Results 1 to 4 of 4
  1.    #1  
    Gasp! Can this be true? Say it ain't so! >.<

    Then again, this should be a good thing right? We'll finally be able to record phone conversations natively!

    Hooray for bugs!

    Palm Pre and Android OS have serious bugs - MWR says Palm Pre can be turned into "bugging device" | TechEye

    Palm Pre and Android OS have serious bugs
    MWR says Palm Pre can be turned into "bugging device"
    11 Aug 2010 13:08 | by a staff writer | posted in Security

    Palm Pre and Android OS have serious bugs -

    British insecurity experts MWR InfoSecurity has uncovered a flaw in the Palm Pre which allows for the bugging of conversations "anywhere in the world" while a general flaw in Android allows for the nicking of user passwords through the internet connection.

    The Palm Pre bug comes after the receipt of a maliciously built message which can then open a backdoor in the voice. Afterwards it can force the phone to record audio or send over stored data. Apparently it can be accessed remotely from whoever's on the other end of the trojan and stolen data can be sent around through the normal carrier networks, turning the phone into a bugging device - taking notice, News of the World?

    The second bug, the general Android flaw is found in the OS' default phone browser, which can potentially allow for passwords to be harvested along with other sensitive information - including the standard targets like financial details and email.

    MWR Labs says that the main concern is the increasing link of business to the mobile platform, so traditional models are "becoming blurred".

    Meanwhile Kaspersky has discovered some malicious software targeted at the Android platform. The software poses as a media player while secretly sending on text messages to premium rate numbers, costing a couple of dollars each. However, so far, the malware has only affected Russian Android users. The app is called "Movie Player" - something, hiding the Trojan-SMS.AndroidOS.FakePlayer.a as Kaspersky calls it, that would be best avoided.
    Last edited by Furuboru; 08/11/2010 at 11:52 AM.
  2. #2  
    so that means someone has the api
  3. #3  
    wow, who knew that all this time we all had top secret spy gear?
  4. #4  
    These issues could've been resolved in the resent 'security' fixes with 1.4.5(.1)

Posting Permissions