A malicious message sent to Windows Phone’s message hub can disable the handset in a manner reminiscent of the “nuking” attack from the Windows 95 days. At the point the bad message is received, the phone reboots, and worst of all, it appears that the message hub application is permanently disabled. Back when people used to only use their phones to call and text, you’d perhaps think that having your phone reboot on you would be no big deal. But these days I find myself often as not composing some important missive.The attack has been reported to Microsoft. It affects both versions 7740 and 7720 of Windows Phone 7.5. When I first read this, I was wondering whether hackers were just expanding their already-prodigious knowledge of malware aimed at Windows OSes, but it’s worth noting that, in the lab at least, similar attacks have already been dealt with on iOS and Android. What this really portends is that the black hats and vandals are shifting their gaze to mobile, along with the rest of the computing industry.
I have no doubt that it will be fixed and a patch will be disseminated forthwith. The big question is, with two decades of cat-and-mouse between OS vendors and hackers under their belts, will the mobile platforms be relatively hardened compared to the worst times, when it seemed that new PCs were instantly infected the moment they connected to the net for the first time, or are exploits like this just a speedbump, and mobile platforms will remain largely uncompromised in the real world?
I’m not worried about it. Because of the huge variety of platforms, malware on cell phones is difficult to spread. Exploits for one phone won’t work on most other phones (unlike the days when connecting pre-SP2 XP without a firewall directly to the internet resulted in an infection in 30 seconds. Practically everybody had XP)
These external attacks on cell phones are relatively rare, and their surface area for attack is much, much smaller than, say, a desktop computer.
Because of the diversity of platforms, cracking each OS becomes less valuable, as the exploits can reach a smaller number of people. I don’t expect we’ll see quite the homogenization of platforms in the phone world that we saw in on the desktop. I think it’ll stay diverse, much like the console market.
Yeah, we have like iOS, Android and BB. And maybe Windows in the future, if it catches on. Huuuuge variety.
Not all phones are run Android, BB, iOS, or WinPhone. Not all phones are smart phones. If you take into account the vast variety of feature phones (there is no reason not to), yes, there is a huge variety of platforms. Most people don’t have $200 to spend on a smart phone. Hell, most people don’t have $100, or are unwilling to spend that much, on a smart phone.
It was rather clear from the title alone (“Signs of Things to Come?”) that the author specifically meant smart phones. Also, already 40% of US mobile phone owners own a smartphone, and amongst youth (15-24) it’s even 67%. Western Europe has about the same rates (just Google around for “smartphone penetration” etc.), and let’s not forget Japan and China. We’re talking about a huge market share, and 100s of millions of smartphones. So I’m really lost why you try to trivialize this potential malware problem.
Maybe because it only affects one of the smallest niches in either feature or smart phones.
And you have to know that the phone you are sending the attack message to is a wPhone. It doesn’t work on 98% of all smartphones and 100% of all other phones. More than enough reason to trivialize it IMO.
It’s not trivial to me, a WP7 user. Don’t be the asshole who assumes just because YOU aren’t affected, that no one else will be.
On the other hand you are 100% of you. So it’s OK to feel bad if you chose something that took advantage of your particular character traits even if only a scant few million out of 7 billion will suffer for having those characteristics. You can even call it my fault.
Yeah, that’ll fix things. (o;)
Do you also use Visual Studio? Because the same text string can crash that too. How about Blend? Silverlight? WPF?
http://www.xda-developers.com/windows_phone/bug-crashes-wp7-messagi…
~~~
Bug Crashes WP7 Messaging Hub (And More) Via Text
December 15, 2011 By: Livven
Bug Crashes WP7 Messaging Hub (And More) Via Text
On Monday, a reader of WinRumors.com discovered a pretty nasty bug in Windows Phone 7′s messaging hub: upon receiving a special text, either through SMS, Facebook chat or Windows Live Messenger, the device will automatically reboot, and the messaging hub cannot be opened anymore. Only a hard reset will fix this. For a demonstration, watch this video.
http://www.youtube.com/watch?v=vnhzuKcDo6A
Shortly thereafter, Microsoft acknowledged the bug and said it is looking to “take appropriate action to help ensure customers are protectedâ€. Meanwhile, Khaled Salameh, who originally discovered it, has investigated this issue further and found that it applies to lots of other Microsoft applications as well – including Windows Live Messenger, Visual Studio and other desktop software utilizing Silverlight or WPF.
However, rest assured since the special text causing this bug hasn’t been made public, and it isn’t in any way security-related.
~~~
Surely there was no way to anticipate that an M$ product would be negatively impacted by the attempt to process a string of text!
Oh, wait …
You might consider wearing a bullseye mask.
But since it’s my fault I will simply forbid you from doing so.
Now: Sell or throw away your phone. Immediately!
Problem solved. (;
What the hell does that even mean? I don’t feel bad for choosing this phone, in fact it’s the best smartphone I’ve owned since 2006. I’m following the same maxim I always do: The right tool for the job. Android is fine for tablets (I love it on my Nook Color) but it’s not stable enough for phone use in my experience. BlackBerry is nice and stable (and secure) but behind the times. iOS is cute and flashy but it’s just not quite there for my needs. WP7 is a breath of fresh air and so far has met and/or exceeded all my expectations.
Nope, Windows is not my current main OS at home, and I don’t use any of those apps at work either.
And you trot out the usual anti-Microsoft spiel, complete with a troll badge of honor (“M$”). Look, I’m no fan of the company myself, but lately their non-PC stuff has been pretty good (Xbox 360, WP7). Don’t act as if this kind of thing ONLY happens to Microsoft, it makes you look quite the fool. You forget that OS X was the first to fall in Pwn2Own two years in a row.
Twice now you have claimed that I somehow blame you for something. How childish and passive-aggressive of you! But hey, it must be all about you right?
No thanks, I really like the phone. And I stand by my original statement (which you conveniently never addressed): Don’t be the dick who assumes that just because YOU don’t own a WP7 phone that this issue is inconsequential and not worth doing anything about. Because, next time it just might be your “superior” phone OS that is targeted. But don’t worry, I won’t trivialize it when that inevitably happens; my ego needs no stroking.
And given that the text string that causes this failure may never be released to the public there is every chance that this bug may never hit your phone.
Will I still be an asshole if nothing bad happens to you? Even though it could? (o;)
Yup. ‘Cause I didn’t care if you got bit by a bug that may never exist in the wild.
Why would I worry about that? Even if it really did happen in spite of your thoughtfulness and consideration for me (or whoever).
Actually it’s perfectly OK if you do. You are entitled to think and say whatever you want. The restrictions on those things only apply to me, remember? Because I’m baaaaaaad. Somehow.
No, it was quite obvious in your original post that you were trying to speak for the rest of the world by saying it was a trivial issue that wasn’t newsworthy because you say so. I felt otherwise and said as much, and you went apeshit and tried to make it personal.
Hey bud, I just replied in kind when you went off on an arcane tangent. Believe me, it’s not personal. I’m just a sucker and an easy target for Internet trolls.
Though I must say, I have not before run into the kind of extreme passive-aggressiveness you have displayed here, putting deprecating words into my mouth constantly and trying to make it appear as if I’m running ad hominem attacks on you. Stay classy, my friend.
As the article says, “similar attacks have already been dealt with on iOS and Android.” Unless I’m mistaken the author’s intent wasn’t “OMG Windows Phone isn’t safe!”, which shouldn’t surprise anybody, but more like “Are we going to see more attacks on smartphones in the future?”, which is imho a very good question (albeit not an original one, of course).
Oh, you just forgot about the biggest, by far, installed base of Symbian… (still at the top of web stats http://gs.statcounter.com/#mobile_os-ww-monthly-200903-201112 despite its users being most likely less “online active” than iOS or Android ones; even curiously increasing recently somewhat*) …supposedly dying, yes, but a) it shouldn’t matter that much as far as present target vectors go b) in some parts of the world (Africa and Asia, look at their mobile OS stats) it might, in the end, not die after all (it does finally improve, and *^)
Plus, supposedly, at least largish part of its user base should be converted to WinPhone, so that gives us 5.
More, really. You “specifically” count very few platforms as smartphones, relegating rest to feature phone category which doesn’t matter or smth …but, really, S40 (oh, only the most widespread mobile phone platform on the planet; and BTW, S40 is not Symbian) is more of a “smartphone” than iPhone in its first year, and used such by people – browsing, music, apps, etc.
And it’s not the only such platform
On other phones – yep, don’t work. But it works in Visual Studio, Blend “and others”
https://twitter.com/#!/KSalameh/status/146577133899227137
It really is interesting – what’s the string and why the hell it crashes MS stuff.
About 10 years ago I’ve seen a similar bug in Siemens phones (S35, C35, A45 and some many others). These phones had additional smileys which were inserted with a special code, something like “%15%”.
A specially crafted smiley code could make the phone enter an endless loop while processing the code and the only option to stop it was removing the battery: http://forum.gsmhosting.com/vbb/archive/t-62174.html
The phones only crashed when displaying the message, so the problem was solved by inserting the SIM card in another (non-Siemens) phone and deleting the offending message, deleting the message via IRDA or a PC connection cable or simply not opening it.
My bet is that Windows Phone has problems with displaying or processing malformed Unicode text.
You’re probably right on it being malformed unicode… unicode has the wonderful advantage of massive language support; but the drawback of being too blasted complex for it’s own good.
Part of why I still say we should force the whole world to live with the 7 bit ASCII set
The question should not be if it’s bad that Windows Phone has a flaw. The question should be how soon will Microsoft have a patch available and how quickly will that patch be applied to phones.
And how soon after it is available will the patch get rolled out and how long after that before a new way to trigger the underlying flaw (that also exists in Visual Studio and other products) will be triggered by a new mechanism.
That would be the “how quickly it is applied to phones” part. I’d agree that patch quality is indeed a factory though; does it correct the root cause or just plaster over it.
Yup. Sorry about that. Too much caffeine, not enough sleep. |;^\
One of the complicating factors with deploying a fix for this vulnerability is that it has to go through “mobile operator certification” before it’s pushed out to any phones. If the original Windows Phone 7 patches and 7.5 upgrade are any indication, it could be awhile before the carriers push out a fix — no matter how quickly Microsoft might have one available.
…the sky is falling.
Good point. It is a two-factor insecurity: You have to have the phone number to send the exploit to and there has to be a wPhone on the receiving end of the payload.
So even if the sky does fall, i.e. this specially crafted SMS message gets sent to every phone on the planet, there will only be about 4 or 5 million handsets affected. And that’s only if all of them have SMS enabled, are powered on and are within range of a tower before the message expires.
On the other hand if it happens to you/me it is a 100% bad thing. (o;) (It can’t happen to me though. I’m on Virgin Mobile ; there are no wPhones available from them.)
Hope it doesn’t happen to you (if applicable.)
If you don’t power on and connect to the network before the SMS expires you essentially have no phone anyway. It’s not a typical scenario for any of the phone owners that I know of anyway.
Yeah, it would be better to have a phone but with no SMS. Or to have an iPod Touch with a SIP client app.
Less typical than getting a text, having your phone die and then being unable to get a text after rebooting? There have been times when I wished I couldn’t get an SMS and even more so an MMS, but I have changed carriers twice since then. (o;)
I recently read an article in the IEEE Megazine (http://www.infoq.com/articles/mobile-attacks-and-defense) about how the SMS messaging is basically the best point to find a flaw. The article talks only about iOS and Android because every other application Sandboxes. This means that the hackers have to find two flaws. So the easiest way is to attack the SMS and GSM to gain control. It also talks about how they will use DEP and ASLR to help prevent the attacks. So hackers will be able to find flaws the problem is that they won’t really be able to exploit them due to the vulnerabilities. I guess my point was that the flaws will exists but the probably of actually making a huge impact like we see on PC is low.
Edited 2011-12-14 22:33 UTC
I’m sure the mobile carriers will filter the offending part before it reaches any phone.
Edited 2011-12-15 00:20 UTC
That should make them eager to sell more wPhones: The smallest segment of the smartphone OS market requires them to filter all SMS messges. And will come with Skype soon. Carriers love Skype!
Maybe that’s spin, but there’s no evidence to say it’s a “security flaw” rather than just a bug.
No, back in the days I used my phone to call, had my phone rebooted on me, it would have been a big deal. I’ve used a Nokia 3310 for almost 10 years and never saw a crash, a reboot or something that remotely look like a bug, not once.
Nowadays, I expect my phone to have bugs, to crash and to have to reboot it. The battery is dead so often that it doesn’t really matter, I just expect my phone not to work every now and then.
The phones are not as reliable as they used to be and that has some positive effects. I’m learning to live without it again. This week I’ve spent a full day without a phone (battery was dead and charger was at home). This was actually a very pleasant day, like in the old times.
A serious flaw was found in a rather new piece of software from Microsoft.
Stop the presses!