Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researcher Wows Black Hat With NFC-based Smartphone Hacking Demo

Posted by samzenpus on from the unsafe-at-any-speed dept.

alphadogg writes "At the Black Hat Conference in Las Vegas Wednesday, Accuvant Labs researcher Charlie Miller showed how he figured out a way to break into both the Google/Samsung Nexus S and Nokia N9 by means of the Near Field Communication (NFC) capability in the smartphones. NFC is still new but it's starting to become adopted for use in smartphone-based purchasing in particular. The experimentation that Miller did, which he demonstrated at the event, showed it's possible to set up NFC-based radio communication to share content with the smartphones to play tricks, such as writing an exploit to crash phones and even in certain circumstances read files on the phone and more."

3 of 95 comments (clear)

  1. Re:Hmm by Emetophobe · · Score: 5, Informative

    You can disable NFC in the android settings.

    System Settings -> More... -> NFC (uncheck it).

  2. Re:Fact? Who needs em. by iluvcapra · · Score: 5, Informative

    Here are some videos. He represents the phones as unmodified, though running an old version.

    The distance isn't so much of an issue because he was able to use an NFC tag, not a transmitter, not an active device of any kind, but a mere tag to cause the phone to switch on its bluetooth radio and give him a sudoer's command line over the BT radio. An attacker could hide an NFC tag in a table or at waist level in a public place, or in a tag that's disguised to be legitimate, where people are liable to stand for more than 10 seconds: the tag cracks the phone open, and then someone with a laptop within BT distance conducts a brief session to grab what they can, or install a rootkit.

    --
    Don't blame me, I voted for Baltar.
  3. Re:Hmm by SomePgmr · · Score: 4, Informative

    Well, that's an important bit of info I didn't see in the article.

    And I suppose it's worth reminding everyone that this is NFC. Your phone would have to be in near-contact with the exploiting hardware. Not impossible I suppose, given that skimming happens with traditional payment cards.

    I didn't understand the two word description of the problem with Android, so I looked up that Ars article you mentioned...

    The Nexus Sâ"when running the Gingerbread (2.3), by far the most dominant Android installationâ"contains multiple memory-corruption bugs. They allow Millerâ"using nothing more than a specially designed tagâ"to take control of the application "daemon" that controls NFC functions. With additional work, he said the tag could be modified to execute malicious code on the device. Some, but possibly not all of those bugs were fixed in the Ice Cream Sandwich (4.0) version of Android, so the attacks may also work against that release and Jelly Bean (4.1) as well.

    Ah. So upgrade your phone.

    http://arstechnica.com/security/2012/07/android-nokia-smartphone-hack/