My smartphone is the most personal computing device I have ever owned, so if you were to gain unlocked access to it you would be a couple of swipes away from seeing very private moments I share with my family and friends. My phone number also serves as the last line of defense for the most critical two factor security scenarios in my personal life.
As a result I have long since stopped proffering my phone to strangers who need to "make a quick call". Here are a couple of known exploits that could be quickly executed and have helped solidify my general paranoia:
"Google has shut down a "high-severity" exploit in its Nexus 6 and 6P phones which gave attackers with USB access the opportunity to take over the onboard modem during boot-up—allowing them to listen in on phonecalls, or intercept mobile data packets.
The vulnerability was part of a cluster of security holes found by security researchers at IBM's X-Force all related to a flaw—tagged CVE-2016-8467—in the phones' bootmode, which uses malware-infected PCs and malicious power chargers to access hidden USB interfaces. Patches were rolled out before the vulnerabilities were made public, in November for the Nexus 6, and January for the 6P."
Comments are closed.