Israeli Firm Creates a Device That Can Hack Any Nearby Phone

An anonymous reader writes: Israeli startup Rayzone created a device that can hack any smartphone that has its WiFi connection open. The device can steal passwords, files, contact lists, photos, and various others. Called InterApp, the device is dumb-proof (comes with a shiny admin panel), works on hundreds of devices at the same time, and leaves no forensics traces behind after the hack. The company says it will only sell it to law enforcement agencies.

Colour me suspicious

[sandbagger]

Given the way panicked elected officials think, and the fact that kids of people attracted to life in uniform are of exactly the opposite mindset needed to go into computer science, I'm guessing this is an overblown and over promoted 'grabs text transmitted in the clear' thing that's not designed to do much other than pick the pockets of taxpayers.

Re:Colour me suspicious

It's more like load Nessus onto a portable device, create an open wifi network, and then scan and exploit any phone dumb enough to connect. So, tell your phone not to connect to unknown networks, or networks without a shared secret.

Re: Colour me suspicious

[shmlco]

It says it works on a "variety" of platforms, but doesn't list any by name in the release nor on their web site.

Re: Colour me suspicious

[guruevi]

There's a reason it doesn't work that way. Wifi does support AP hopping (it will pick different APs depending on signal strength) as long as they have the same ssid and are on the same network. That's why your connection continues working even though it switches from 80211n to 80211g (which is technically a different AP) as you go out of range of the former.

Re: Colour me suspicious

[Proudrooster]

Read the ad carefully and look at the screen shot. It works on older versions of IOS and Androids. It exploits the cloud push notification system.

Re: Colour me suspicious

[harlequinn]

It only works on phones that meet the specified criteria:

"smartphones that have their WiFi connection open, and then, employing a diverse arsenal of security vulnerabilities, gain root permission on devices"

I.e. they must have an open wifi connection and they must have an unpatched security vulnerability.

This automatically excludes millions of older phones of various brands that don't have wifi, any phone with wifi disabled, and any phone with encrypted wifi.

And if the phone is fully patched for known exploits, they need a zero day attack.

Re: Colour me suspicious

[dbIII]

So my N900 is safe since it has a real linux and built with security in mind (and is too big, heavy and ugly for physical theft to be considered).

Re: Colour me suspicious

[davester666]

So, you are saying that you are unemployed? Or only use a phone that you've stolen? Or your salary is very unstable month to month so you can't afford a monthly carrier bill?

Because carriers have offered iPhones for as little as $0 with a contract. And then there is getting a used iPhone from someone upgrading to the latest one.

Re: Colour me suspicious

[davester666]

Right. More likely, nobody has spent any effort in trying to hack it because there are only a couple hundred being used now around the world. And none of them are doing anything but living in the past.

Re: Colour me suspicious

[dbIII]

If there was something new with the same features it would be a case of living in the past. Sadly not - there are a whole lot of phones that have to be "jailbroken" instead of ones like the N900 where you get full control out of the box - and that's without even considering the keyboard etc.

Re: Colour me suspicious

[dank101]

So... it's basically useless on any flickphone. Wow, how dangerous, all I need to do is turn my phone off.

Re:Colour me suspicious

[dcw3]

Blah, blah, blah....and the fact that kids of people attracted to life in uniform are of exactly the opposite mindset needed to go into computer science...

Really? Where in fantasyland did you come up with that bullshit?

Re: Colour me suspicious

[The-Ixian]

I am sure it comes down to priorities.

I completely get it. I *could* spend $500 on an iPhone or I could spend $50 on a Windows phone that is just as fast.

I will never do the "contract" thing again, it is just a waste of money. $40 / month pre-paid with unlimited data and text seems a lot more reasonable than $80 / month for basically the same thing under contract. Where does the extra $40 / month go? Paying off the iPhone... which you will have paid almost $1000 for by the end of the 2 year contract.

I highly doubt it.

The chances that it can get into ANY phone from the Wi-FI connection is virtually nil. Anyone with an ounce of tech knowledge should be highly suspect of everything they're claiming the device does.

Re:I highly doubt it.

I don't think so. All you need is a list of 0-day exploits and keep it up to date. There are several competitors who already offer the same service, though usually not on the basis of a single device. FinFisher, for example.

Re:I highly doubt it.

[Earthquake+Retrofit]

But, but... I've been seeing Reese and Root force pairing phones for years now. Nothing new to see here.

Re:I highly doubt it.

[Noah+Haders]

I'm trying to figure out how this works and what the threat level is. does it just lurk in the background and record any traffic going back and forth? or does it infiltrate the phone and extract things? The latter is obviously much more scary.

here's a list of what the device purports to capture (FTFA):

InterApp system extracts the following information from the targets smartphone:
User email address, password and content
Twitter, Facebook and other social media passwords and information
Dropbox passwords & content
Previous locations on map
MSISDN and IMEI identities
MAC address, device model, operating system Contact list of the target
Photos
Targets personal info: gender, age, address, education, etc.

Re:I highly doubt it.

[mikael]

If you disabled the TCP/IP stack, it would be rather hard to connect to through the network. But what about that remote shutdown feature that Sandy Bridge processors have.

http://www.techspot.com/news/4...

Re:I highly doubt it.

[currently_awake]

There are only a handful of companies making phone chip sets. It would be easy for the NSA to pay off enough people to install backdoor hardware in the designs, to allow remote access. Such access would bypass the phone software completely, and be very hard to detect. The payoff to cost ratio (ROI) is so high we should assume it's already happened.

Re:I highly doubt it.

[jon3k]

If the NSA wanted something from you then they'd just put a bag over your head and hit you with a pipe wrench until you told them what the want. The only difference is you live a life of inconvenience under the guise of security.

Re:I highly doubt it.

I don't think so. All you need is a list of 0-day exploits and keep it up to date. There are several competitors who already offer the same service, though usually not on the basis of a single device. FinFisher, for example.

FinFisher has to be installed, and they pretty much use the same methods as other malware to do so. Keeping an up to date list of 0 day exploits for the various current phone OSs, along with the different hardware would be difficult at best. The fact that some of what they claim to be able to get isn't even necessarily on the phone.

Really if you look at what they're doing, it's basically just setting a wi-fi connection and stealing what info they can from the traffic over that. In otherwords, super overblown hype for nothing that's really far below their claims in ability.

Hey, guess what? Don't connect to unknown, unsecured Wi-fi networks that could slurp up your traffic.

Re:I highly doubt it.

That's sounds like bullshit to me. FinFisher does not need to be installed (unless you the the base station software for the operators), they have offered working exploits / deployment solutions for any target architecture for years. Source: Their own advertisements.

And there are many other companies who offer 0-day exploits. The only "though" target nowadays may be iOS, but even that is broken customarily.

Re:I highly doubt it.

[Galactic+Dominator]

Oh boy, that's hilarious. You really got them good there.

Non-smartphone not vulnerable to smartphone attack.
News at 11.

Not that I believe the claims of this company to begin with though. Probably like the ADE 651.

Re: I highly doubt it.

[UttBuggly]

Indeed, that was my first thought...they do this on Person Of Interest!

Maybe the Israelis are big fans or this is life imitating art once more.

Re: I highly doubt it.

No, that's the CIA's methodology. The NSA is full of introverts who don't like pipe wrenches because they're heavy.

Re:I highly doubt it.

Any govt agency could beat you with a wrench to get what they want. This is TARGETED at a specific person and requires time, money, and resources. If the government wants you, the TARGETED person, there is very little you can do about it. They have had this capability before the USA existed.

In the past several decades governments have done BULK surveillance, collecting massive amounts of data on everyone and spend very money little doing so. Bulk surveillance reduces the peoples' confidence in the government and is very bad for our country. It is unacceptable and, in my opinion, treason.

Thankfully there are many things anyone can do to reduce bulk capturing of their electronic footprint, mainly by leaving less of a footprint. Power off your cellphone and remove the battery when not in use. Use cash for everyday purchases. Stop using electronic billing and go back to paper bills. Your "papers" are specifically protected in the USA constitution, your e-mail is not. E-mails older than 6-months don't even require a warrant. The government could request my account information and e-mail from a provider, but then they would be TARGETING me, and I'm not too worried about TARGETED surveillance. That said, there is nothing wrong with making TARGETED surveillance tougher, but that is not my goal. Giving up my cellphone was the toughest, after a while it gets easier. If you *must* be contactable at times get a nice one-way pager, keep a cellphone in the car with the battery removed. There is no one-size-fits-all for personal privacy, each person needs to figure out how much inconvenience you are willing to put up. I'm willing to accept a lot of inconvenience.

Re:I highly doubt it.

[swillden]

There are only a handful of companies making phone chip sets. It would be easy for the NSA to pay off enough people to install backdoor hardware in the designs, to allow remote access. Such access would bypass the phone software completely, and be very hard to detect.

Thinking about this in the context of Android (since that's what I know -- though I don't know as much as I should about the radio subsystems), it is conceivable that there are back doors in the radio (Wifi and cellular; they're different, and separate) chipset firmware. The radio chipsets don't have any access to device storage, though, so without some additional steps this could only be used to get data flowing through the relevant radio. Exfiltrating the data obtained would presumably have to be done via the same radio. In the case of Wifi this would be pretty easy to detect by anyone monitoring Wifi transmissions, or examining the data flowing through the Wifi router. If the data were encrypted it might not be possible to tell what the unexplained data was, but its presence and destination could easily be observed.

If the drivers that talk to the radio firmware modules are also backdoored, then the drivers could be used to take control of the Linux kernel, and thereby take control of the entire Android system. Stuff protected by the Trusted Execution Environment (TEE) wouldn't be affected, but TEE software also comes from a small set of vendors, and most comes in binary form only. The exception is Google's "Trusty" OS, which open source, but is used (thus far) only on the Nexus 9 [1]. So if the NSA could get backdoors into the radio firmware, it could probably get them into the TEEs as well. Except on Nexus 9.

However, assuming such firmware backdoors exist, it seems like they would be closely guarded secrets of the agencies that arranged for them to be installed, not something they'd share with some Israeli company, and absolutely not something they'd want embedded in a commercial product where it could discovered easily, just by watching what it transmits.

For that matter, I'm skeptical that such back doors exist. Many people have reverse engineered the common baseband and Wifi chipset firmware modules, and no such backdoors have been found, which means that if they're there, they're pretty well-concealed. If anything, I'd bet that rather than full-blown back doors, there are merely subtle security vulnerabilities which can be exploited and then chained with other exploits to pwn the device. Again, though, I'm skeptical that this one Israeli company has such powerful knowledge and extremely skeptical that they'd put it in a commercial product where knowledge of it could be easily discovered.

Re:I highly doubt it.

[swillden]

Oops, sorry about the extraneous footnote marker, the "[1]". I had added it intending to mention something about the Pixel C that isn't really relevant, but is kind of cool, but then decided not to bother, because it's not really relevant. The irrelevant but cool thing I was going to add was that the Pixel C is the only device I'm aware of that allows the user to install their own TEE software.

Re:I highly doubt it.

[cfalcon]

Remember there is risk here too. I don't trust hardware much- and hardware encryption seems almost guaranteed to be broken- but there is some possible recourse to detect at least many of the ways a chip would be compromised- and would a company be able to bounce back from that?

Re:I highly doubt it.

[mlts]

There are ways to improve the security of Windows. EMET comes to mind, which is a useful tool for catching 0-days. Not perfect (as it was bypassed), but a decent jump in security.

As for making a Wi-Fi connection, I do know on Android and iOS, you can have it not search for Wi-Fi access points unless you explicitly bring that up. You can also use an always-on VPN which won't let traffic through until the VPN tunnel is up and operable.

I always use a VPN, especially after things like Verizon's UIDH. Plus, a VPN gives me a known IP address range, so I can have services that are at home (like SSH, IMAPS, etc.) only be allowed to connect to that range of IPs, and ignore everything else.

For other attacks, on Android, since one has control of the netfilter/iptables of the device (assuming rooted), one can easily modify what goes in/out either directly, or via an app. This is effective in not just blocking incoming attacks, but keeping apps that shouldn't be phoning home from doing so. It also is a last resort save from apps that have more "functionality" than they are supposed to.

Re:I highly doubt it.

The baseband CPU has full memory access on most modern cell-phone SOCs.

Re:I highly doubt it.

[Pentium100]

They wouldn't even need the pipe wrench. However, they would need to send someone to ask me those questions or have someone track me etc. This requires manpower and resources instead of just having data mining algorithms run on facebook posts etc and only having a person to look at the data if the algorithm finds something interesting.

If you want to track me, you can, there isn't much I can do about it. However, I can make it more expensive for you to do it.

Re:I highly doubt it.

[swillden]

The baseband CPU has full memory access on most modern cell-phone SOCs.

Really? Though I don't know that much about that area, that surprising to me. It would require the baseband CPU to have access to the MMU, and the MMU to have some means of coordinating requests from multiple sources. That seems like a lot of complexity for relatively little gain.

I'm not saying you're wrong, just that it's not obvious why it would be architected that way, which makes me skeptical.

Re:I highly doubt it.

[dsmatthews9379]

Unless there is some common flaw in an area such as the firmware of the MCU that is attached to the WiFi radio and that can be exploited to open a back door by mimicking user actions to "open up" the phone. If that is the case the security and type of the OS running on the main processor of the phone may not matter much. If they are not interfering at a level below the radio then there is a lot less they could do with encrypted packets, other than the usual man-in-the-middle type attacks.

Re:I highly doubt it.

[rtb61]

There is a real legal problem in gaining and using, a user name and password because the claimed evidence can now be readily tainted by those involved in it's collection. Something the courts will have to start dealing with, basically this sort of device renders all digital evidence purely circumstantial, as it proves all those devices can be readily hacked and false evidence planted. They are no selling anything to police, they are selling stuff to be used by defence attorneys all over the world. There is a reason this kind of stuff is kept secret by those in authority, it hides the fact that they can and do plant any digital evidence they want on any device they want, a real legal problem, as it becomes more evident. So who is guilty for what is on a Windows anal probe 10 computer, M$ or the end user or anyone who hacks that connection.

Re:I highly doubt it.

It wouldn't require that. Have you ever heard of DMA? Haven't you seen the demos where any system can be hacked, regardless of OS, simply by plugging a device into a firewire port and then manipulating the data in RAM directly?

Same principle, the baseband CPU could simply use DMA to patch the kernel or other software in memory.

Re:I highly doubt it.

[swillden]

Have you ever heard of DMA?

The DMA controller is managed by the main CPU. It would be a security nightmare if any peripheral could initiate its own DMA transfers to any part of physical memory at any time.

Haven't you seen the demos where any system can be hacked, regardless of OS, simply by plugging a device into a firewire port and then manipulating the data in RAM directly?

That only works if the DMA controller is configured to allow it. Prior to the discovery of DMA attacks, OSes did configure their controllers to allow Firewire and other OHCI 1394 devices unlimited access. I think that's been fixed in Linux for some time, and Windows now has some mitigation as well. Android devices don't generally have that sort of hardware, and aren't supposed to allow any peripherals unlimited DMA access even if they do.

Re:I highly doubt it.

[swillden]

We really need a billion dollar class action lawsuit to bring a big company down one of these days for putting a backdoor in something.

Well, we'd need to find one, first.

Re:I highly doubt it.

[AmiMoJo]

Maybe, if you are a high value target that they are able to kidnap. For most people though the more likely danger is from other lower level law enforcement agencies like the FBI or local police. Encryption works extremely well against them.

Re:I highly doubt it.

[AmiMoJo]

This is obvious bullshit. Let's consider what they could do using the most powerful known attacks.

They could set up a man-in-the-middle attack. Anything unencrypted would be easily readable. Nothing exceptional there. They could spoof security certs so that they could read encrypted traffic, but it would be highly ineffective. Android pins critical certs, and apps (especially web browsers) will issue dire warnings. I'm not even sure you can bypass the warnings in Chrome anymore.

They could use exploits with their MITM attack. They would needs lots of zero day ones, constantly updated. Chances are that even then they would need to induce the user to connect to their evil AP.

So realistically, we can conclude that they are lying and just trying to scam clueless governments it of some cash.

Re: I highly doubt it.

[ls671]

Clandestine Information Association?

"Hundreds of devices"

But what mobile operating systems? Both Android and iOS? Windows Phone? Sailfish?

Re:"Hundreds of devices"

[Galactic+Dominator]

I think *any* has a pretty clear definition but maybe that's just me.

Won't Work On This Phone...

InterApp won't work on this phone.

But seriously, how insane are we to pay for the privilege of carrying a device that tracks our whereabouts, collects our personal information, and will render an account of our lives to government officials without our consent?

Sunday Sarcasm.

[geekmux]

The company says it will only sell it to law enforcement agency.

Oh, thank goodness, what a relief.

For a minute there I was worried that this would fall into the hands of people who might abuse this technology, or even break the law.

Because of course, that would never happen.

Oh gee, what a coincidence, this company sells an IMSI catcher too...

Short: No, but only "outdated" mobile devices

[burni2]

Hey slashdot.editors,

this is slashdot a news-site for nerds that mostly have a basic understanding of the "cracking" processes

And btw. the softpedia page is full of marketing speech shit.

Q: How can I "enter" a smartphone without physical contact?

A: There must be a security hole.
(the term outdated hints that there are -known- sec holes in older devices)

Q: How can I "enter" a smartphone without physical contact? another way

A: The user connects to an access point with/out any or weak encryption and the eMail app does not know of any current encryption

Q: How can I "enter" a smartphone without physical contact? another nother way

A: The user connects to an access point I control and I tell their eMail app that I'm from turk-trust and naserbajew-trust and that I'm Vladimir Putin the most trustworthy entity only followed by the NSA.

(Man in the middle attack)

The definition of "hack"...

[carlhaagen]

...seems to have its bar lowered every year by mainstream journalism and wannabe computer "aficionados".

Re:The definition of "hack"...

[JustAnotherOldGuy]

Slashdot editors: "Wee right good sew ewe dont half two"

Done before?

[Euphorinaut]

Is this different than the devices that Japanese dude was putting on stray cats?

Re: Coming soon to U.S. technology firms

Israel and the US are in bed with each other. It's the Palestinian that need to worried.

As an added bonus

[microcars]

it also finds missing Golf Balls

Partial Immunity

[amberdalan]

I manually manage my phones data, both LTE and wifi. I turn it on only when needed, and turn it off when I am done. I only connect my wifi to AP's I know and trust. (all 2 of them) I do this mainly to extend battery life, but in part because I barely trust the few app's I have. It seems to me that my everyday usage provides a moderate amount of immunity to this particular "attack". I have no illusions about the security of my phone. I will never mobile bank on it. I do not check my primary email account on it. I backup my data (pictures) to my computer, not drop box or any other cloud storage. I assume that anything I upload to the cloud can and will be made public. I don't trust my carrier, my email providers, my ISP, or any cloud with anything more than what is absolutely needed to maintain the service. We've seen the breaches, the hacks, the outing of private information from individuals, major companies, and even governments. I'm in a position where I do not have to trust, so why open attack vectors if I don't have to?

Re:too many missing information

[Bert64]

It's possible but unlikely...
If a device gets root on your phone then it's untraceable after the fact - as with root it has sufficient access to remove any traces that it was ever there.

There have been jailbreaks for phones which executed from within the browser, to exploit such a vulnerability on a wireless network under your own control only requires that the victim attempt to make a single http request over your network. The same is potentially true for any application which makes an outbound connection over a network you control.

Apps ask for your permission because they play by the rules, software running as root is not constrained by such things.

In any case, you would need the device to connect to your rogue wireless network (which isnt too hard really, you broadcast the ssid of a common free public wifi network and lots of devices will automatically connect) and potentially for some software on that device to make an insecure request over your network that you can intercept.
In all cases you would need to be aware of a vulnerability in the device you're targeting.

Turn it off. Problem solved.

[ITRambo]

I turn Wi-Fi off when I'm heading out and turn Bluetooth on so it works in my car. At home I do the reverse. This was done to extend battery life. Now, there appear to be additional reasons to turn off Wi-Fi. Who needs to have their phone brute force attacked by mindless thugs via Wi-Fi?

Re:Turn it off. Problem solved.

[zenlessyank]

I have Nokia 521 Windows 8 phone and it has a bug that won't let it send SMS messages if the WiFi is on. So I have to keep it off else no SMS which is what I use the phone for mostly. So glad MS is looking out for me. ;)

I would feel safer

if they only sell it to the crooks

Re: Coming soon to U.S. technology firms

You're a moron.

That is even more doubtful

[aepervius]

See there is this thing which is called russia, europe, china. None of which would willingly go with NSA plan for good reason. So.... What is the chance do you think that local firm building phone in every of those country would allow for such hole ? And what would be their reaction if it was found out ? The risk would not be worth the try.

Just a WiFi Pineapple?

[GodyDeeps]

So I'm guessing it's similar to the WiFi Pineapple with Karma/DNSSpoof?.. It poses as the trusted WiFi Network and the victim's phone connects to it. It could then employ MiTM on the SSL. Do all the Cellphone apps (Twitter, Dropbox, etc) not check for proper certificates when using HTTPS?

Security through scarcity

[DrYak]

Windows Phone? Sailfish?

I seriously doubt that all 3 devices of them have anything to be afraid of.
After all, the company spoke of "Hundreds of devices".

--
said a someone having switched from WebOS to Sailfish OS.

Watch out, patchers will make us "go dark"

[cfalcon]

Apple, Ios, and Microsoft had better get on fixing this IMMEDIATELY. If this goes live and stays live for a few months, fixing the bug will be deemed "going dark" and we'll hear about how "terrorists coordinate using securely patched phones".

Rubber hose

[colinrichardday]

Wouldn't they use a rubber hose instead? More likely to keep the victim conscious.

Re:Rubber hose

[Maxo-Texas]

No that's torture. They should waterboard because it's not torture at all.

COOL STORY BRO

[kheldan]

The company says it will only sell it to law enforcement agency

Yeah, sure you will. Aside from this making it's way into the hands of criminal organizations, one way or another, in a startlingly short period of time, the NSA and CIA (which more or less amount to criminal organizations, the way they conduct themselves domestically) probably already have this device in their posession well in advance of us hearing about it.

Thanks, assholes. Now I will never own a smartphone, ever. Hell, I'm half considering whether it even makes sense to continue having a cellphone of any kind anymore.

Re:COOL STORY BRO

[Ash-Fox]

Now I will never own a smartphone, ever.

LOL you.

Re:COOL STORY BRO

[kheldan]

What? I haven't had sufficient reason to get a smartphone so far, and it seems like every week something else comes up that convinces me even further that it's a bad idea. Overpriced, underperforming, get gouged for wireless service, and then it's like a swiss cheese so far as security goes, and there's not a hell of a lot you can do about it? All so I can have stupid games and mobile internet? LOL you, thanks but no thanks. I don't even use a cellphone as a phone all that much, I've got like 10000 'anytime' minutes racked up every single month. If it was any cheaper to have landline POTS at my house I think I'd just do that instead, but it costs about the same.

Re:COOL STORY BRO

[Ash-Fox]

What?

You're funny, because you're using a system that is probably just as exploitable under similar conditions. If you read the article, it mentions this attack would need to be faciltiated over Wi-fi. How can an attack over Wi-fi work? Man in the middle? Right, if someone is man-in-the-middling a system, Linux, Windows, OS X or otherwise, you'll likely have an application that can be exploited.

I haven't had sufficient reason to get a smartphone so far, and it seems like every week something else comes up that convinces me even further that it's a bad idea.

I#m not trying to convince you to get one, but if your only reason was to do with the security of the device.. Then I wouldn't even use a PC for similar reasons.

then it's like a swiss cheese so far as security goes

Mobile security is interesting, because some handsets don't get updates and that's where their vulnerabilities lie, while others do and some are maintained by the community which in some cases are more secure than your PC. Permission systems on mobile devices are more refined than what you typically get on a PC. Applications typically even have to request permission for Internet access, reading your device's unique ID, access to your phone book, viewing your pictures etc.

Overpriced, underperforming, get gouged for wireless service

I don't have this problem. I've got unlimited data (including tethering - I've used up TBs in a few months with no complaints), unlimited calls, unlimited texts 3g & 4g etc. and that costs me just 13GBP a month.

All so I can have stupid games and mobile internet?

I wouldn't know what your use-case is, but mine for exceeds those.

I've got like 10000 'anytime' minutes racked up every single month.

That's nice I guess.

If it was any cheaper to have landline POTS at my house I think I'd just do that instead, but it costs about the same.

I pay for two different fibre optic connections to my home from different providers for redundancy and load balancing traffic (we're heavy Internet users and we don't even pirate content), sadly that comes up to around 60GBP together, which in comparison to my mobile phone service is immensely expensive.

Re:COOL STORY BRO

[kheldan]

..because you're using a system that is probably just as exploitable under similar conditions.

Well, no, actually, I'm not. At home it makes zero sense for me to use WiFi, it's a small place and ethernet makes so much more sense.

Re:COOL STORY BRO

[Ash-Fox]

Well, no, actually, I'm not. At home it makes zero sense for me to use WiFi

Similar conditions being, someone doing a Man in the Middle. I don't care what medium it's performed over.

Re:COOL STORY BRO

[kheldan]

I'm not really sure anymore what your point even is? MitM attacks could have been happening since before the Internet was opened to the general public, even, and considering that it started as a DARPA project, and considering that pretty much all illusions about the U.S. I may have ever entertained have now been shattered, I think it's been continuously surveilled since Day Zero. If you're implying that the CIA/NSA/FBI/whoever has sneaked into my house and is watching the whole three ethernet devices I have on my private network, then you're more paranoid than I am. All I'm saying is why the hell should I make it easier for criminals or tragically anal-retentive government types to be going through my informational underwear drawer or directly monitoring me in realtime by having a smartphone when week after week I have it demonstrated to me that you're a chump if you own one, especially when nobody even uses their phone as a phone, for most it's like some crazy twisted lifestyle? It just doesn't make any sense for me, especially if I'm having to pay exhorbitant prices for it all to start with. Oh and the mention of the 'anytime' minutes? That was supposed to illustrate how little I even use a cellphone as a phone; there might be, on a busy month, and entire hour of airtime used.

..and before you say it: No, I'm not a luddite. I work for a 'major microprocessor/SoC manufacturer', who ironically enough creates most of the technology I'm not interested in owning, and without the team I'm on there, none of it would work reliably. You're welcome.

Re:COOL STORY BRO

[Ash-Fox]

I'm not really sure anymore what your point even is?

I'll paraphrase the posts:

1) You state that having a smart phone is a bad idea and that this article seems to make it even more so.
2) I laughed at your comment.
3) You justify yourself.
4) I bring up the similarities and dis-similaries of the exploitability to other devices through MitM, such as a PC and imply that if that would be your main motivator, that probably should avoid using any other device with similar circumstances.
5) You side-tracked on 'wi-fi' being the cause.
6) I point out MitM again.
7) You don't really see my point.

If you're implying that the CIA/NSA/FBI/whoever has sneaked into my house and is watching the whole three ethernet devices I have on my private network

CIA/NSA/FBI and other three letter agencies don't need to go on that level to my knowledge. With the advent of home routers being compromised through automated worms, Linux routers and even ISP routers getting compromised while operating in secure BAU setups. It would be silly to make assumptions like your Internet access is never going to have some sort of MitM. Based on this, how is this different to a smart phone being compromied by a MitM? I don't really see much of a difference.

In the next responses, I am just going to take the comments as if they were targetted to my use; because I have no idea what your use it or why you would end up compromised, but I have a good idea what would compromise me.

All I'm saying is why the hell should I make it easier for criminals or tragically anal-retentive government types to be going through my informational underwear drawer

I feel the risk to me in this area is very minimal because I simply do not store that data directly on the device. There is the exception that it has GPS tracking and I guess some special malware could get into my phone and trace where my phone is; but there isn't really much use to criminals having that information.

or directly monitoring me in realtime by having a smartphone when week after week I have it demonstrated to me that you're a chump if you own one

Considering that my alternative would be doing phone conferencing a lot over a laptop, I view the exploitability about the same with real time monitoring. If I had to use ae laptop, it too would know of the movies/documentaries I watch in bed, what slashdot comments I am reading (big deal) and the secure text messages (these aren't SMSes) I get regarding people accessing datacenters/servers

especially when nobody even uses their phone as a phone, for most it's like some crazy twisted lifestyle?

I use my landline for Internet and my mobile for voice calls, secure texts, tethering and discussing with people on Slashdot when I am travelling (last year I averaged 5 days a week in hotels and 0.7 days travelling per week).

..and before you say it: No, I'm not a luddite.

I never said that you're a luddite, your initial comment still does not really justify smart phones being that much worse than any other Internet connected device and I really don't care about any other reasons you have for not owning a smart phone.

Re: Coming soon to U.S. technology firms

WTF, why do we have such hate filled people in this world? Good grief, stick to the topic you moron.

Re: Coming soon to U.S. technology firms

Um, ok, here we go again......

u wanna take it outside?

Re:Coming soon to U.S. technology firms

+1 for truth

sorry the truth hurts folks. when their lives begin with dismembering baby genitals a life of duplicity, greed and evil is sure to follow.

Re: Coming soon to U.S. technology firms

[Hognoxious]

Israel and the US are in bed with each other.

Who's the brown hatter and who's the pillow-biter?

Yes, marketing claims do say that.

[gavron]

There are many smartphones with WiFi that cannot be "rooted" let alone remotely.

Then there are many of us who run permission-checking programs that alert us if something is touching something it shouldn't.

Finally the claims are too broad to be taken seriously. It's a simple application of Okham's Razor
along with a little bit of "If it sounds too good to be true... it probably is."

I suspect their device allows them local WiFi access to a subset of smartphones (as they say "older")
that have known vulnerabilities in the OS (e.g. previous Android or IOS). There's no known remote root
for BlackBerry (remember them?) or current Android (CM12.x).

Marketing people do what they do and LOOK THEY'VE SUCCEEDED because their original ad has
now transformed into a discussion on /. :)

Best holiday wishes,

Ehud Gavron
Tucson AZ

Key word - Israel.

[denzacar]

and the fact that kids of people attracted to life in uniform are of exactly the opposite mindset needed to go into computer science

There is no "attracted to life in uniform" in Israel. Everyone serves.
What there is though are various benefits in service and education for those with high grades in highschool with special attention for those "recruits who have demonstrated outstanding academic ability in the sciences and leadership potential" putting them through more schooling and training after which they do R&D for IDF.

The applicant pool consists of nearly ten-thousand top scorers in a test taken by all graduating high school seniors. 150-200 potential applicants are then subjected to a two-day series of tests.[3]
These include further IQ exams, as well as group-tasks designed to test one's social dynamics, all conducted under the supervision of trained psychologists and military personnel.
For example, teams of applicants are given a specific task then the instructions are changed while the test is in progress, such as shortening the allotted time or changing the assigned tasks.[3]
Final acceptance into the program entails a high security clearance rating, given by the Air Force.

And then there's Mamram, Unit 8200, Ofek...

All when those highly educated techies leave the army... Private sector is ready and waiting.

Pineapple

Welcome to ten years ago, Israel: https://www.wifipineapple.com/