Popular Smartphones Hacked At Mobile Pwn2Own 2014

wiredmikey writes Researchers have hacked several popular smartphones during the Mobile Pwn2Own 2014 competition that took place alongside the PacSec Applied Security Conference in Tokyo this week. The competition, organized by HP's Zero Day Initiative (ZDI) targeted the Amazon Fire Phone, iPhone 5s, iPad Mini, BlackBerry Z30, Google Nexus 5 and Nexus 7, Nokia Lumia 1520, and Samsung Galaxy S5. Using various attacks, some Mobile Pwn2Own 2014 Pwnage included: Apple's iPhone 5s (hacked via the Safari Web browser, achieving a full sandbox escape); Samsung's Galaxy S5 (hacked multiple times using near-field communications attacks); Amazon's Fire Phone (Web browser exploited); Windows Phone (partial hacks using a browser attack), andthe Nexus 5 (a Wi-Fi attack, which failed to elevate privileges). All the exploits were disclosed privately to the affected companies. HP promised to reveal details in the upcoming weeks.

BlackBerry

So did they not hack the Z30, or did they not try?

Re:Physical Access = Game Over

[NotInHere]

While its true that there is no way to prevent breaking in with physical access (even the "secure element" (an integrated sim card) can be hacked with proper technology), I can't see any attack in TFS that required physical access. A smartphone should be protected against a malicious wifi hotspot or NFC terminal, and I wouldn't regard communications with those as "physical access".