SoylentNews is people
SoylentNews
Submitted via IRC for BoyceMagooglyMonkey
[...] Unknown to the common user is that modern smartphones include a basic modem component inside them, which allows the smartphone to connect to the Internet via its telephony function, and more.
While international telecommunications bodies have standardized basic AT commands, dictating a list that all smartphones must support, vendors have also added custom AT command sets to their own devices —commands which can control some pretty dangerous phone features such as the touchscreen interface, the device's camera, and more.
[...] Once an attacker is connected via the USB to a target's phone, he can use one of the phone's secret AT commands to rewrite device firmware, bypass Android security mechanisms, exfiltrate sensitive device information, perform screen unlocks, or even inject touch events solely through the use of AT commands.
(Score: 2) by SomeGuy on Monday August 27 2018, @08:57PM (2 children)
But WHY did they add all of these bizarre features?
AT commands were designed to change general behaviors of a modem, such as number of rings before answer, maximum baud rate, error correction, and such.
On simple hardware they sometimes represented actual hardware "registers", but it was really all an abstraction. And the bulk of the AT commands solidified with the Hayes command standard.
Shit to modify toy touch screen behavior or bypassing security would be insanely out of scope.
I think now we know who hired those out of work "HTML 5" devs.
+++ATH
[NO CARRIER]
(Score: 5, Interesting) by Anonymous Coward on Monday August 27 2018, @11:59PM
The things *are* modems at this point.
If these manufactures have exposed one of the wrong built in com ports then yeah the chip is pretty wide open.
There are *THOUSANDS* of AT commands you can use on the thing.
There is a 'base' command set baked into the standards. Then each manufacture adds their own set on top of that. Back when I used to work on these sorts of things. The specification printed out was about 3 inches thick of double sided single spaced paper. Someone at my office printed it out as a joke. You do not use them that way. It was quite the impressive tome.
There are several levels of commands too. Depending on the chip you usually get 4-8 COM ports. Then kernel drivers guard it and issue the commands for you. There are no passwords or anything like that. It is usually just a physical blockage to the really interesting debug ports, they do not tie out the lines. Or the chip manufacture will leave the pins out but the pads are still there.
To setup a call it literally does a ATDT. Plus I know you were being snarky but it does +++ATH when it hangs up (still called that in the docs). Can not remember off the top of my head how it sets up the PPP connection. Usually the standard and manufacture codes are something like AT~xYZ. That will either take a set of values or bin string, then will report back some standard printout or some binary structure.
It works. They never really changed it but they sure as hell extended the living hell out of it.
The carriers usually tested for it during their certification. That there are 11 phones out there that let you at this stuff shows that they failed.
The 'bizarre' features are things like how do you setup an AM/FM radio, built in IP stack, SMS, etc... Dont get me started on the unholy mess that SMS is and secret commands.
(Score: 0) by Anonymous Coward on Tuesday August 28 2018, @09:33AM
> out of work
https://github.com/whatwg/html/issues [github.com]
Doesn't seem like they are out of work just yet.