Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Tuesday October 08 2019, @11:27AM   Printer-friendly

Submitted via IRC for SoyCow9088

Attackers exploit 0-day vulnerability that gives full control of Android phones

Attackers are exploiting a zero-day vulnerability in Google's Android mobile operating system that can give them full control of at least 18 different phone models, including four different Pixel models, a member of Google's Project Zero research group said on Thursday night.

There's evidence the vulnerability is being actively exploited, either by exploit developer NSO Group or one of its customers, Project Zero member Maddie Stone said in a post. NSO representatives, meanwhile, said the "exploit has nothing to do with NSO." Exploits require little or no customization to fully root vulnerable phones. The vulnerability can be exploited two ways: (1) when a target installs an untrusted app or (2) for online attacks, by combining the exploit with a second exploit targeting a vulnerability in code the Chrome browser uses to render content.

"The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device," Stone wrote. "If the exploit is delivered via the Web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox."

[...] "This issue is rated as high severity on Android and by itself requires installation of a malicious application for potential exploitation," Tim Willis, another Project Zero member, wrote, citing Android team members. "Any other vectors, such as via web browser, require chaining with an additional exploit."

[...] While the vulnerability reported on Thursday is serious, vulnerable Android users shouldn't panic. The chances of being exploited by attacks as expensive and targeted as the one described by Project Zero are extremely slim. Just the same, it may make sense to hold off installing non-essential apps and to use a non-Chrome browser until after the patch is installed.

[Editor's Note: The link pointing to the comment made by Maddie Stone (2nd Para) has broken and now points to an empty page. We will try to find a replacement for it. The problem might be browser-specific, I am still investigating. --JR 13:08 UTC 8 Oct]


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 3, Informative) by seeprime on Tuesday October 08 2019, @11:51AM (2 children)

    by seeprime (5580) on Tuesday October 08 2019, @11:51AM (#904031)

    Operas VPN adds a layer of security that Chrome lacks. It also isn't vulnerable like Chrome to this online attack.

    • (Score: 0) by Anonymous Coward on Tuesday October 08 2019, @08:39PM

      by Anonymous Coward on Tuesday October 08 2019, @08:39PM (#904313)

      I don't need the Chinese (who own opera now) controlling my bloody browsing!!!

      Opera VPN! Wtf!

    • (Score: 2) by darkfeline on Wednesday October 09 2019, @03:36AM

      by darkfeline (1030) on Wednesday October 09 2019, @03:36AM (#904504) Homepage

      Yes it is? According to the summary, all that is required is a vulnerability in any application. A VPN adds exactly zero security against this attack vector. Are you saying that it is impossible for Opera to have any vulnerabilities? If so, I have Jesus Christ's foreskin to sell to you.

      --
      Join the SDF Public Access UNIX System today!
  • (Score: 1, Informative) by Anonymous Coward on Tuesday October 08 2019, @12:21PM (1 child)

    by Anonymous Coward on Tuesday October 08 2019, @12:21PM (#904034)

    Isn't this article a dupe of https://soylentnews.org/article.pl?sid=19/10/07/1352214 [soylentnews.org] ?

    • (Score: 4, Interesting) by janrinok on Tuesday October 08 2019, @12:33PM

      by janrinok (52) Subscriber Badge on Tuesday October 08 2019, @12:33PM (#904035) Journal

      Yes and No. The earlier story concentrated on the fact that it was an "Israeli Surveillance Dealer Attack". Additionally, it identified models known to have been compromised and also commented upon the countries that the dealer was selling such technology to. The second story i.e. this one, is concerned with the fact that the original reported vulnerability has been linked with Chrome. Avoiding Chrome until the patch is issued should reduce the risk to a very small level. They are both dealing with the same vulnerability but looking at 2 different aspects of it.

  • (Score: 2, Funny) by Anonymous Coward on Tuesday October 08 2019, @01:16PM (1 child)

    by Anonymous Coward on Tuesday October 08 2019, @01:16PM (#904043)

    I give you permission to hack my phone as long as you give me root too; just send me the URL please.

    • (Score: 1) by RandomFactor on Tuesday October 08 2019, @01:52PM

      by RandomFactor (3682) Subscriber Badge on Tuesday October 08 2019, @01:52PM (#904065) Journal

      I only buy phones I can unlock and root.

      Now if I would just remember to include 'removable battery' in my criteria instead of getting excited about the shiny and forgetting that part.

      --
      В «Правде» нет известий, в «Известиях» нет правды
  • (Score: 2) by jmichaelhudsondotnet on Tuesday October 08 2019, @04:39PM (7 children)

    by jmichaelhudsondotnet (8122) on Tuesday October 08 2019, @04:39PM (#904151) Journal

    -oh its secure
    -oh its got some bugs
    -oh our private spy company has been exploiting them, but its a different company
    -oh the employees are no longer working for the government
    -oh they do work for the government sometimes and they all used to work for the government, but that doesnt matter unless youre crazy
    -oh its expensive to implement, no way we would ever use it on a scrub like you
    2 years from now
    -oh we have been blanket collecting everything everyone does not unlike android maps

    Israeli affiliated companies hardware and software have dozens of interlocking intentional vulnerabilities but no jewish people are ever involved in conspiracies, that would be antisemitic. /s

    Anyone who believes these lying treacherous shitheads gets what they deserve, but for anyone with their head removed from their ass, knows that google is essentially israeli state software and iphones, android phones, NCR cash registers, Azure, rapscan, and intel cpus are intentionally designed to be insecure for the national interests of the zionist state of israel, and our countries are basically giving them a kill switch to our digital infrastructure for no reason other than the fear of being called an antisemite.

    It is difficult for me to associate with such stupidity, or with anyone who is unable to acknowledge the fact of the matter, that any rational liberal response to this is a full boycott of all israeli hardware and software products indefinitely.

    The lack of any other sane commentary besides mine on these dire global security issues here betrays either fear or laziness.

    Since I am being followed by thugs in the street, even this morning, there is some reason to fear as it seems all westen governments are bending all the way over.

    I kindof thought some hasbara would come and try to argue, but at this point I think they are committed to their evil plans and are focusing all their efforts on the giant channels they control on twitter, reddit and fb, to which there remains no actual alternative for free thinking people, who dont believe in holy land, genital mutilation or algorithmic censorship.

    thesesystemsarefailing.net (but especially anything having to do with israel)

    • (Score: 2, Interesting) by DECbot on Tuesday October 08 2019, @05:32PM (3 children)

      by DECbot (832) on Tuesday October 08 2019, @05:32PM (#904199) Journal

      If things are really as bad as you believe them to be, the reason you can still broadly spout your ideas online without getting disappeared or arkancided are:

      1. You are a useful idiot.
      2. You are well paid and/or appreciated by the people you condemn.

      Please let me know which best fits so I can update my notes.

      --
      cats~$ sudo chown -R us /home/base
      • (Score: 2) by jmichaelhudsondotnet on Wednesday October 09 2019, @11:07AM (2 children)

        by jmichaelhudsondotnet (8122) on Wednesday October 09 2019, @11:07AM (#904625) Journal

        This is a fair question.

        I will not mot mod this as a flame or troll.

        I must of course also ask these questions myself, so that is why the answers are going to be long-ish.

        With all that I know, now having determined through contemplation and long term investigation of my own life, that I have had many thousands of encounters with one or another form of secret police agent or informant, operating invisibly, seamlessly in american society. This is what I have to take, for me, as fact because nothing else fits my own direct personal experience. I understand it is difficult even impossible for others to believe, so it would be ridiculous for me to try to force people. But I will answer fair questions like this all day long, I have decided my only possible safety is in publicity. I cant afford to hide. I also truly hate totalitarianism and love america so this stuff pisses me off to my very core, it represents the complete annihilation of everything I thought was true about my country. And it was attacking me in really mean dickish ways, spooky ways, sick ways. Gaslighting itself is an evil practice and that is what my experiences are is based upon.

        Everyone would say it is crazy for the government to try to be someones roommate and then pick fights with them intentionally, but that is what they do, and when I point it out, I am called crazy for it as if it is too bonkers for even the government. This is a very advanced form of gaslighting, involving dozens of people over the course of peoples' lives. Literal conspiracies against individuals, plotted on a daily basis. Its real, this should scare you.

        From all of these experiences there are a few summaries Ì can make about these encounters. With rare exception they are transactional, every exchange of value and information is carefully calculated. They must be trained in this, basically to sit listening to you all day long, only talk in cliches and safe topics, any money transaction becomes an argument if even 5 dollars is in question.

        They would not be investigating and harassing me if they were not gaining something from it, if it were not the result of some serious calculating of risk and cost/benefit. Other people who have attempted to say the things I know to be true have been driven to suicide, Michael Ruppert and Gary Web were not assassinated, they were so forcefully excluded from the cultural hegemony they were facing going into their 50s working at a restaurant or something, while encountering constant law enforcment harassment and being openly mocked, and things like frivilous lawsuits. When the system doesnt like you, it doesnt have to kill you. If it knows you cant do anything, that you are powerless, sometimes it will let you rot in plain site as an example to others. Also, while you rot and dance in the frying pan, you generate intelligence because you are intelligence, and that is useful in a very general sense to power. It turns into an experiment in which you are a lab rat, how much can your genetic makeup take before calling it quits? Which is also very evil, or at least not something anyone would in their right mind do to their fellow countryman, someone who is ostensibly *on their side*.

        In other cases, Seth Rich and Michael Hastings, these guys were seen as actors in play and someone was just able to kill them. In other cases, like I think the ferguson activists and a lot of black people, they will assassinate you without even an investigation.

        In my case, with my honda crv computer being remotely destroyed on highland ave in issaquah wa on november 22 2017, in the snow, in traffic, in the middle lane, was a pretty dangerous thing to happen to me I would say and there was a 50/50 chance of me encountering a life changing physical injury or worse. The nature of this attack destroys the evidence, the computer is fried, so it is the perfect plausible deniable way to cost someone thousands of dollars and a huge amount of stress.

        Imagine your car randomly turning off a few hundred times, and no mechanic can tell you why, but can you?

        Have you ever heard or seen of that happening to any other person?

        Would you be willing to confirm at the 3 shops where the work was performed?

        Based upon your response I will decide whether to continue with more details.

        • (Score: 1) by DECbot on Wednesday October 09 2019, @07:55PM (1 child)

          by DECbot (832) on Wednesday October 09 2019, @07:55PM (#904869) Journal

          I work on electronics for a living, so for your first question:

          Imagine your car randomly turning off a few hundred times, and no mechanic can tell you why, but can you?

          I've seen shoddy work in the form of a cold solder joint, that sounds like the failure mode of your car's computer. Some component was solder only enough to get through inspection at manufacturing and perhaps a few years in use. After some extreme temperature cycling, like operating the car in the winter, the solder point physically fails and no longer makes constant contact. If this happens to be the VCC or ground for your computer, it will power cycle every time connection is lost and regained. This is likely an unfortunate event, not government or corporate sabotage--unless you believe manufactures deliberately design their products to fail. But even in that case, you were not personally targeted. Auto mechanics aren't necessarily electricians, electronics technicians, and certainly not electrical engineers. They know enough about electricity to replace a board or a wiring harness, but not do in-depth analysis to determine why the black box is dead. Now, if the computer failed right after other work was done on the car, I might thing it was more deliberate than just bad luck.

          Have you ever heard or seen of that happening to any other person?

          No. I have seen unintentional shoddy manufacturing due to a lack of workmanship and loose quality control, which damages the reputation of the manufacturer and costs the manufacturer money for warranty costs and such, but not deliberate sabotage to favor a particular government over an individual.

          Would you be willing to confirm at the 3 shops where the work was performed?

          If it were a field I was less familiar with, like mechanical systems, I might be inclined get confirmation of a second or third party because I may not trust the individuals at the previous shop. For boards, I'd ask to inspect the board to form my own opinion. Which brings me back to my earlier armchair troubleshooting above. It may not have been a cold solder joint--it could easily have been a short from a wiring harness with damaged insulation coming in contact with the board or a capacitor with faulty electrolytic insulation. I can't diagnose anything from the text you provided. I'm just disinclined to believe it is a government plot when there are more plausible explanations than custom, bespoke malware getting flashed into a non-networked car computer. That's a lot of intrusive work when more practical methods exist. I'm not telling you to think the government isn't all the things you say it is, but in this one case, there are other explanations.
           
          Circling back around to your original post, There are likely individuals or groups of individuals in the US and other governments that are abusing their power and lobbying for more power that they can abuse. I think these people are capable of harming people who catch their attention. However, I don't think they have the mental capacity to rake the public to find every undesirable--but they will throw all their might to flail against any individual person that catches their attention (ie MLK, John Lennon). What makes new technology like FB, Twitter, Google, etc dangerous to the individual is the ease at which random private individuals can be brought to the attention to this corrupt individuals. That is what makes programs like the ones at the NSA so threatening. I generally believe the state of the western world isn't as bad as you exclaim, which is why I questioned if you were a useful idiot or a shill. A dozen rouge intelligence agencies do not and are unable to centrally plan and control the entire world. However arguing that they are gets your points cast out as conspiracy theories instead of evidence of actual corruption. Instead of spouting "the government lies to us" it is better to ask, "where in the government/media did we decide that Iraq had WMDs?" or "why do these reporters/editors in the media verbatim quote the CIA/FBI propaganda?" When the individuals of the government and media are actually held accountable to the people, there is less they are able to get away with. Generalizing it to 'the government' are you obscuring actual evidence of wrongdoing performed by individuals by obfuscating it in wild conspiracy theories encompassing the whole body politic. There may be a program between the individuals at the CIA responsible for pro US propaganda and some editors at the major news networks, but that is not the entire media establishment and all the western governments. By blaming the whole of wrongdoing you protect the individuals. If the individual editors are called out for their activity, then they can be held accountable and journalistic standards be upheld and other editors will be less cooperative to circulate US propaganda as actual fact. It is the public's responsibility to hold the individuals in power accountable. When the public at large does not or is incapable of holding individuals accountable, the system fails. Hiding evidence by spinning conspiracy theories harms the public's ability to keep these people accountable. Thus, are you a useful idiot or as a paid shill? By bringing forwards your arguments in the manner you are, who is likely to believe and act on them? and Who benefits from it the most?

          --
          cats~$ sudo chown -R us /home/base
          • (Score: 2) by jmichaelhudsondotnet on Thursday October 10 2019, @01:18PM

            by jmichaelhudsondotnet (8122) on Thursday October 10 2019, @01:18PM (#905175) Journal

            'there are other explanations.'

            In a situation where there were no other similar incidents going on, perhaps. But I am sitting in a shitstorm of shit like this.

            Bad factory soldiers dont happen 5 years down the road, the carfax was clean of anything like this. That is not how bad solders happen.

            Your theory is bad, get another one.

            I accept all coaching on my writing and approach to communicating the signfiicant aspects of my experiences. I am working without an editor, something most paid writers are terrified to even do. The result of your life being attacked like mine has, is severe isolation and that just makes you different. They say the same about people in iceland if it is willfull but if in my case, this is not my chosen life. I have at every point tried to reach out to people and make friends, in the classic sense. But it just doesn't seem to work anymore. Europeans I have met note this about Americans, everything is transactional.

            People are afraid of terminator robots, but don't see where they are becoming the robots.

            I am not accusing some shadowy nebulous force of using zersetzung principles against me, I am accusing the FBI cointelpro fusion centers and their corporate consultancies of *having become* a shadowy nebulous fore using zersetzung tactics against idelogical enemies in exactly the same ways as other totalitarian systems except much better hidden. I am saying what I have experienced shows how the law has changed, and that something totally different is in effect, and it must be affecting a lot more people than just me. And it took me years to notice it, I thought for a very, very long time I was just meeting jerks who did not want to be my friend. In 2017 everything clearly escalated though, the 50th time someone tries to bait you into a crime, you really start to feel like they *want* you to be a criminal and won't stop until you are. That's wierd and it's totally fucked.

            When you are living in your car and notice you are being treated like a threat worse than OBL, something is fucking wrong and that is what is going on. The biggest reason for me living in my car was, after all the 2500 dollar savings it cost me to repair my car computer the first time it died completely, on the way home from the best job I have probably ever had. Like everything in surveillance capitalism, the oppression is for some people a feature. Someone is making big money off of what is an attack against my ability to live.

            You need to expand your horizon of how fucked things are in the united states and if you are in fact real and not here to question my ability to perceive reality and distract, you will help me find a journalist and a lawyer. But at the moment as far as I can tell journalists and lawyers dont believe my life story is in the realm of the possible, and that is a real conundrum let me tell you.

    • (Score: 1, Funny) by Anonymous Coward on Tuesday October 08 2019, @08:14PM (2 children)

      by Anonymous Coward on Tuesday October 08 2019, @08:14PM (#904294)

      Since I am being followed by thugs in the street, even this morning, there is some reason to fear as it seems all westen governments are bending all the way over.

      I kindof thought some hasbara would come and try to argue, but at this point I think they are committed to their evil plans and are focusing all their efforts on the giant channels they control on twitter, reddit and fb, to which there remains no actual alternative for free thinking people, who dont believe in holy land, genital mutilation or algorithmic censorship.

      Nothing so profound. We're just enjoying our monthly dividend payouts from our membership in the International Jewish Conspiracy (IJC). We at the IJC are very pleased with the success of our plans for global domination.

      Don't forget that *every* jew is a member and we all pay our monthly dues to make sure that jmichaelhudsondotnet is persecuted fully, with his Coke replaced with Pepsi, over-easy eggs scrambled and clothing size labels at every store he shops are switched to be two sizes smaller than they are.

      We make the hot water cold and the cold water hot. we replace his nasal allergy spray with ragweed pollen and dextroamphetamine. We substitute cashew butter for his peanut butter.

      Yes, jmichaelhudsondotnet is a constant topic of conversation at our steering committee meetings, executive board meetings, and is especially popular (gathering ideas for how to confuse and terrorize him) at our general membership meetings.

      You've found us out. Uh oh. I guess we'll just have to start putting laxatives in his bread products. Fun, fun, fun!

      Here's a heads up for you: we're going to massacre all the Corgis [wikipedia.org] in the world and replace them with look-alikes. This will allow us to spy on the dangerous cattle as they are grazed and led to slaughter.

      That project is well under way, and most corgis are now IJC controlled AI bots.

      Through our complete infiltration of the AKC [wikipedia.org], we now control the dog population of the US.

      But we're not stopping there! We are firebombing sugar plantations to make sure that only high fructose corn syrup (HFCS) is left. We have inserted brain control agents into HFCS, and will soon be in complete control of *everyone*. MWAHAHAHAHAHA!

      • (Score: 2) by Azuma Hazuki on Wednesday October 09 2019, @02:16AM (1 child)

        by Azuma Hazuki (5086) on Wednesday October 09 2019, @02:16AM (#904470) Journal

        You scramble the over-easy eggs? You...you *bastards!* This is too far!

        --
        I am "that girl" your mother warned you about...
        • (Score: 2, Funny) by DECbot on Wednesday October 09 2019, @07:59PM

          by DECbot (832) on Wednesday October 09 2019, @07:59PM (#904871) Journal

          They're outright despicable. I'm only passive-aggressive enough to serve them over-medium.

          --
          cats~$ sudo chown -R us /home/base
  • (Score: 2) by NotSanguine on Tuesday October 08 2019, @07:53PM

    by NotSanguine (285) <NotSanguineNO@SPAMSoylentNews.Org> on Tuesday October 08 2019, @07:53PM (#904281) Homepage Journal

    The use-after-free vulnerability originally appeared in the Linux kernel and was patched in early 2018 in version 4.14 [kernel.org], without the benefit of a tracking CVE. That fix was incorporated into versions 3.18 [googlesource.com], 4.4 [googlesource.com], and 4.9 [googlesource.com] of the Android kernel. For reasons that weren’t explained in the post, the patches never made their way into Android security updates. That would explain why earlier Pixel models are vulnerable and later ones are not. The flaw is now tracked as CVE-2019-2215 [duckduckgo.com]. [Link to CVE web search added]

    --
    No, no, you're not thinking; you're just being logical. --Niels Bohr
  • (Score: 0) by Anonymous Coward on Wednesday October 09 2019, @11:03AM

    by Anonymous Coward on Wednesday October 09 2019, @11:03AM (#904623)

    Who the heck would use the default browser, except, perhaps to download IceCat?

(1)