Every mobile phone runs two operating systems; the one you interact with (like Android or Ios), and the one that controls the radio hardware. This second OS is ancient, creaking, and wildly insecure. Security researcher Ralf-Philipp Weinmann of the University of Luxembourg presented work on reverse-engineering the most popular "baseband" OSes from Qualcomm and Infineon and the horrifying security vulnerabilities he found. Anyone operating a cellular base-station (you can buy 'em on Ebay or build them from open source hardware specs) can send a 73-byte message that lets them run raw code on the processor; can silently activate auto-answer, crash the device, brick devices, install rootkits, send SMSes to premium numbers, and more.
You can do some crazy things with these exploits. For instance, you can turn on auto-answer, using the Hayes command set. This is a command language for modems designed in 1981, and it still works on modern baseband processors found in smartphones today (!). The auto-answer can be made silent and invisible, too.
While we can sort-of assume that the base stations in cell towers operated by large carriers are "safe", the fact of the matter is that base stations are becoming a lot cheaper, and are being sold on eBay - and there are even open source base station software packages. Such base stations can be used to target phones. Put a compromised base station in a crowded area - or even a financial district or some other sensitive area - and you can remotely turn on microphones, cameras, place rootkits, place calls/send SMS messages to expensive numbers, and so on. Yes, you can even brick phones permanently.
* The second operating system hiding in every mobile phone [Thom Holwerda/OS News]
I have a 64GB iPhone, but I don’t like using iTunes to transfer videos to it because it is a hassle. I have this little $30 USB/Lighting flash drive that holds 32GB of files, including videos, photos, and songs. I plug it into my computer, copy over a bunch of card magic instruction videos, and […]
Researchers at UC Riverside and Centro de Investigación Científica y de Educación Superior de Ensenada have published a paper describing their ongoing success in setting a “transparent nanocrystalline yttria-stabilized-zirconia” into patients’ skulls, which reveal the patients’ brains so that the patients’ brains can be zapped with therapeutic lasers.
A pilot invented this $18 plastic hook for your belt/waistband that can tow a 25lb rollaboard around the airport behind you, leaving you hands-free as you maneuver the concourse.
Home audio has taken some big leaps forward in recent years–not just in terms of sound quality, but also in the style department. The FRESHeBAR Leather Soundbar, now 56% off in the Boing Boing Store, is proof.The FRESHeBAR comes packing almost all the options you’d ever need for a home sound system, including Bluetooth streaming capabilities.The unit’s 90 […]
Much of what goes into creating an amazing photo happens in the digital darkroom. Here’s your chance to master all things photo editing: the Ultimate Adobe Photo Editing Bundle, now available in the Boing Boing Store for just $29.99.Across 8 courses and over 41 hours of intensive instruction, you’ll learn the fundamentals of Adobe’s suite of photo […]
3D printers are hot, but they’re also pricey. While the prospect of cranking out everything we can dream up is enticing, cost is often one factor that keeps us from jumping onto the 3D printing train.Now, thanks to M3D, that doesn’t have to be the case. You can now get its flagship 3D printer–plus four reels of filaments–for just […]