Friday, March 11, 2011

Mobile phones, the new target for crackers and "evil little sods"

Generally speaking, the more complex the technology, the more chances there are that lurking somewhere within, is some kind of vulnerability that can be exploited by nasty people such as crackers and "evil little sods" (ELSs)

To date, large, monolithic operating systems such as Windows have been a key target for these miscreants.

With little to do and lots of spare time, these people seem hell-bent on making everyone else's lives a misery and/or extracting money from those who are unfortunate to catch their attention while ambling along the information superhighway.

Trojans, viruses, worms -- they're all the work of these ELSs and cause nothing but grief to the general internet and computer-user population.

But now the ELSs seem to have found that invading people's privacy, stealing their credit card numbers and holding their PCs to ransom is "so last week". Instead, they're turning their attentions to mobile phone users.

And why not?

Mobile phones are just as ubiquitous as computers and, thanks to prepay SIMs and the ease with which mobile access can be had through stolen phones -- an ELS has far less chance of being caught when he's targeting poor cellphone users.

And let's face it, some of today's smartphones, such as the Apple iPhone, are really full-blown computers anyway.

What's more, with the move towards having your mobile phone serve as an electronic wallet, there may soon be rich pickings for the successful ELS who manages to break in and seize control of your cellphone.

Recently Google was forced to disable a number of applications designed for use on mobile phones using the Android OS, when it was found that they contained malware that compromised users' security and privacy.

However, it would seem that it's not just the smartphones that are vulnerable to the kind of complex technical exploit one usually associates with the actions of the ELSs amongst us.

A handful of German researchers recently demonstrated that it's possible to crash some of the most basic mobile phones through the use of a carefully crafted SMS message.

By embedding some binary data into the SMS, these researchers were able to either crash (force a reboot) or "brick" (totally and permanently disable) a number of popular "basic" cellphone brands and models.

Amongst the list of those phones which proved vulnerable to this exploit were household names such as LG, Sony Ericsson and Nokia.

Is there no device that is safe from the prying, wrecking, coveting eyes and hands of these malevolent crackers?

As always, vigilance is essential to security. However, sometimes we're simply at the mercy of the manufacturer and their ability to design good solid systems. Unfortunately, it seems that such reliance is sometimes just not enough.


No comments:

Post a Comment