SoylentNews is people
SoylentNews
Submitted via IRC for BoyceMagooglyMonkey
[...] Unknown to the common user is that modern smartphones include a basic modem component inside them, which allows the smartphone to connect to the Internet via its telephony function, and more.
While international telecommunications bodies have standardized basic AT commands, dictating a list that all smartphones must support, vendors have also added custom AT command sets to their own devices —commands which can control some pretty dangerous phone features such as the touchscreen interface, the device's camera, and more.
[...] Once an attacker is connected via the USB to a target's phone, he can use one of the phone's secret AT commands to rewrite device firmware, bypass Android security mechanisms, exfiltrate sensitive device information, perform screen unlocks, or even inject touch events solely through the use of AT commands.
(Score: 2) by fraxinus-tree on Tuesday August 28 2018, @07:11AM (1 child)
Mine doesn't. The last one to do that had Symbian OS. In order to get to the modem interface on a modern Android, you have to run inside the phone and also be root. Hardly a hacking vector.
The bad part is that the modem itself probably has a backdoor from the cell network side. Most of them do have one - and it is generally undetectable from the phone OS.
(Score: 0) by Anonymous Coward on Tuesday August 28 2018, @08:01AM
Um ... you should probably RTFA and watch the videos. These are all new phones running last year's version of Android, and these AT commands did not require any changes to the stock phone. They got root access via the USB port simply by connecting to it.