Samsung Galaxy S3 (et al) hacked via NFC at PWN2OWN

Discussion in 'Alternatives to iOS and iOS Devices' started by Porshuh944turbo, Sep 19, 2012.

  1. Porshuh944turbo, Sep 19, 2012
    Last edited: Sep 19, 2012

    Porshuh944turbo macrumors 6502

    Jun 4, 2003
    Uh oh.....

    Still want NFC? :eek:

    To please some of you accusing me of not being fair -- yes, the iPhone 4S was hacked via a similar exploit, but obviously not via NFC, which I believe is the news here. The iPhone exploit was made possible through a website. The iPhone 5 is believed to be vulnerable, though this is unconfirmed. The exploit was used on iOS 5.1.1 and a developer version of iOS 6 on an iPhone 4S handset.

  2. jaysen macrumors 6502

    Sep 16, 2009
    If you're going to troll, be fair about it - sheesh;

    Oh no, lets remove email from the iphone...
  3. Cozmo85 macrumors regular

    Oct 2, 2007
    NFC's range is something like touching to 4 inches. At that distance you could just steal the phone.
  4. Porshuh944turbo thread starter macrumors 6502

    Jun 4, 2003
    Most people can spot a phishing email a mile away (if it even makes it through your mail server's spam filter). Walk around a shopping mall and see how many people get close enough to your phone that is in your pocket. It takes very little time to establish an NFC connection. Once the payload is uploaded, according to the article, a hacker could connect via WiFi to your phone and access anything and everything.

    I can think of numerous places a hacker could exploit this with ease:

    a crowded bar
    a concert
    checkout line at the grocery store
    checkout line just about anywhere
    at the workplace where people often leave their phone on their desk

    it's not about stealing a phone.. the NFC hack works without the owner's knowledge.

    troll? lol.. been here since 2003, bud
  5. Interstella5555 macrumors 603


    Jun 30, 2008
    If you were really being fair you would mention the 5 has also been hacked instead of just saying "et al". I agree though, NFC is a terrible idea.
  6. Porshuh944turbo thread starter macrumors 6502

    Jun 4, 2003
    the 5 wasn't hacked.. a 4S was and the team responsible believes the 5 is also vulnerable (unconfirmed). However, I think the news here is that NFC was used. Email and website hacks have been around for a while now (and are indeed a threat that should be patched).

    If you can show me an iPhone 5 hacked via NFC, then you got me.
  7. JohnnyAndre macrumors regular

    Jun 25, 2007
  8. munkery macrumors 68020


    Dec 18, 2006
    It should also be noted that the Android exploit included privilege escalation.

    This allowed the installation of an app, which could have been malware, and the comprise of protected data, such as SMS and emails.

    Privilege escalation was not achieved in iOS. So, malicious apps couldn't be installed and protected data was not compromised.

    Mobile pwn2own 2012 details:

    Android exploited including privilege escalation via NFC

    Android hack details:

    iPhone browser exploited but privilege escalation not achieved

    iPhone hack details:

  9. jaysen macrumors 6502

    Sep 16, 2009
    Most tech-savvy people can spot a phishing email a mile away, yet millions of people still fall victim to phishing scam/emails a year - go figure.

    You're absolutely right in terms of the many of opportunities someone can become close enough to "exploit" this hack, yet you forget the attacker would still need to know the persons phone location to get within "4 inches" of it... I can only see this as being valid if the person has their phone swinging from their hands as they take strides...

    In regards to my troll comment, I was referring to you bashing "Samsung" for including a technology that Nokia, Phillips, and Sony developed YET, the article clearly states ANYONE is vulnerable.

    You also fail to realize, the team purposely used NFC for "showmanship" again failing to note this could probably be done using WiFi or bluetooth. Also note, in the GSIII, Galaxy Nexus, HTC One X, all have the capability of turning NFC on/off.

    Good article nonetheless, but to say "Still want NFC" as if it's the future doomsday technology, is unfair and bias - hence my troll comment.
  10. JohnnyAndre macrumors regular

    Jun 25, 2007
    NFC shouldn't make or break a phone. It's a stupid feature that can be easily reproduced in many different, more secure ways.
  11. lordofthereef macrumors G5


    Nov 29, 2011
    Boston, MA
    While I agree that this is a concern, it is being overblown here by the OP. Someone walking by you at the mall? NFC on the phone isn't an always on type of thing. You don't just brush up against a person and steal their information. NFC actually has to be activated. The risk of something getting stolen would be similar to the risk of your card info being stolen by means of a skimmer (look it up for those who don't know what that is). Granted, getting the entire contents of your phone stolen is a bigger deal than a single credit card's info, which is why I am not dismissing this as nothing, but it certainly is getting way more heat than it deserves.
  12. chakraj macrumors 65816


    Feb 6, 2008
    So Cal
    Hackers show the world how to steal an iPhone’s pictures, address book and browser history

    TechWorld reports that the hackers created a Webkit browser exploit that circumvents Safari’s security protocols if a user happens to be on a page where the malicious code is running.

    The hackers told TechWorld that the browser exploit “works on iOS 5.1.1 and the developer release of iOS 6, and probably also works on the iPhone 5,” so it’s not as though upgrading to the new iPhone will deliver instant protection.

  13. JetBlack7 macrumors 68020


    May 14, 2011
    The next big thing is here...along with the possibility to be hacked.
  14. shawnwich macrumors 6502


    Oct 4, 2007
    Houston, TX
    Yes, yes I still want NFC.

    Anything can be hacked.
  15. RotaryP7 macrumors 6502a

    Aug 31, 2011
    Miami, FL
    Anything except Blackberries. Did you know the President has a Blackberry? It's nearly impossible to hack into those phones. That's still one of the reasons why the Blackberry still exists today.
  16. Oppressed macrumors 65816


    Aug 15, 2010
    Hard to promote something like this for public use if the public has to be afraid if they are going to be hacked.

    "Even the BlackBerry doesn't have all the security features that the iPhone has. For example, BlackBerry also uses WebKit but they use an ancient version. With code signing, the sandbox, ASLR and DEP, the iPhone is much, much harder to exploit," Pol said matter-of-factly.
  17. munkery macrumors 68020


    Dec 18, 2006
    See my post above. The Android exploit was worse because it included privilege escalation which allows the installation of malicious apps and the compromise of SMS and emails.

    The iPhone exploit didn't allow app install and protected data wasn't compromised. The data accessed with the iPhone exploit is only data available via legitimate APIs. Despite the exploit working in iOS 6, I suspect that even this limited data access may be mitigated by the new security and privacy features of iOS 6.

    In terms of security, the android exploit is much more severe.
  18. cotak macrumors regular

    Feb 24, 2011
    The problem is how NFC is implemented right now and how it automatically opens something it's sent. That will be rectified I am sure.

    It's not a reason to be for or against NFC. If you think like that you'd be mistaking a bad design decision with a useful technology. Vast majority of us have NFC in our lives already be it the paypass in your credit card or the badge you open doors with at your office.
  19. throAU macrumors 601


    Feb 13, 2012
    Perth, Western Australia
    NFC is retarded.

    They're making all the same mistakes the desktop world went through in the late 90s.

    Unauthenticated, unencrypted traffic, sent to my device?

    Sure, come right in, i'll process that!

    Fact: programmers can't write secure code (we've had 50 years to get it right, and people still can't)
    Fact: it will be exploited
  20. lazard macrumors 68000

    Jul 23, 2012
    actually the NFC range is 4cm.


    the information sent via NFC is encrypted and sent over a secured channel.
  21. cotak macrumors regular

    Feb 24, 2011
    You realize that SMS is also unauthenticate, unencrypted traffic send to anyone's phone and any phone just process it? Should we all abandon SMS?

    For that matter how is any instance messengering app any better? Or email? Might as well just put on the tin foil hat at this point.

    It's not that programmers cannot write secure code. It's that there's not enough pressure for that to be the prime objective.
  22. kdarling macrumors demi-god


    Jun 9, 2007
    First university coding class = 47 years ago
    Reading the article, it's not really about NFC, since that's just one possible delivery vector.

    It's more about a security hole in a popular document reader app that allows a downloaded page to install code.
  23. blackhand1001 macrumors 68030


    Jan 6, 2009
    The issue is only related to the s3. The galaxy nexus only enables NFC polling once the device is unlocked. Samsung can easily change the s3 to work this way as well.
  24. Mac.World macrumors 68000


    Jan 9, 2011
    In front of uranus
    Really? Must be why credit card companies and government ag3ncies use the tech. :rolleyes:

    To hack NFC, you must be literally within an inch of the phones chip. Not the phone, the chip. And if you believe someone is trying to do this thing to you, knows exactly where you keep your phone, etc... there is an easy way to stop them. Put your phone in your pocket with the screen facing outward. Done. Or stick a metal cover over th3 back. Or real carbon fiber.

    This is such a non issue.
  25. flameproof macrumors 6502a


    Jan 14, 2011
    ...and they are very unlikely to get stolen too.

Share This Page