Researcher wows Black Hat with NFC-based smartphone hacking demo

Ellen Messmer (Network World)
26 July, 2012 02:21
Comments

At the Black Hat Conference in Las Vegas Wednesday, Accuvant Labs researcher Charlie Miller showed how he figured out a way to break into both the Google/Samsung Nexus S and Nokia N9 by means of the Near Field Communication (NFC) capability in the smartphones.

QUIZ: Black Hat's most notorious incidents

NFC is still new but its starting to become adopted for use in smartphone-based purchasing in particular. The experimentation that Miller did, which he demonstrated at the event, showed its possible to set up NFC-based radio communication to share content with the smartphones to play tricks, such as writing an exploit to crash phones and even in certain circumstances read files on the phone and more.

I can read all the files, said Miller about how he managed to break into the Nokia 9 when his home-made NFC-based device is in very close proximity to the targeted smartphone. I can make phone calls, too. Vulnerabilities he identified in the Android-powered Nexus S were located in the browser surface, he said. NFC works at near-contact range, and it could not be used to attack from any distance.

Miller said his efforts involved nine months of experimentation with NFC fuzzing techniques, and help from a cast of friends and fellow researchers. He said he plans to make his home-grown NFC fuzzing tool available to help with testing of NFC implementations since there really arent any today.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com.

Read more about wide area network in Network World's Wide Area Network section.

"Hi Guys, If what you want is the ability to skim large ..."

Good riddance Google Reader: Feedly throws switch on alternate RSS service
"Dear js: respondents could answer that more than one party was responsible. ..."

Mobile app data protection not our responsibility, say Australians
"You may wish updated connection figures http://www.coffscoastadvocate.com.au/news/take-up-rate-of-nbn-in-coffs-harbour-takes-a-hike/1894499/ It is the acceleration of ..."

NBN Co should prepare for Coalition government: NBN committee
"Correction: The Acer Chromebook has a 325 GB spinning magnetic hard drive. ..."

Google adds more retailers for Chromebook
"yeah, because its Australians fault the US gov and big Corps do ..."

Mobile app data protection not our responsibility, say Australians

Whitepapers

All whitepapers

Most Read

Sign up now to get free exclusive access to reports, research and invitation only events.

Most Commented

Featured Whitepapers

Real-Time Protection Against Malware Infection

Malware is at such high levels (more than 60 million unique samples per year) that protecting an endpoint with traditional antivirus software, has become futile. More than 100,000 new types of malware are now released every day, and antivirus vendors are racing to add new protection features to try to keep their protection levels up. Read more.

Featured Download

DriverScanner 2010

DriverScanner scans your computer and provides you with a list of drivers that need to be updated. All you have to do, then, is simply ...

Zones

Most Popular Whitepapers

5 Myths of Cloud Computing

2012 was a watershed for cloud computing, with rapid growth in interest leading to enterprise class deployments. This paper separates fact from fiction and aides senior IT executives make decisions surrounding cloud computing. Click to download the trends and misconceptions of cloud computing.

Popular tags: Business Management, Security, Storage, Data Centre, Virtualisation

Latest Jobs

FTPeoplesoft CRM DeveloperWA
FTPeoplesoft CRM DeveloperWA
FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
FTTechnical Business AnalystNSW
FTJunior Financial System Support ConsultantNSW
FTWeb Analyst - WebTrendsVIC
FTFlash / ActionScript Developer - ContractNSW
FTApplication Support ConsultantNSW
FTC++ Front Office Trading Software Engineer - Trading exposureNSW
FTFlash / ActionScript Developer - ContractNSW
FTInvestment System Support ConsultantNSW

Market Place

Researcher wows Black Hat with NFC-based smartphone hacking demo

Recommended

NSW investment in ICT, procurement reform critical: Deloitte

Office for iPhone a belated, ambivalent move by ...

New online electoral services launched

Telsta sells AirWatch mobile device management

IoT: Aussies prepare to ship Wi-Fi connected lightbulbs

UPDATED: 4G in Australia: The state of the nation

High-frequency trading fears overblown: ASIC

ACMA defends process after police protest spectrum decisions

Google adds more retailers for Chromebook

NBN Co should take asbestos responsibility: analyst

Mobile app data protection not our responsibility, say Australians

NextDC signs new customer for five years

Opinion: How Microsoft could rule consumer electronics

Opposition calls for inquiry on 457 visas

Real-Time Protection Against Malware Infection

Spear-Phishing Email: Most Favored APT Attack Bait

Data Centre Physical Infrastructure: Optimising Business Value

Enterprise Mobility Management: Embracing BYOD Through Secure App and Data Delivery

DriverScanner 2010

Symantec Business Critical Virtualisation Content Zone

BlackBerry Enterprise Service 10 Zone

HP Tech Connect Resource Centre

5 Myths of Cloud Computing

Best Practices to Make BYOD Simple and Secure

EMC's Flash Strategy

McAfee Complete Endpoint Protection - Enterprise

A Holistic Approach to your BYOD Challenge

Computerworld newsletter

Don't have an account?

Researcher wows Black Hat with NFC-based smartphone hacking demo

Recommended

Computerworld newsletter