Submitted via IRC for BoyceMagooglyMonkey
Research funded by the Department of Homeland Security has found a "slew" of vulnerabilities in mobile devices offered by the four major U.S. cell phone carriers, including loopholes that may allow a hacker to gain access to a user's data, emails, text messages without the owner's knowledge.
The flaws allow a user "to escalate privileges and take over the device," Vincent Sritapan, a program manager at the Department of Homeland Security's Science and Technology Directorate told Fifth Domain during the Black Hat conference in Las Vegas.
The vulnerabilities are built into devices before a customer purchases the phone. Researchers said it is not clear if hackers have exploited the loophole yet.
Department of Homeland Security officials declined to say which manufacturers have the underlying vulnerabilities.
Millions of users in the U.S. are likely at risk, a source familiar with the research said, although the total number is not clear.
Because of the size of the market, it is likely that government officials are also at risk. The vulnerabilities are not limited to the U.S.
Researchers are expected to announce more details about the flaws later in the week.
(Score: 3, Insightful) by HiThere on Wednesday August 15 2018, @06:13PM
How about "don't do financial transactions over your phone", and "avoid saying anything sensitive".
The first is probably more important for most people, as it removed the incentive for attacks. The second one is important mainly for attacks that are targeted.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.