If you think this isn't scary enough, that thing most likely has access to a privileged network segment that the rest of the mobile network equipment is on and the software on those is no better.
Imagine if this was combined with the iPhone worm from a few months back. It'd essenially pingflood all phones exposed on the telco networks and screw thousands of people in excess changes without them even knowing something was going on.
This worries me greatly. (puts iPhone on WiFi mode)
I imagine that allowing multicast resolution system-wide is fraught with security problems, and most Android phones are whored out to random wifi networks all over the world.
Forget IoT. What's stopping that insane Broadcom Wi-Fi bug from spreading between phones like a virus? There will be plenty of Android phones that are vulnerable to it for years to come.
I kind of hope someone does it so Google finally do something about the Android update situation.
Once a ISP goes hostile, all that remains is mesh networking, and navigating data- by having encrypted packages, jump from phone to phone, based upon the wifi location the phone has been near in recent history.
Then you need a zero-day, install software that turns almost all phones into nodes and there is nothing any authority can do to prevent communication ever.
I have a mixed feeling about that Android keeps itself safe from this attack by not implementing DHCP option 121. IIRC Android also chooses not to support DHCPv6 intentionally.
They already have control of all your traffic so what's the harm? Take the sim out of your phone in case you are really worried, but that would cut you off the network as well.
I'd be far more concerned with the hundreds of microcontrollers running proprietary code.
> This is my concern. I use my old pixel (3a) as an always-on Syncthing node but worry about the security implications.
Interesting, I've never thought of using an Android phone as a Syncthing node.
Is there a way for an Android phone to connect to Wifi, but not the internet?
I use Syncthing with local discovery only, which only needs the devices to be on the same Wifi network. Not having internet access and also not having a SIM card to get calls/sms/mms message should greatly reduce the risk of attack to the point where I wouldn't feel worried about it.
Sure, industry learned that exposing ports is dangerous. But they apparently didn't understand the deeper risk of trusting the network.
Cellular baseband is poorly secured, and it's privileged over userland. And its firmware is a closed-source blob, so it's ~impossible to fully assess the risks.
And so it's arguable that adversaries can pwn smartphones through baseband.
That's the analogy to Windows XP machines. Windows Firewall was just a stopgap. What helped most was going from dial-up modems, which are no more secure than network interfaces, to modem/routers with NAT firewalls.
So smartphones ought to have discrete cellular modem/routers. And that's an easy option for the PinePhone, given the kill switch.
Anyone else think that device is a disaster waiting to happen? The example shows sending a "whoami" command to the device via SMS, and then the device responds "root" via SMS. Uh, what's to keep someone else from hijacking it via SMS for their own purposes? A "bad guy" would have to figure out that there's one on the network, but it would still concern me to have a remote-controlled device on the network that's open to arbitrary SMS-sent commands.
It's entirely possible to run Android on DoD networks, it just takes a lot of work to certify it and the restrictions of what you can do with the device make it almost useless.
How about use your phone as only a data modem and do everything on a chrome os device, which have no known malware. Just don't install chrome extensions and you are safe. Also avoid installing apps on your phone
This is basically what I wish I had, except back in reality there's no Chrome device that's the size of my cell phone. There are some with cellular modems.
I imagine I am eventually going to end up with a rpi (built-in dualband wi-fi serving as AP) and a usb battery pack and a 4/5G modem strapped to my lower leg whenever I leave the house, backup pistol style, as smartphones become less and less able to be configured to preserve privacy.
Turns out I need to have root on my dns server and iptables/wireguard on my NAT router. It’s slowly becoming non-negotiable.
That's all fine and good until the hardware, which you won't control, comes with its own prepaid cellular modem that connects at will and sends that juicy data back to the mothership. Follow the consequences of your OS being effectively spyware controlled by a hostile external entity and things get dark rather quickly.
reply