December 3, 2013 weblog
Class0Firewall for SMS attack protection lands in Google Play
(Phys.org) —Last month, news of smartphone vulnerabilities ended with more of a bang than a whimper when Bogdan Alecu, a system administrator at Levi9 and, also, an independent security researcher, presented his findings about Nexus phones at DefCamp. This is a key conference on information security, and it ran from November 29 to November 30 in Bucharest.
In one of his tests, performed on a Nexus 4 with the screen unlocked and running Android 4.3, after receiving around 30 class 0 messages, the phone did not respond to taps or attempts to lock the screen. While in that state, the phone was unable to take incoming calls; a manual reboot was necessary. Overall, he said that he found Nexus phones –the Galaxy Nexus, Nexus 4, and Nexus 5—to be vulnerable to multiple SMS attempts which may force the phones to reboot or lose connectivity. The mischief is accomplished if the attacker sends around 30 Flash SMS messages to the phone. (He wanted to see what would happen if sending multiple messages to a device at short intervals.)
Flash SMS messages are displayed on the screen and with this type of exploit, the user who ignores the messages without saving or dismissing actions at once may see the phone lose connectivity or reboot.
According to reports, Alecu contacted Google about the issues. Is it only happening with Nexus phones? Alecu said he tried the attack on other devices with no such results. This does not mean the exploit would be impossible to carry out on smartphones from other vendors but so far he was only able to confirm such effects on Nexus phones. According to PCWorld, "We thank him for bringing the possible issue to our attention and we are investigating," said a Google representative via email.
According to Android Police, "Based on limited testing with devices from various vendors, the vulnerability appears to only affect the Nexus line running on all versions of stock Android through to the current release of KitKat."
The latest news is that a firewall app that addresses the vulnerability is available now in the Google Play store. The ClassOFirewall, from SilentServices, has been designed to help protect against such attacks; as a line of defense, the app limits how many Flash SMS can be received. Values can be set for threshold and block duration. If the number of incoming messages exceeds the defined value the message gets dropped by the Firewall. If a message gets dropped, a toast message appears. Class0Firewall is a Proof of Concept app, according to the description on Google Play, "discovered by Bogdan Alecu. He also came up with the idea for the defense." Due to the SMS API change in Android 4.4 KitKat, the notice added, the Firewall has no effect but an attempt is to be made, said the notice, to find a way around.
© 2013 Phys.org