Ars reports on a serious Android exploit to be disclosed at the upcoming BlackHat:
Almost all Android mobile devices available today are susceptible to hacks that can execute malicious code when they are sent a malformed text message.
The vulnerability affects about 950 million Android phones and tablets, according to Joshua Drake, vice president of platform research and exploitation at security firm Zimperium. It resides in "Stagefright," an Android code library that processes several widely used media formats. The most serious exploit scenario is the use of a specially modified text message using the multimedia message (MMS) format. All an attacker needs is the phone number of the vulnerable Android phone. From there, the malicious message will surreptitiously execute malicious code on the vulnerable device with no action required by the end user and no indication that anything is amiss.
(Score: 5, Informative) by physicsmajor on Tuesday July 28 2015, @02:53PM
Here is how to prevent automatic background downloading of MMS messages. Doesn't fix the problem but you'd have to click first, instead of having them silently execute.
https://www.twilio.com/blog/2015/07/how-to-protect-your-android-device-from-stagefright-exploit.html [twilio.com]
(Score: 1, Insightful) by Anonymous Coward on Tuesday July 28 2015, @04:02PM
the instructions are provided as a video or animated gif?
The world is ending. It may have ended. To witness that simple instructions now require a video tutorial to ensure that people can follow along. Maybe instead of eternal september, we now have a frozen turkey november. Because the same people will not know to defrost the turkey first prior to cooking, and require a video to explain why they can't follow the animated turkey preparation instructions on Thanksgiving since the turkey is still frozen.
*frozen turkey's in November being a US centric thing
At least toothpick instructions have not yet required a video. That'll be next, and Wonko will probably manage to follow the dolphins.
(Score: 3, Funny) by takyon on Tuesday July 28 2015, @04:14PM
https://www.youtube.com/results?search_query=toothpick+how+to [youtube.com]
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: -1, Troll) by Anonymous Coward on Tuesday July 28 2015, @05:09PM
oh man, now you've done it, I never even thought to search the cesspool.
At least someone is reading my anonymous posting... well I will log in eventually, but if I own up to these comments, then people will know what I think about such things! It could ruin my political aspirations... but knowing people need that much assistance helps me determine what programs I can promise to cut funding for.
(Score: 3, Informative) by takyon on Tuesday July 28 2015, @06:03PM
Pseudonyms: the anons with "class".
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 4, Funny) by maxwell demon on Tuesday July 28 2015, @09:09PM
Object oriented anons?
The Tao of math: The numbers you can count are not the real numbers.