Search
Search titles only
By:
Search titles only
By:
Log in
Register
Search
Search titles only
By:
Search titles only
By:
Menu
Install the app
Install
Forums
New posts
All threads
Latest threads
New posts
Trending threads
Trending
Search forums
What's new
New posts
New ads
New profile posts
Latest activity
Free Ads
Latest reviews
Search ads
Members
Current visitors
New profile posts
Search profile posts
Contact us
Latest ads
ලංකාවේ හොඳම උපකාරක පන්ති සහ ගුරුවරුන් එකම තැනකින් - TopTuition.lk
dulithapathum
Updated:
Today at 8:07 AM
Colombo
RidhMathraa ’26 🎶✨
Tmadhusanka
Updated:
Wednesday at 11:58 PM
Ad icon
Colombo
PXN V10 Pro Direct Drive Racing Wheel (Under Warranty)
Abdur Rahman
Updated:
Wednesday at 10:23 PM
Ad icon
USDT ණය සේවාව - USDT Loan Service
පුරවැසියා
Updated:
Wednesday at 4:54 PM
Ad icon
🎮 INDIAN PSN GIFT CARDS AVAILABLE NOW! 🎮
madukaperera
Updated:
Tuesday at 12:57 PM
Electronics
Vehicles
Property
Search
Reply to thread
Forums
Mobile
Mobile Devices
≡ Elakiri S60 ZONE ≡
Get the App
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Message
<blockquote data-quote="anuja" data-source="post: 3735514" data-attributes="member: 17912"><p style="margin-left: 20px"><p style="margin-left: 20px"><p style="text-align: center"> <span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"><span style="font-size: 12px"><strong>Mobile Virology:</strong></span></span></span></p> <p style="text-align: center"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"><span style="font-size: 12px"><strong>Curse of Silence, a Symbian S60 SMS Exploit?</strong></span></span></span></p> <p style="text-align: center"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="text-align: center"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span> </p></p> <p style="margin-left: 20px"> <span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">Now when the platform is hacked and just when we thought we know practically everything there was to know about the 3rd edition of the S60 platform and new security system, I stumbled upon something really interesting.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">F-secure has just warned mobile phone users of a new worm which as is not S60 2nd Edition exclusive as usually and affects 3rd edition devices as well. </span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">Sounds bad but to be really honest with you, I'm not scared about it. With the risk of repeating myself I'll say again that there is no real danger if you are careful enough, actually, Smartphone users have to do a lot wrong to get infected and the latest exploit isn’t expected from this rule. </span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">Anyway, this easily reproducible SMS exploit was disclosed and demonstrated today at the 25th Chaos Communication Congress by the Tobias Engel. What is the most interesting about the exploit is fact that exploit is effective against a most of the Symbian S60 Smartphones and will effectively prohibit victims from receiving SMS messages.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">The 25th Chaos Communication Congress (25C3) is the annual four-day conference organized by the Chaos Computer Club (CCC) in Berlin, Germany.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">First held in 1984, it since has established itself as “the European Hacker Conference”, attracting a diverse audience of thousands of hackers, cientists, artists, and utopists from all around the world.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">According to Engel's research, the exploit affects the messaging components of Nokia S60 2nd ed and 3rd ed Fp1 devices as well, but F-secure’s labs determined that Sony Ericsson UiQ devices are vulnerable as well.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">Versions 2.6, 2.8, 3.0, and 3.1 are also better known as S60 2nd Edition, Feature Pack 2; S60 2nd Edition, Feature Pack 3; S60 3rd Edition (initial release); and S60 3rd Edition, Feature Pack 1 respectively.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">The vulnerability is very simple to exploit via an SMS message. No special software is required and the message can be drafted from a large number of phones. The message just needs to be formatted in a particular way. (We will not provide exact details here.)</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span><p style="text-align: center"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"> [youtube]SPy14SX1wqs[/youtube]</span></span></p> <p style="text-align: center"></p></p> <p style="margin-left: 20px"> <span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"> </span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span> <p style="text-align: center"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"><strong>What happens when a vulnerable</strong></span></span></p> <p style="text-align: center"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"><strong> phone receives the exploit message?</strong></span></span></p> <p style="text-align: center"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="text-align: center"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span> </p></p> <p style="margin-left: 20px"> <span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"><strong>Example 1</strong> — on the older 6680 nothing happens. Nothing at all… The first exploit message is enough to crash the SMS messaging service. It is a completely silent attack and there are no hints of trouble presented to the victim. The phone will simply stop receiving SMS (as well as MMS) messages.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"><strong>Example 2</strong> — on the newer N95, nothing will happen until several messages have been sent by the attacker. Then, once the critical limit has been reached, the phone will prompt an alert: "Not enough memory to receive message(s). Delete some data first."</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">The attack messages will not be visible from the Inbox, and deleting previously received messages will not resolve the problem.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">There will also be one additional notification on the N95. A blinking envelope, indicating that the Inbox is full, appears in the upper right-hand corner of the display.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px">Turning the N95 off and on again may return some limited functionality, but that functionality is very fragile. One multi-part message was enough to completely disable our test phone's SMS/MMS service, at which point even cycling the power did not help.</span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span></p> <p style="margin-left: 20px"><span style="font-family: 'Trebuchet MS'"><span style="font-size: 10px"></span></span> </p> </p></blockquote><p></p>
[QUOTE="anuja, post: 3735514, member: 17912"] [INDENT][INDENT][CENTER] [FONT=Trebuchet MS][SIZE=2][SIZE=3][B]Mobile Virology: Curse of Silence, a Symbian S60 SMS Exploit?[/B][/SIZE] [/SIZE][/FONT] [/CENTER] [FONT=Trebuchet MS][SIZE=2] Now when the platform is hacked and just when we thought we know practically everything there was to know about the 3rd edition of the S60 platform and new security system, I stumbled upon something really interesting. F-secure has just warned mobile phone users of a new worm which as is not S60 2nd Edition exclusive as usually and affects 3rd edition devices as well. Sounds bad but to be really honest with you, I'm not scared about it. With the risk of repeating myself I'll say again that there is no real danger if you are careful enough, actually, Smartphone users have to do a lot wrong to get infected and the latest exploit isn’t expected from this rule. Anyway, this easily reproducible SMS exploit was disclosed and demonstrated today at the 25th Chaos Communication Congress by the Tobias Engel. What is the most interesting about the exploit is fact that exploit is effective against a most of the Symbian S60 Smartphones and will effectively prohibit victims from receiving SMS messages. The 25th Chaos Communication Congress (25C3) is the annual four-day conference organized by the Chaos Computer Club (CCC) in Berlin, Germany. First held in 1984, it since has established itself as “the European Hacker Conference”, attracting a diverse audience of thousands of hackers, cientists, artists, and utopists from all around the world. According to Engel's research, the exploit affects the messaging components of Nokia S60 2nd ed and 3rd ed Fp1 devices as well, but F-secure’s labs determined that Sony Ericsson UiQ devices are vulnerable as well. Versions 2.6, 2.8, 3.0, and 3.1 are also better known as S60 2nd Edition, Feature Pack 2; S60 2nd Edition, Feature Pack 3; S60 3rd Edition (initial release); and S60 3rd Edition, Feature Pack 1 respectively. The vulnerability is very simple to exploit via an SMS message. No special software is required and the message can be drafted from a large number of phones. The message just needs to be formatted in a particular way. (We will not provide exact details here.) [/SIZE][/FONT][CENTER][FONT=Trebuchet MS][SIZE=2] [youtube]SPy14SX1wqs[/youtube][/SIZE][/FONT] [/CENTER] [FONT=Trebuchet MS][SIZE=2] [/SIZE][/FONT] [CENTER][FONT=Trebuchet MS][SIZE=2][B]What happens when a vulnerable phone receives the exploit message?[/B] [/SIZE][/FONT] [/CENTER] [FONT=Trebuchet MS][SIZE=2][B]Example 1[/B] — on the older 6680 nothing happens. Nothing at all… The first exploit message is enough to crash the SMS messaging service. It is a completely silent attack and there are no hints of trouble presented to the victim. The phone will simply stop receiving SMS (as well as MMS) messages. [B]Example 2[/B] — on the newer N95, nothing will happen until several messages have been sent by the attacker. Then, once the critical limit has been reached, the phone will prompt an alert: "Not enough memory to receive message(s). Delete some data first." The attack messages will not be visible from the Inbox, and deleting previously received messages will not resolve the problem. There will also be one additional notification on the N95. A blinking envelope, indicating that the Inbox is full, appears in the upper right-hand corner of the display. Turning the N95 off and on again may return some limited functionality, but that functionality is very fragile. One multi-part message was enough to completely disable our test phone's SMS/MMS service, at which point even cycling the power did not help. [/SIZE][/FONT] [/INDENT][/INDENT] [/QUOTE]
Insert quotes…
Verification
Nawa warak dahaya keeyada? (Namaya wadi kireema dahaya)
Post reply
Top
Bottom