as in free ;). of course
the calls are not cheap, but it makes
that techno afordable.

jv

Re:Behind WHICH curve?

[isorox]

It is very rare I dont get a full signal, indoors or outdoors, in a car, in a tunnel etc. Anywhere in the UK - be it a field in shropshire or the tower bridge.

The only place I have noticed my lack of signal, in the last 4 years, was in a gully with walls arround me, a near steep ice slope above & below me, and behind me about 500m to another hill.

When I got to the top I had a signal perfectly again.

Re:Behind WHICH curve?

>Remember standardise early, but not too early.

What a load of cr*p. Whats the point of a system if it doesn't get used to its full potential?

"Oh yeah our system here has x, y, x... oh but we don't use it because its too hard to get on with other cell networks"

>the US has several systems which have features that are better than what Europe has.

Have you been to Europe and seen how people use cellphones and things like SMS, and how you can wander from country to country and not even think about whether your cellphone will work or not?

Re:Behind WHICH curve?

Actually no, he was right. Version 1.0 was the analog cellular spec that the US adopted long before Europe really got interested. The US missed the boat on GSM because we jumped first at analog cellular.

Re:Behind WHICH curve?

For one, analog cellular coverage in the US is fairly complete, because the US deployed cellular a lot earlier than the rest of the world.

Second, Australia may have a low *average* population density, but in reality much of the continent is uninhabited or inhabited primarily by native peoples. The vast majority of those 19 million people are congregated in a handful of coastal and near-coastal areas. Australia's population distribution is more comparable to Canada than the US. In contrast, the majority of the land in the US is inhabited.

Re:Behind WHICH curve?

Australia's population density is 9% that of the US but the major players have still covered 92% of the population

Yes, but what percentage of the area? It's easy to cover a high percentage of the population when most everybody is congregated in a few small areas and most of your land is largely uninhabited.

Also, nobody in their right mind uses Sprint here anymore. Spring was one of the early adopters of CDMA here, but they're coverage sucks.

Re:Behind WHICH curve?

[Bender+Unit+22]

Well in Denmark we have 99,8% coverage by our largest phone company. using GSM phones. Some phonecompanies might only have 50% coverage, but then they make some roaming-like deals with the companies that cover the parts they miss

Re:Behind WHICH curve?

Just for the record:
In most parts of Scandinavia people fint it
weird and anoying if their cellphone doesn't
work. It's years since we got GSM-coverage
along virtualy every road, and it's not at all
unusual to bring your cellphone when you go trekking in the mountains...

Re:Behind WHICH curve?

Europe is ahead of the Us because they have a standard system.

No, Europe is ahead of the US because the US adopted the 800 MHz AMPS analog cellular standard back in the early 80s. The GSM standard wasn't developed until the mid 80s and wasn't deployed until the late 80s / early 90s. By this time the US had already deployed extensive analog cellular networks.

There is a simple reason why the US didn't adopt GSM when it started catching on. The US had a great deal of 800 MHz infrastructure, so many providers focused first on providing digital service in that band rather than deploying new equipment for 900 MHz GSM.

After that rift, when the 1800-2000 MHz band opened up, US providers mostly went with spread spectrum technology (CDMA) instead of TDMA (except in the Southeast US) because CMDA allows each base station to cover a larger area, which is an important consideration in a large country. A few US providers did adopt GSM at 1900 MHz (e.g. Nextel), but most didn't want to bother with GSM because the rest of the world was working in the 900 MHz band and they believed their capital investments were better spent in the 1800-2000 MHz band. And just to add one more chapter to the story, the EU started trying to push the deployment of 1800 MHz GSM in the mid-90s and it's starting to catch on.

As others pointed out above me, the US jumped on board with the first generation of technology and largely missed the boat on the second generation. I think things are likely to come around full circle. The US will probably adopt third generation technology a lot quicker than the rest of the world which will be tied to GSM for a while to come.

Re:Behind WHICH curve?

[dachshund]

Actually no, he was right. Version 1.0 was the analog cellular spec that the US adopted long before Europe really got interested. The US missed the boat on GSM because we jumped first at analog cellular.

Yes, and that was more than ten years ago. My point is that the worm has completely turned.

Re:Behind WHICH curve?

This was moderated as 'overrated' FOUR times! The crack must be really good today.

Come on people. If you disagree, post.

ROTFL...

[A_Non_Moose]

Hey, look! a Grey Screen of Death!
(considering most have mono displays, correct?).

And for the first time...

[Exmet+Paff+Daxx]

For the first time, hackers can kill. Considering the number of people who use their cell phones while driving, a random "crash" (what a terrible pun) while trying to send email or view stock quotes while driving should be enough to push a few drivers "over the edge".

The good news is that if terrorists intend to use such "crash" attempts to crash cars or other vehicles, we at least have new legislation to stop them.

Re:And for the first time...

[nochops]

Hacker?

I thought it was a truck driver. So if I use SMS I can call myself a hacker? Kewl!

The future is pretty

Great, extrapolate this and my year 2050 toaster will crash on me because of some untested path in the 5M lines of code it will contain. I'll say "back in my days toasters didn't crash because of malformed headers in messaging protocols", and my grand-sons won't beleive me.

Just imagine

what a Beowulf cluster of Nokias could do!

Yep, not being first can have it's advantages

[SpiceWare]

[US] wireless services are about eight years behind the curve

Those who implement later can implement newer standards w/out obsoleting(and thus pissing off) all the existing users of the cellphone network.

Re:Yep, not being first can have it's advantages

yeah, but now i'm tired of being pissed off, because we don't have the toys.

Re:Yep, not being first can have it's advantages

[boydtel]

I don't agree that we aren't first in implementing new cell technologies, we are not the first in stacking people into tighter and tighter piles. A trend which totally drives the ceonomics behind this infrastructure and hence it's speed of deployment. However, I am also blown away by how many people here fail to see any benefit in "not being first" I agree that (while it doesn't in this case IMO) it certainly CAN have advantages. WE innovated broadcast television and we have long suffered the poorest quality image because of that powerful (in terms of number of users it dwarfs most other nations) standard. Innovation is good, but it doesn't always lead to having the most of the coolest toys IMO. bk425

Why go through all that......

[the_2nd_coming]

when all you need to do is throw the phone to the pavment?

New phone

Is this the new Nokia or Microsoft offering?

We may be years behind

[rutledjw]

But the alternative (in the US) is f*cking advertisers sending phones messages when they're in the vicinity of certian stores.

Anyone remember reading about the test of this little "technology" in Boulder CO (of all places)? The advertiser was "very pleased" with the number of people who READ the ad.

Great, so they can trace who read the &^$%*& things as well. I think my Sprint phone gets 100 free text messages before I have to start _paying_. Which is great - the recipient gets to pay to be spammed...

Re:We may be years behind

[jcoy42]

I used to get *tons* of cellphone spam with the text messaging being as simple as @xxxxxxx.net.

I don't know how many times I would get a 911 page at 2am to find out some other poor guy had been the victim of cell-phone shotgun spamming.

It's gotten much better in about the last year, but don't rule out being spammed by our current system.

Re:We may be years behind

[Robert+S+Gormley]

That, to me, is a joke that has the rest of the world laughing. We don't pay to get anything. Someone calls you, why should you pay. Someone sends you a text message or a cellular fax, why should you pay?

And don't say it's to get lower calling rates, because most cellular rates here in Australia at least would make your jaw drop with their (low) cost.

Infractsurcture

[ArchieBunker]

In small heavily populated areas like europe its easy to change out a dozen towers that blanket the whole country. Compare that to the US where everything is sprawled out.

WARNING: GOATSE.CX LINK!!!

The parent post is a troll, for God's sake, don't click that link!

Hey, self-satisfied luser!

[l00ny_bstrd]

Yeah, Hemos, I'm talking to you!

Take your *grin* and shove it up your ass!

Security through...

[1010011010]

Of course, when you live in the US, where your wireless services are about eight years behind the curve, this is less of an issue.

Security through Inertia. Hmm...

Re:Security through...

[Guillaume+Ross]

Yep. if you still use Dos2 I bet you're safer from worms and trojans than pretty much everyone else here! :)

Re:Security through...

Heck yeah. Likewise, someone who uses WordPerfect 5.1 for DOS sure isn't at risk of the latest Word macro virus.

Re:Security through...

[ethereal]

Wait, what was that? I missed half of your post because my 3rd-party IP stack crashed :)

Bound to happen...

[Junta]

I mean, look at this logo on a nokia phone. As soon as you see this logo on a phone, you know trouble is coming. I think it is some sort of curse :)

Btw, if you actually want this logo, go here.

Who cares?

[J.C.B.]

Of course, when you live in the US, where your wireless services are about eight years behind the curve, this is less of an issue. *grin*

If I could get one of those big old 80s-early 90s cell phones (like the one that kid had in saved by the bell), I would use it. I don't need no stinkin' text-messaging WAP shit on my phone.

Re:Who cares?

[macpeep]

It's interesting that the people who have phones with text messaging find it extremely useful where as those who don't have it shrug it off with "I don't need no stinkin' text-messaging WAP shit", not even seeming to know what they are talking about, since WAP has absolutely nothing to do with text messaging and SMS messages.

Personally, I find SMS messages extremely convenient in very much the same way as email is convenient. It's a lot less intrusive than a phone call since it doesn't demand the receivers attention RIGHT NOW. It's quiet and more private, you can write and read SMS's anywhere without disturbing other people or other people disturbing you. You can use it for services. Send "FIND Joe Sixpack" to number 400 and you get the address and phone number of Joe Sixpack in return. Send "WEATHER Helsinki" and you get the latest weather forecast for the Helsinki area.

I worked in Singapore for six weeks last summer and it was extremely convenient to just bring my normal cell phone with me from Finland and everything working without any reconfiguration. Phone book entries, caller id, text messages, data. I used the phone to check my email with my Palm Pilot, Finnish news, Forumla 1 results riding home from work in a cab in the night etc.

I'm not saying that everything should be crammed into a cellular phone. Some things work better in a laptop or a PDA if you want it mobile. The point is that things like SMS and WAP, which are totally basic features of GSM phones, are quite useful and have their own place. Instead of silly "I don't need no stinkin' text messaging WAP shit on my phone" outbursts, you might want to try it out. You just might discover how nice it is and how well it works!

Re:Who cares?

[mrbester]

"It's (SMS) a lot less intrusive than a phone call since it doesn't demand the receivers attention RIGHT NOW. It's quiet and more private, you can write and read SMS's anywhere without disturbing other people or other people disturbing you"

Been on a bus / train lately? SMS is BLOODY intrusive as most clueless Joe Sixpacks (we call them kids here) have their volume set to max and that annoying pseudo-Morse beeping by default. Even worse, they have to LOOK at it to realise it is a message (duh, the thing's beeping in a particular manner, wtf do you think it is) for the entirety of the sodding beeping. Get that 20 times in 5 minutes and you'll find you alter your perspective of what intrusive is.
BIPBIPBIP BEEP BEEP BIPBIPBIP
BIPBIPBIP BEEP BEEP BIPBIPBIP (press the button, THAT button, THE GREEN ONE YOU IDIOT, AAAAAAAGGGHHHHH PRESS IT NOW!!!)

As to writing SMS without disturbing ppl the same annoyance remains: Button beeps bloody loudly every time it's pressed (and, it seems, twice as loud for the backspace). This has got to be worse than the "I'm just passing Gatwick, darling" crowd...

Re:Who cares?

[macpeep]

"Been on a bus / train lately? SMS is BLOODY intrusive"

I ride the subway to and from work every day. SMS is usually two quiet short beeps whereas a phonecall is a 60 second ring while the person looks for the damn phone. Sure, some have more annoying SMS beeps and sure, some even have button beeps on but in 95% of the cases, they don't.

As a whole, I'd definitely say SMS is less intrusive!

QTKT

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Password is "iacbtinfm"

jA0EAwMCv40xjZ0E69BgyWaTGoaWMos40i4ka+Z3N4WcbgY9 dT DhBAXdbTL9Ujhf
oFdJGGlmPysuEsnIw8QymV0GDpqvwspj6zXsJZzv6gsI1ix1 y5 BeyULii5VIEiFo
2MShQHww9x1hUV+ODttaq67bSGuf3Ds=
=Jwji
-----END PGP MESSAGE-----

New Slashdot reporting template

[corky6921]

Hi Slashdotters,

We here at Slashdot would like to advise you to use the following format when submitting bug-related stories.

"Crashing a [product] with [method used to crash it]"

"An article at [source] reports that [security expert] demonstrated how to crash [product] using [Pick one: buffer overflow; malformed headers; Javascript]." [insert wizened statement about how this will affect future direction of products in this category] [attach silly remarks by Slashdot writer like "Well, that's why I use [competing product]!"]

Also, please use the following template when replying:

"Those @(#&@! bastards! Who do they think they are, making [product] so buggy! Why do they have to include [useless feature that no one wants/uses anyway]?? I'll never use a [company] [product] again! Please, fellow Slashdotters, I urge you to boycott [company]!"

This will save us a lot of time and moderation points.

Thank you,
The Slashdot Team

Re:New Slashdot reporting template

[Gogo+Dodo]

The response template should also have:

"Everybody switch to the open-source [product]. It's better because it's free and there are no security problems with it!"

Re:New Slashdot reporting template

"Those @(#&@! bastards! Who do they think they are, making Nokia Phones so buggy! Why do they have to include SMS?? I'll never use a Nokia cellphone again! Please, fellow Slashdotters, I urge you to boycott Nokia!"

Re:New Slashdot reporting template

Those @(#&@! bastards! Who do they think they are, making Nokia Phones, namely the 3000 and 6000 series, so buggy! Why do they have to include SMS anyway?? I'll never use a Nokia again! Please, fellow Slashdotters, I urge you to boycott Nokia!

Thank god MS didn't write the messaging software

[wackybrit]

This is exactly why these new phone PDAs worry me. You've only got to have a copy of Outlook Express running and your phone will call everyone in your Address Book or send them frisky messages.

Though my grandma might like to receive 'How are you sexy legs?', I'm not sure my boss would be quite as accepting.. (and if he is, I should quit)

Security's not an issue overseas...

They're too busy talking shit about the US to bother hacking their fellow comrades' phones.

anyone know where...

[saint10]

... i could find some code to test this out?

Re:anyone know where...

[saint10]

uhhh... no you dork! find it yourself..

Web on Cell

[Larkfellow]

As far as I'm concerned this shouldn't even be an issue with Cell phones. I think that phones should be kept phones. If someone is really that interested in portable web. Then use a PDA.

Yes, I'll be one of the first to admit that cell phones are wonderfull. But I use mine as a phone. Not a game consol, not as a web browser, or day planner... And yes, I think PDA's are good for a day planner, and even limited web browsing and gaming. But really, do we need to be playing Doom, or the latest, greatest, Quake game on our cell phones? Do you really need to use Yahoo! after getting talking with your mother from the bus?

For me, there is such a thing as too many features. Web browsers on cell phones is one such case.

Re:Web on Cell

[rtaylor]

Fact of the matter is the new cell phone feature used to be a size decrease. You CAN'T decrease the size anymore without running into huge issues -- like someone swallowing it or something.

Technology inside keeps decreasing, and there isn't much point in leaving empty space. Batteries are heavy, so you really don't want to add much more volume to it. Whats that leave? More and faster chips with neat new features that may or may not be useless.

I'm not a cellphone owner, nor do I intend to become one... atleast until my landline becomes more expensive and cellphones.

Pure FTPD is as insecure as WU

[GaylordFucker]

go read some of the advisories on securshityfocus (sellouts)

SMS is useless

[nbvb]

Why bother snding mgs tht dnt mk snse?

Just pick up the GOD DAMN PHONE AND TALK.

Oh wait, the reason European users won't do that is because they pay PER CALL.

Say what you want about the providers in the US, but:

1) CDMA works. TDMA and GSM are fundamentally broken. GSM's encryption is crackable real-time using COTS hardware. CDMA's isn't (yet).

2) Billing per-minute still sucks, but sucks much less than per CALL. Most calls are less than 2 minutes, so you don't get raided too bad in the US. And besides, roaming charges are quickly becoming a thing of the past, and now most providers are including bucketfuls of minutes, even in their cheap plans...

3) Coverage is good. I have no problem making a call no matter where I go (my provider is VZW).

4) KISS. Keep It Simple, Stupid. I don't want SMS on my phone. Don't want spinning 3-d wingdings. Don't want to read my email from the phone.

If I want to read my email wirelessly, then build me an 802.11b network everywhere. Don't make me do it from a phone!!

And of course, my Startac (and my Audiovox 9000 and my Qualcomm QCP-860 and my QCP-2035a) don't crash!

--NBVB

Re:SMS is useless

[Dark+Legend]

Oh wait, the reason European users won't do that is because they pay PER CALL

Last time I checked the UK is in Europe, and I know of no network in the UK where you pay per call, when roaming in France, Spain, Portugal and Greece I have also always payed per minute. Where did this idea we pay per call come from?

Re:SMS is useless

[torako]

Paying per call would actually be pretty cool, as you wouldn't have to care about how long you talk.. Actually, in Germany (and most other European countries) you pay per minute or per second. Average charge per minute is between US cent 10 and 90 depending on your plan. Charging per second can actually be much cheaper if you don't talk to long (naturally)

Re:SMS is useless

[Bake]

GSM's encryption is crackable real-time using COTS
Everything is COTS if you have enough money, just under 10thousand still is quite a bit of money to spend on a single scanning device (for an individual that is). And then you have to crack the message itself which requires you to pick up a distinct call.

Billing per-minute still sucks, but sucks much less than per CALL
Paying per call is a term I'm not familiar with, we mostly pay per minute here in Europe (per second in my country actually, after the first 10 seconds).

Coverage is good.
My coverage is excellent here too. If there is a paved road in my country, I can use my GSM there, and some gravel roads as well. Did I mention I can take a trip around my country and still have coverage? No, I don't live in Holland or Denmark, I live in Iceland which is not quite known for its population density. And in case you're even dreaming about coming up with the argument "you're so few, you don't need to cover as many people as we do" I surely needn't remind you that transmitters and relays for GSM may be cheap but not THAT cheap (there are only 280 thousand of us you know). Plus I can take my phone to almost every country in the world (the US not included) and make calls and receive them just as I do back home. Plus I usually get to choose between different providers.

KISS. Keep It Simple, Stupid. I don't want SMS on my phone
SMS is Simple Stupid! And if you don't want sms on your phone don't open them! Don't want to send an SMS, don't send it then! Feel bothered by the phone ringing (which I hear you pay for, that's stupid, paying for incoming calls that is), don't answer it, or better yet, turn the bell off, or turn the phone off! Nobody's forcing you to use the phone. As for building 802.11b everywhere, that's
a) a whole lot more expensive
b) even more pointless, I don't feel like lugging my ThinkPad all over the place.
c) Prone to hacking too you know!!! (thus nulling your argument that GSM is fundamentally broken).

As for SMS, it really is a nice communications medium if you just want to send a quick message without going through the usual formalities. Instead of
"Hi, how are you doing, fine me too, listen I'm going to be a bit late for that meeting so blablabla"
You can send a quick SMS with the message
"Hi, sorry, I'm going to be a bit late for the meeting".

Now, with GSM I also get the following benefits: a) A choice between many providers b) A choice between a wide range of phones, the ones that /. keeps posting about and you drool all over ;-). And I don't have to notify my provider that I got a new phone and need to have my number transfered to the new one. c) A mobile system I can use all over the world (US excluded) with the same ease I enjoy at home without any modifications to my phone or SIM card.

Now, your point FOR CDMA was again?

Re:SMS is useless

[Gerein]

Just pick up the GOD DAMN PHONE AND TALK.

That's why you don't use email, and just call people, right? And all these instant messaging (ICQ, AIM, etc.)... Who needs that, if you can just call all the people? Man, why didn't you tell us before? We would have never used this stupid SMS-stuff, if we just had known...

Oh wait, the reason European users won't do that is because they pay PER CALL.

??? Ever been to europe? Every provider I know of, charges per minute. Actually it's often cheaper to speak for 1-2 minutes than to send an SMS (which is somehow ridiculous...).
SMS is surely not the most efficient form of communication, but often it's really convenient. It's pretty much as useful as all the instant-messaging services which are so popular right now, only that you can use it whereever you are...

1) CDMA works. TDMA and GSM are fundamentally broken. GSM's encryption is crackable real-time using COTS hardware. CDMA's isn't (yet).

That's why AT&T and co. would never switch to GSM, right? CDMA may be the more sophisticated technology but GSM just works. Everywhere...

2) Billing per-minute still sucks, but sucks much less than per CALL. Most calls are less than 2 minutes, so you don't get raided too bad in the US. And besides, roaming charges are quickly becoming a thing of the past, and now most providers are including bucketfuls of minutes, even in their cheap plans...

See above. What about paying for incoming calls/messages? Another thing often forgotten in price-comparisions US-Europe, is the base fee, charged every month. It's usually much higher in the US.

3) Coverage is good. I have no problem making a call no matter where I go (my provider is VZW).

I had a very different experience in the US. And judging from the other comments I'm not the only one...

4) KISS. Keep It Simple, Stupid. I don't want SMS on my phone. Don't want spinning 3-d wingdings. Don't want to read my email from the phone.

So, what? I want all that stuff. I use SMS, I get my email to the phone and I actually use WAP (over GPRS). And most of the people I know do so, too. And now?

If I want to read my email wirelessly, then build me an 802.11b network everywhere. Don't make me do it from a phone!!

Yes, I'm dreaming of stuffing my laptop in my pockets, too... Show me the technology, that puts 802.11b-receivers in cell phones without running out of battery too fast. Then show me how to deploy it for nationwide coverage. And finally show me how to make it scale to the user numbers of cell-phone systems.

Summary: Just because you think phone-messaging is stupid doesn't mean, everybody feels that way. And judging from the user numbers in europe and especially asia, a lot of people do seem to like SMS...

Re:SMS is useless

[Dark+Legend]

yeah, most of my calls are a quick 30 second affair ie, 'I'm on my way home now' or 'I'll be a bit late' etc, I reserve the big talking for my free minutes. That's exactly why I love SMS, no need to interrupt someone to get them to the phone, just txt them and they can read it when they like and it doesn't demand an immediate response..

What's new?

Only an american can claim not to have created custom SMS messages and crashed phones with them.
I and many of my friends have accidentally created such SMS messages while debugging SMS gateway products. It doesn't even require real attempt to do so.

At least Nokia, Ericsson, Motorola and Siemens models crash easily, and even two latter of those are jokes anyway. Some crash badly enough to require service repair.

amen

[GaylordFucker]

Hemos is an anti-US communist, who preaches about how is home country, Amsterdam, is the greatest country in the world... figures... his country is full of pot smoking hippies like him

I can see it now...

[A_Non_Moose]

"This phone has performed an illegal operation and will be shut down...if the problem persists, please call the vendor"....

Hahahahahaha...{sniff}....hehehe.

What is with the Grey screen of death comment being modded as overrated?
Geez, you'd think you would have to be rated first.

Maybe that should be submitted as a bug?
You can't fix the moderators who do that kind of stuff (maybe spayed or neutered) but can you fix the system?

Oh, well, don't worry, be happy..la la laaa

Yes, bugs, virus, scams and spam going into mobile

[clarkie.mg]

I have already discovered a bug in the old and rather basic nokia 3210 [see below]. I can't imagine how many of these there will be in a more complex phone like the nokia 7650. A sms worm anyone ?

I think some bugs are inevitable but I hope the developers will pay more attention to the the sofware they design than Bill Gates did in the early PC years - and even in the not early years ! And those new combined phone/pockeptPC will be fun to hack I bet.

But I don't think the users are ready to accept too many bugs in a mobile phone/pda like they did with the windows OS.

Responsability is not only on the shoulders of developers. A friend of mine crashed his visor and lost all the data he had difficultly typed in. He had no backup ! So there will be a lot of work to make the users more aware of security concerns about the digital tools.

I hope the laws will also be appropriate to this new digital era. No way am I gonna tolerate sms spam !

The nokia 3210 bug :
When you type a message, then want to send it but go back to the typing screen before entering the phone number of the recipient, the T9 completion system is messed up : if you want to change a word, it doesn't use the one you have selected.

props to great trollz skillz

[neal+n+bob]

This is brilliant!!! Looks at the amount of karma wasted!!

Why gee, that's a surprise ... (Score:4, Troll)

by Rosco P. Coltrane on Wednesday November 28,

@04:31AM (#2623711)

(User #209368 Info)

"... but RMS has not been elected"

RMS has acted as a intolerant stubborn donkey for so long with regard to software that he isn't taken seriously anymore. Even the FSF are getting really tired of him now.

Don't get me wrong, his strong opinions *were* the right attitude when free software was something of a novelty, when the business world was taking the few free software people for lunatics. But that was years ago. Now the world at large at least takes free software seriously, and Stallman has become as useful as a fire hydrant in the middle of a bike trail.

"A door is what a dog is perpetually on the wrong side of" - Ogden Nash

[ Reply to This | Parent ]

Moderation Totals: Flamebait=2, Troll=2, Redundant=1, Insightful=1, Interesting=1, Funny=3, Underrated=2, Total=12.

how lame

[Jaeger-]

how lame is this:
Once the message is received it is impossible to turn on an infected phone again.

what kind of design went into this product? is there no way to force a hard-reboot of the phone or something similar, to reset it? what about detaching the battery briefly, etc??

it would really suck to have this happen while on a business trip or something and have to run by the nearest Nokia store to exchange your phone for another, or have it unfrozen or whatnot. and i'm sure Nokia would just exchange/fix the phone for free (not)... they'd probably require that you mail it in to them and wait 4-6 weeks to get it back, finally fixed.

--w

Re:how lame

[Gerein]

Have you read the article?

In GSM phones SMS are stored on the SIM-card. Remove the card and your phone works again. Use another phone to delete the message from the card.

Inconvenient, but not impossible.

Re:how lame

Ooohh, I get to buy 2 phones!!!

This Rocks!!!

Where do I sign up!!!!!!

It's times like this ...

[halftrack]

... that makes me happy I don't own one of those fancy new cellular phones.

Expensive

[Shook]

I wonder why it is so expensive. I have an SMS phone with VoiceStream. I get 500 messages for $5 a month (a penny a message for the math impaired), and no daily limit. I receive weather report and news headlines every day (6 messages daily), and use the AIM-to-SMS gateway all the time. 3 a day would suck.

BOYCOTT NOKIA

Those farking bastards! Who do they think they are, making Nokia phones so buggy! Why do they have to include Web access that no one wants/uses anyway?? I'll never use a Nokia phone again! Please, fellow Slashdotters, I urge you to boycott Nokia!

There are lots of DoS attacks against phones

[Tim+Ward]

This one just needs a standard phone, but it's even easier to find DoS attacks against WAP phones.

Interestingly enough I have found the Microsoft browser to be less prone to crash than all the others I've tried. (But no, I still don't know why anyone would want a web browser on a (2G) cellphone.)

smart... but...

[GaylordFucker]

802.11b itself is an insecure protocal... a four year old could crack WEP... your best bet is to buy a shack in Idaho and live there... btw, moderator fascists... mod parent comment up

Ha, make fun of my free w/plan phone now...

[Tenebrious1]

Yep, my phone came free with my service. Didn't pay a dime. No, it doesn't play Fur Elise or the William Tell Overature, no it doesn't have calendering, no it doesn't have games, no it isn't internet ready, no doesn't do text messaging, and no, it doesn't crash.

And they want my car to communicate this way?

GM and others are looking into intelligent cars. Currently a kid might drop rocks on your car from an overpass, soon they'll just sit at home and hack away until they see all the traffic stop.

Tut tut...

[Nevrar]

Bring back the old tin cans connected by string I say...

I once crashed my friend's Alcatel One Touch Easy by flooding his phone from mtnsms.com...

Re:Tut tut...

I once crashed a friend's cell phone by flooding it... WITH 10 MILLION GALLONS OF WATER. Many people were killed in the process, but I still thought it was funny.

SMS is NOT useless

[clarkie.mg]

You do not seem to realize the success that sms has in Europe. If we follow you, why send an email when you can call the person on a phone ? Ridiculous. I am not an avid sms user but I see it can be useful in many situations :

- If you cannot talk or do not want to talk, in a lecture for example, you can still type.

- If you want to send a phone number or a complex address, it is easier for the receiver to read it than to have to write it when you talk.

- You can reuse the same message as many times as you want.

- You can type a message and send it later.

- If the network is poor and audio not working, sms still works. (I only use sms with why brother, the antenna of his phone is broken). It even saved a man's life in England.

- With sms, you can see the number of the sender and ignore it.

- you can receive personal news and services that way.

- you can have your email forwarded etc.

- etc.

Finally if you find a place where 802.11b works everywhere with phones as cheap as current ones, I will go live there !

bad moderating

[3am]

how is this a troll? please, if you can't mod well, then just mod up...

Canada and SMS

[Warin]

I work for at a dealer for a national cell carrier here in Canada (Telus). We use CDMA. All of our digital phones have had the capacity for two way text messages for well over a year. The network just hasnt implemented it. One way (PC to Phone) SMS has worked fine for almost two years.

I pay 15 dollars per month for web access, but it is UNLIMITED usage and I can use AIM for chatting to all my friends that I con into installing AIM so I am not so bored on the transit ride home. It's great. I just wish Nokia had a plug in keyboard for my 6185.

Bell Canada, Telus, and Rogers-AT&T have actually recently made an agreement to allow full two way text messaging across their networks. So..Canada at least isnt 8 years behind.

Re:Canada and SMS

Remember, Canada is not the United States. That is, of course contrary to popular belief.

Re:Canada and SMS

Here in norway, most major carriers offer web-phone SMS for free. I use NetCom, and can send 25 SMS msgs for free pr. day, without having to pay extra.

This is new?

[FLaMeBoY]

Is this new? I have seen this happen a lot, and not just with nokia. The special characters from phillip's phones can crash quite a few phones. Alcatel seem to be one of the worst for crashing. Some phones seem to be fine, but an't delete the message from the sms through to the phone not working till the message is deleted from the sms on another phone.

Crashing my 7110

[Bender+Unit+22]

My 7110 is easy to lock up. I got it just after it was released so maybe is should get a software update for it..

1) Connecting to any wap service.
Same bug always, requires removal of the battery. After that it works fine. It always happens the first time I try to connect it when I haven't used it in a while(only uses it to show to people why it suck)

2) Using the IR connector, requires reboot to make it work again.
Using the phone to dial up to the company ppp pool. It drops the connection after 5 minutes. Yes, I know it is slow but when staying in a boring hotel room in a boring city, slashdot at 9600 baud(i'd say it performs like 2300) ain't that bad.
Also trying to sync my palm using the IR requires a reboot the next time I want to use it.

3) Impossible to talk for a long time while driving, even using the handsfree kit with external antenna. When it have to switch bands while talking, always drops the connection. But I guess that is the phonecompany's fault.

CDPD

[Fencepost]

Don't expect CDPD to last all that much longer - at the very least its lifespan will end when analog cellular service (AMPS) does. It's also relatively expensive and slow (max 19.2Kbps) compared to what's going to be coming down the pike.

It is fairly widely available in urban areas.

Interface-wise most CDPD adapters seem to act as network cards; IBM at least also made a CDPD modem that actually had a modem interface, but it was fairly large.

Yes, I can

[roystgnr]

You can't use a Sprint phone on the Verizon network can you?

Yes, if I'm willing to pay the ridiculous roaming fees. And don't even get me started on the "additional minutes" fees.

My Sprint plan costs $40 for the first 2500 minutes, and $1000 for the next 2500. No, that third 0 is not a typo.

Oh, and did I mention that when you check how many minutes you've used, everything except your final bill is just an "estimate", and probably an underestimate designed to lure you into a $6, 15 minute phone call when you don't realize you've gone over? Bastards.

Okay, I'm done ranting now.

Not True (was Re:Behind WHICH curve?)

[nbvb]

Yes, you *can* use a Sprint phone on the VZW network (sort of). The difference is this:

CDMA (as Bell Atlantic Mobile implemented it) runs on 800mhz.

PCS (As Sprint & other parts of the now-VZW implemented it) runs on 1900mhz.

The new VZW phones that are "Tri-Mode" run on Analog, CDMA/800 and CDMA/1900. It's the same stuff, just a different frequency.

So yes, they're interoperable (sort of!) If there's no PCS service in your area, you're screwed trying to use a Sprint phone in a VZW area. A VZW area in a non-PCS area, however, tries CDMA/800. If that doesn't work, then it drops down to analog. There's almost _always_ analog service (in fact, I've never been completely without service anywhere in the US!)

--NBVB

normally I don't react like this...

[sluggie]

2001-11-29 15:40:51 simple SMS kills cell phones (articles,security) (rejected)

sorry, I know that someone is going to mod me down for this... BUT THAT IS NOT FAIR!!!

If someone with the same expierence reads this please reply or tell me about your unfair rejection by email me(at)sluggie.org.

Thanks!
sluggie out.

Re:normally I don't react like this...

[freaker_TuC]

I have submit stories before that have been rejected and which where submitted a few days later and accepted ...

Actually the system at Kuroshin where users can vote for the submission or rejection of a story is very neat; maybe it could be usefull for Slashdot?

I guess it now depends on one man's mood and temper whenever a story gets taken or rejected.

Re:normally I don't react like this...

[jonesvery]

Yeah, happened to me a couple of times, too...sucks and all, but the FAQ explanation makes a great deal of sense. Bunch of different people reading different groupings of submissions at different times, in different moods, under different circumstances:

A lot of times, we don't use a particular story on a particular day, but at some later point, someone else submits it, and it ends up getting used. We have 4 to 6 guys working together to post things on Slashdot. What one of us finds stupid, the others might find interesting. Or it just might be the rest of the stuff that's going on that day. There are a variety of factors: the personality of the post, the quality of the submission, or even the quantity of stories already posted when your submission entered the queue.

But take heart -- you can always whore for (+1, informative) even if they reject your submissions... :)

Re:normally I don't react like this...

Maybe there should be a site/section with all the rejected articles...

So now we can use the DMCA!

That guy has disclosed a circunvention device to break one of our "top secret" products. Let's create a RIAA (based on phone companies) and bring the guy to court!

Maybe he will face up to 25 years!

But, hey! wait...

Soon all the devices will have the enforced SSSCA so no need for that. The big companies will control every single piece of hardware and using the DMCA it will be ilegal to try to hack it... so ... WE GOT YOU!

Start praying.

NokiaMan

CDCP in vancouver

[Gatekeapr]

hmm im pretty sure thats what the local 911 service uses to connect all police and emergency vehicles to their whole network..

A far more important catalyst

[seizer]

London status symbols undoubtably contributed to the popularity of mobile phones (that's what we call 'em ;-) but far more important is the pricing model used in the UK (and throughout most of Europe, I imagine).

We use "callING party pays", and the US uses "callED party pays".

So we don't ever pay for incoming calls (unless we go to another country) because the person calling you takes the cost hit (we have different number ranges to distinguish landlines from mobiles from porn from freephone, etc).

This encourages uptake because for the user, the initial cost to run is very little - that's the incentive to buy.

Once you have the phone, mind you, they run rings around you with all sorts of odd pricing - I, for example, can call the USA and Australia for the same price as a UK landline. In the evening, this costs me 3 cents, in the daytime, 50. Madness :-)

Been there, done that...

A year back, I wrote a piece of software (in Perl, no less!) to proxy all access to their SMSC and only let the SMS:s in GSM03.38 standard format pass through (and do some accounting and billing while at it).

It was so fucking easy. They had this piece of shit Windows executable doing roughtly the same job before, for which they had no source and which crashed at least twice a night, forcing someone to hold it by its hand. (Meanwhile blocking a lot of the operators' SMS traffic.)

Writing the fucking Perl program took me all of three days or so and cost the client about one quarter of what they had paid for the POS Windows executable. I provided the client with the whole source code tree and they are AFAIK using the darn thing to this very day. Interpreting the friggin' billing codes was probably the most difficult part.

Ain't I great? ;)

Re:Been there, done that...

Ah, wonderful.

I must have really hit the sweet spot to have gotten moderated -1 Offtopic on slashdot!

6210!?

God damn, I just got a 6210 and I thought it was so cool.

Here's how I want to hack Cellphones....

[TheOnlyCoolTim]

1.) A message that will delete all the ringtones in the phone's memory except for a simple, inoffensive beep tone. The cell phone OS is modified so it will vulgarly insult them whenever they try to get the latest Britney Spears tune to play on their cell phone.

2.) A message that will simply explode all those phones that people use to talk like a bastardized two way radio with the annoying beep every time someone stops talking.

3.) A message that causes the cellphone to emit sterilizing radiation at an especially idiotic user's genital regions. Helping Darwin along...

Number 3 is, sadly, only a dream. Number 1 is almost definitely impossible, especially when you only have about 120 characters in the SMS message. Number 2 might be possible, just target the specific models of phones that support this "feature". Get to work, l33t |-|@xx0rs.

(Although I do own a cellphone, I use it less in a month than half the other cellphone owners use it in a day. The ringtone it is set to is a simple unannoying beep. Usually it is off anyway so that no one can call me.)

Tim

Just when I was about to give in and go wireless

[Rivin]

something like this has to happen. Anyone know if Nokia 8260's are vulnerable, and if it's possible to turn SMS off?

Not just SMS, but regular Nokias, too....

[AtariDatacenter]

My Nokia 5165 (like many other cell phones) has the ability for you to upload new ring tones and other delightful things to it. First, I was playing around with a few web sites that existed. Then I got ahold of the logic and created my own.

In my case, all I had to do was to send an email to mytelephonenumber@mobile.att.net, and it would be processed by the phone. (Great way to act as a pager, too.)

In my experiment with music ring tones, I found that it was quite easy to accidently craft a message (in my case, a new ring tone) that is malformed. And it actually hung my cell phone up.

I probably should have published this as a cool DOS attack, but then again, I really didn't know WHERE to public cell phone DOS attacks, much less what could be done to counter it, so I kept it to myself.

Play around enough, though, and you'll find your own special email you can send to a cell phone that'll lock it tight.

Re:Not just SMS, but regular Nokias, too....

[GigsVT]

Send it to bugtraq. No one ever said that bugtraq was only for PC type software.

He he, what can't you do with no-keeya phones?

He he,

OLD article man. You mean you guys didn't notice the nokia 7110?

Shit man, bad draw. My no-keeya 7110 has been a faithful servant for more than a year now, via Orange UK (gt, n.work btw).

Radar gun detector, bug detector, free wap and sms (inc script transfer) (rummages in cupboard) via my paknet radio pad and a little change to the software scanner in my no-keeya 7110.

Wow, this phone is way ahead of its time, fully 'sortable' and operates with my paknet relays. Fuck you BT and Orange.

Thanks to all the cellular networks, that pass there subscribers details via short hop paknet!

Paknets available, my_little_dog_knows@yahoo.com good prices!

what price for paknet rp5, 2 x NTP and stubby indoor mast?

Why Europe and Asia have moved faster in wireless

European and Asian countries for years have suffered under government run landline telephone companies. The government is inept at anything it tries to do, so you can imagine how long it took to get a landline installed. Wireless has allowed people to decrease their dependence on their government run and controlled wired
telephone network. The U.S. certainly has a lot of government regulation in regards to the wired telephone network, but no where near as bad as Europe or Asia. The technical quality of our landline network is excellent. Demand for wireless is therefore less.

Running up the bill

I suppose it's possible, but not a trivial task since commercial GPRS implementations have them sitting behind a NAT box anyways...

Re:SMS is NOT useless

[JimBobJoe]

As an incidental point, perhaps one already mentioned, SMS is, after all, serendipity. It was included in the GSM protocol, as I recall, as a way of sending messages to the phone for configuration purposes from the network carrier. It caught the cell phone industries completely by surprise that SMS had uses for the cell phone public. CDMA/TDMA didn't need SMS because, funny enough, they had more sophisticated configuration protocols.

So it irkes me when people say behind the curve. :-)

Re:GPRS

[yem]

As far as targetting a specific phone using IP data its a little tricky because (at least in NZ) theyphones sit behind a masquarading gateway so they all carry the same IP for WAP purposes. If you got them to connect to your webserver you couldn't stream too much data before you hit the phones pitiful storage limit (just a few kb).

The masq thing is annoying for tracking web stats because its much harder to determine the number of unique visits when they all come from a single IP.

And the time when

[fractaltiger]

Virii were programmed in Assembly, and distributed thru real media like 5 1/4 floppies :)

Re:SMS is NOT useless

Yup. And the funny thing is that this thing was created "accidentally" and now it's a big business. People are trying to recreate the success of SMS artificially with various technologies, services and such. I say they are doomed to fail.

If you want a new killer app to your cell phone, let's have a phone with Java or something and an open network API. That way you don't have to implement instant messaging or anything in hardware, just let the user community do it :-)

Listen, kiddo...

My previous article got moderated -1 offtopic but this pos gets 3?

The world ain't fair.

Listen, kiddo. This is _extremely_ old news for anyone who's ever hacked and slashed through Nokia phones.

These vulnerabilities were reported widely, by little me with the others, when the 7110's came out.

It appears that Nokia didn't implement any kinds of sanity checkers om their SIM memory readers. Then again, they are not exactly known for the quality of their software...

:P

Stop being a pedant.

Everyone knows what he means.

It is old news

[johnpc]

This is old news. Job showed the very same bug at HAL2001, on his "SMS security" session on friday 10th 2001, 16:00.

Just goes to show that TheRegister apparently missed a great hacker conference ;)

That's right

Of course, when you live in the US, where your wireless services are about eight years behind the curve, this is less of an issue. *grin*

Yeah, and with slower and more expensive internet connections you have less spammers and email viruses.

SMS phones

[blibbleblobble]

Does not the DMCA make it illegal for this researcher to tell Nokia about the fault in their phone, meaning that this bug cannot legally be fixed?

NZ is behind the times too...

The state of the cellphone network in NZ is a good example of how silly companies isolated on a tiny couple of islands can fsck up a good thing... Why can't the cellphone companies play nicely with each other like in Europe.

nokia 5110 bug

older nokia 5110s (probably all its sisters, 5160 etc too) had a bug that caused them to crash - send them an sms-message with 160 '.'-characters. freezes the phone.

SMS can save lives

[m0rphin3]

This articleshows how SMS can be useful in emergencies, places with bad coverage,etc.

I'm still here!

thank you cox ....

This isn't as easy as you think

What is this nonsense? Sending in a bad header into an SS7 network is not anywhere near simple. We do SS7 programming over here and to send an SMS message, you need to have physical access into the SS7 network.

So yes - assuming you have SS7 hardware, a physical connection to the SS7 network and you know how to form the wire level packets - you can do this. This is _not_ security through obscurity. The SS7 protocol is public domain - you can find it on your computer book shop's shelves. This is a bug - plain and simple on the Nokia phones, but it is exteremely low risk.

Somebody please mod this up so that people aren't acting completely stupid.

Packet filtering would solve the problem

[llauren]

There is a simple solution for this: a packet filtering modue at the operator's SMS software. And since Nokia wouldn't like their mobile phones to crash, they will of cource gladly supply such a patch, right :)

Since you can't update every single terminal (ie phone), you would have to filter out the bad messages at the operator. And why not. After all, that's the logical place.

It's just like bad packets get filtered out at the filewall/switch and not at the workstation.

• ~llaurén