1 BILLION Android phones can be infected by text message

[Bindee]

http://www.theregister.co.uk/2015/07/27 ... text_flaw/

Android smartphones can be secretly infected by malware hidden in text messages

No user input is required to exploit this remote-code execution vulnerability – the victim doesn't even have to watch the video, just simply receive it on his or her phone.

pwned .......

[cthisbear]

http://www.theregister.co.uk/2015/07/27 ... _text_flaw

Chris.

[8Geee]

Ouch, thats gonna hurt.
Google flavored Android not the most open of devices, G# strikes again.
And the browser is vunerable, too (FF38/39 excepted).

[Bindee]

As it leaves no trace you can bet every government is now exploiting this until it's patched.

[Ted Dog]

lol guess its time to buy a iPhone

this seems like a bit of MUD or same idea that is the current favorite vector of infections font buffer overflow. so far its hit Apple ( OS and iphones ipads ) Microsoft ( all versions since dawn of time it seems ) fast patched out of cycle last week or so. Now Android! Do you wanta bet it also effects Linuxes. give it a week!

[Ted Dog]

As it leaves no trace you can bet every government is now exploiting this until it's patched.

Or they have already been and now will lose yet another back door. Good thing they probably have a decade head start on these flaws ( if they where put there on purpose to begin with Open source can be worse in some aspects )

[Bindee]

For a bug there does seem to be a lot of coincidences about it that match a purposely built back door.

[gcmartin]

Anybody else considering the obvious that happens all too often: Coding flaw that someone found to exist.

Patch is on the way to a phone near you.

[8Geee]

Most FUD suggests

A.) take a hammer to the Android-phone
B.) Remove StageFright (lowers security by using a bypass)

I'll just say no to Android/Chrome/Flash in the meantime.

[greengeek]

B.) Remove StageFright (lowers security by using a bypass)
I'll just say no to Android/Chrome/Flash in the meantime.

Stagefright link here

[8Geee]

Checked the link, lots to do in the meantime!

[Bindee]

http://www.theregister.co.uk/2015/08/06 ... _app_vuln/

Android faces SECOND patching crisis, on the same scale as Stagefright

‘Certifi-gate’ vuln could allow unrestricted device access

[Ted Dog]

Was talking with a former GOV paid white hat hacker, still a white hat but now remote crashing high end SUVs for a lawyer group. Stuff they did sounded cool but never once talked about going after good Americans only real baddies blackhats.
Of course he was mistrusting of gov being able do all the above but spent most time railing against blutooth.

[amigo]

"Patch is on the way to a phone near you." Unforunately that is true for only a few brands/models.

[perdido]

"Patch is on the way to a phone near you." Unforunately that is true for only a few brands/models.

One simple fix for all android devices is to turn off auto-retrieve MMS messages in text settings. That will still allow receiving the text message, it just makes you tap the download button in the message to get the multimedia attachment.

"Patches? We don't need no stinking patches! I aint gonna show you no stinking patches".

[Ted Dog]

http://www.youtube.com/watch?v=VqomZQMZQCQ


had a co worker rework this line many times, I never knew the source. but its a classic movie and good acting by the guy delivering it. Do not know if he is playing the line with a comic twist or not

[Bindee]

Researchers have found a way to steal fingerprints from Android phones packing biometric sensors.........

http://www.theregister.co.uk/2015/08/10 ... _cleartext

Mobile phone security , What security?

[8Geee]

Sadly, that rings true, as the various (nefarious) Phone-co's make you contract them as phone OS provider (Re: upgrades/updates to OS!, ATT is notorius) the pain is nearly palpable trying to get these guys in gear.