Agape Blog

If you’re planning to buy a new smartphone, you might want to read this post.

Independent Security Evaluators (ISE) researchers have discovered a security flaw in the operating system of a high-profile smartphone, this time it’s a vulnerability in the G1, also known as the Google phone. This is the second time in about 15 months that ISE researchers have discovered a security flaw smartphones. Charlie Miller, a well-known security researcher and hacker and principal security analyst at ISE, discovered that in putting together the operating system for the G1, known as Android, Google used some older open-source software that had known flaws, resulting in a vulnerability in Android itself.

Here is Miller’s description of the problem:

A user of an Android phone who uses the web browser to surf the internet may be exploited if they visit a malicious page. Upon visiting the malicious site, the attacker can run any code they wish with the privileges of the web browser application. We have a very reliable exploit for this issue for demonstration purposes. This exploit will not be released until a fix is available.

The Android security architecture is very well constructed and the impact of this attack is somewhat limited by it. A successful attacker will have access to any information the browser may use, such as cookies used for accessing sites, information put into web application form fields, saved passwords, etc. They may also change the way the browser works, tricking the user into entering sensitive information. However, they can not control other, unrelated aspects of the phone, such as dialing the phone directly. This is in contrast, for example, with Apple’s iPhone which does not have this application sandboxing feature and allows access to all features available to the user when compromised.

Miller and other ISE researchers last year found one of the first security problems with the iPhone, a flaw that enabled attackers to compromise the phones using a malicious Web page. The attack allowed an attacker to read the victim’s SMS messages, address book, call log and other stored data.

Jonathan Zdziarski, who has been an iPhone hacker has already demonstrated lot of bugs in Apple’s iPhone. And now the G1, barely two months old is being ripped apart for security concerns. It has been known that Google is aware of the problem with the G1 and is working on a fix.

Cellebrite - the industry leader in mobile phone content transfer and backup solutions, recently announced native support for iPhone. The universally popular iPhone will now be compatible with Cellebrite’s UME-36 synchronization device. Native iPhone support represents user interface breakthrough, allowing users to transfer customer’s phonebook, from phone to phone, over a direct cabled connection, without requiring a PC or additional software.

The portable, stand-alone UME-36 device connects directly to an iPhone using a USB cable, requiring no PC for use, and supports more than 1500 past and current cellular phones. Over 50,000 Cellebrite UME-36 devices are currently used exclusively by all major carriers in the world including Verizon Wireless, AT&T, Sprint, Nokia, Vodafone, T-Mobile, US Cellular and more.

This new feature will definitely help forensic investigators to fasten their process and provide effiicent results, specially for the newly released iPhone.

Recently, Jonathan Zdziarski presented an O’Reilly webcast iPhone Forensics: Bypassing the iPhone passcode which demonstrated steps that can be used by law enforcement to bypass the iPhone 3G’s passcode lock by creating a custom firmware bundle. During the webcast Zdziarski explained how the iPhone keeps a snapshot image of your most recent action. He also stated that it could take as little as 60 seconds to break the iPhone’s security. Some of the other methods include taking data from the iPhone’s keyboard cache, Safari cache, Google Maps lookups and so on. Experts and hackers can also recover deleted photos or e-mails from months ago.”

Zdziarski has been a longtime mobile hacker who has played a key role in opening the iPhone’s environment. He has written books on iPhone development and forensics for O’Reilly. He would be organising a 2 day forensic workshop from tomorrow.

Considering these loopholes in iPhone, no one would like to spend on a device that does not promise robust security. Not that everyone has got anything to hide, but there are some things that everyone wants to remain private - always.