Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday August 15 2018, @09:48AM   Printer-friendly
from the hello-DefCon dept.

Submitted via IRC for BoyceMagooglyMonkey

Research funded by the Department of Homeland Security has found a "slew" of vulnerabilities in mobile devices offered by the four major U.S. cell phone carriers, including loopholes that may allow a hacker to gain access to a user's data, emails, text messages without the owner's knowledge.

The flaws allow a user "to escalate privileges and take over the device," Vincent Sritapan, a program manager at the Department of Homeland Security's Science and Technology Directorate told Fifth Domain during the Black Hat conference in Las Vegas.

The vulnerabilities are built into devices before a customer purchases the phone. Researchers said it is not clear if hackers have exploited the loophole yet.

Department of Homeland Security officials declined to say which manufacturers have the underlying vulnerabilities.

Millions of users in the U.S. are likely at risk, a source familiar with the research said, although the total number is not clear.

Because of the size of the market, it is likely that government officials are also at risk. The vulnerabilities are not limited to the U.S.

Researchers are expected to announce more details about the flaws later in the week.

Source: https://www.fifthdomain.com/show-reporters/black-hat/2018/08/07/manufacturing-bugs-allow-millions-of-phones-to-be-taken-over-dhs-project-to-announce/


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Interesting) by HiThere on Wednesday August 15 2018, @06:17PM

    by HiThere (866) Subscriber Badge on Wednesday August 15 2018, @06:17PM (#721875) Journal

    I wouldn't say the article was clickbait, but "Homeland Security" is a totally different matter, though clickbait might not be the correct term to use in describing their actions. But it was "Homeland Security" that warned of danger without being explicit about who.

    OTOH, perhaps it's a good general assumption. Avoid putting any data on your phone (including financial transactions) that you wouldn't want the public to know. This year I've become increasingly reluctant to even make purchases over the web.

    --
    Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
    Starting Score:    1  point
    Moderation   +2  
       Interesting=2, Total=2
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4