Stories
Slash Boxes
Comments

SoylentNews is people

Smartphones From 11 OEMs Vulnerable to Attacks via Hidden AT Commands

posted by mrpg on Monday August 27 2018, @07:39PM   Printer-friendly
from the +++ dept.

MrPlow writes:

Submitted via IRC for BoyceMagooglyMonkey

[...] Unknown to the common user is that modern smartphones include a basic modem component inside them, which allows the smartphone to connect to the Internet via its telephony function, and more.

While international telecommunications bodies have standardized basic AT commands, dictating a list that all smartphones must support, vendors have also added custom AT command sets to their own devices —commands which can control some pretty dangerous phone features such as the touchscreen interface, the device's camera, and more.

[...] Once an attacker is connected via the USB to a target's phone, he can use one of the phone's secret AT commands to rewrite device firmware, bypass Android security mechanisms, exfiltrate sensitive device information, perform screen unlocks, or even inject touch events solely through the use of AT commands.

Source: https://www.bleepingcomputer.com/news/security/smartphones-from-11-oems-vulnerable-to-attacks-via-hidden-at-commands/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Smartphones From 11 OEMs Vulnerable to Attacks via Hidden AT Commands | Log In/Create an Account | Top | 19 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Monday August 27 2018, @08:52PM (3 children)

    by Anonymous Coward on Monday August 27 2018, @08:52PM (#727125)

    So very shocking. Now how many more backdoors are baked into every goddamn thing?

  • (Score: 3, Interesting) by anubi on Monday August 27 2018, @10:58PM (2 children)

    by anubi (2828) on Monday August 27 2018, @10:58PM (#727164) Journal

    It will remain this way until someone is held accountable.

    As long as we grant the right to hold everyone else ignorant of what is done, then do bad stuff, well, we set the stage for it.

    If you know the truth, the truth will set you free. And for those of us, ( or at least those who obey the wishlist of the so-called "rightsholder" ) who willfully remain ignorant, they are ripe to be bamboozled by those who wish to pull a fast one.

    Ignorance is not bliss.

    --
    "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]

    • (Score: 0) by Anonymous Coward on Tuesday August 28 2018, @12:45AM (1 child)

      by Anonymous Coward on Tuesday August 28 2018, @12:45AM (#727192)

      It will remain this way until people stop using proprietary software entirely, and stop accepting its existence.

      • (Score: 0) by Anonymous Coward on Tuesday August 28 2018, @12:49AM

        by Anonymous Coward on Tuesday August 28 2018, @12:49AM (#727193)

        It is not software per-se. It is baked into the chip. In this case if I am remembering correctly there are 2 COM ports hanging off the chip. One for USB and one for debug (using USB). Sounds like someone tied it out wrong.