Click to Skip Ad
Closing in...

Curse of Silence exploit curses S60 handsets… with silence

Published Dec 31st, 2008 10:35AM EST
BGR

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Can you imagine the response at the F-Secure offices? Woweeee, people might finally have a reason to buy our S60 app! A group in Germany by the name of Chaos Computer Club has discovered a pretty major vulnerability in the S60 OS that allows an attacker to disable incoming SMS ans MMS on a remote device. The exploit, a DoS attack of sorts, is very simple to take advantage of and for the time being, the only way to block an attack would be to have an SMS-blocking application installed and set to only accept messages from a white list. Here’s how the exploit works in a nutshell:

Emails can be sent via SMS by setting the messages Protocol Identifier to “Internet Electronic Mail” and formatting the message like this:

[email-address][space][message body]

If such messages contain an with more than 32 characters, S60 2.6, 2.8, 3.0 and 3.1 devices are not able to receive other SMS or MMS messages anymore. 2.6 and 3.0 devices lock up after only one message, 2.8 and 3.1 devices after 11 messages.

Yep, it’s that easy. Chaos Computer Club is not a malicious group and as such, it had brought the Curse of Silence to the attention of Nokia and GSM carriers long before the internet caught wind of it. We’re still waiting for word on whether or not the issue has been addressed by either Nokia (through recent firmware updates) or by various carriers (by blocking messages with the COS formatting). We can tell you one thing though, we’re not testing it on our handsets!

[Via Unwired View]

Read

Zach Epstein
Zach Epstein Executive Editor

Zach Epstein has been the Executive Editor at BGR for more than 10 years. He manages BGR’s editorial team and ensures that best practices are adhered to. He also oversees the Ecommerce team and directs the daily flow of all content. Zach first joined BGR in 2007 as a Staff Writer covering business, technology, and entertainment.

His work has been quoted by countless top news organizations, and he was recently named one of the world's top 10 “power mobile influencers” by Forbes. Prior to BGR, Zach worked as an executive in marketing and business development with two private telcos.