There has been plenty of news lately concerning smartphones and their vulnerabilities to security threats. The growing popularity of smartphones and the way in which people use them for more than just phone calls make them an attractive target for hackers. While the smartphone security issue definitely deserves attention, owners of more common “feature phones” are not in the clear either.
A “feature phone” falls into a category between voice-only cell phones and smartphones. It does not have the processing power of a smartphone, but it has more features than a bare-bones phone, such as a music player, web browser, and more. Although smartphones are extremely popular at the moment, the majority of cell phone users across the globe do not own one. Instead, most own simpler feature phones. This makes feature phones a solid target for hackers, as a well-devised attack can have a larger impact by hitting and affecting more phones and their users.
Collin Mulliner, a mobile researcher and PhD student at Technical University Berlin, decided to experiment with the security or lack thereof on feature phones. He focused on feature phones because security on smartphones has become advanced of late. Many people still use feature phones, however, so their security should be of high importance as well.
With the help of one of his university's master's degree students, Mulliner found a way to crash feature phones and knock them off their mobile networks. This was accomplished via SMS messages containing special characters. The code-laden messages would be sent to feature phones, causing them to disconnect from the mobile networks and shut down at times. The experiment was able to affect feature phones from all the major manufacturers, although the messages' codes had to be tweaked for different brands. Mulliner and his colleagues contacted the manufacturers to advise them of the vulnerabilities.
While the manufacturers vowed to fix the problems, the holes still seem to exist. A demonstration of the attack was performed by the researchers at the Chaos Communication Congress in Berlin, which is a conference for hackers. To avoid any problems, the researchers did not divulge the actual codes to perform the attacks to those in attendance.
The attacks against feature phones worked to disconnect them from networks, but Mulliner warns that they could be used for other purposes as well. Codes could be written and transmitted via SMS from a phone number or through an online SMS sending service. Messages could be used to create havoc and make a phone carrier's business look bad. They could also be sent to government officials to make a political statement, plus whatever else hackers could conjure up.
Mulliner believes that the best way for companies to combat attacks on feature phones is to provide users with updates. This is not easily achieved with feature phones, since they lack automatic updates, unlike smartphones. Still, he states that manufacturers could send alerts to users notifying them of available update downloads, or update the phones' software remotely.
For more on this topic, visit http://news.cnet.com/8301-27080_3-20028480-245.html?tag=mncol;title
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More Web Hosting Security Articles
More By wubayou
