Attackers could force phones from Google's Nexus line to reboot or fail to connect to the mobile Internet service by sending a large number of special SMS messages to them.
The issue was discovered by Bogdan Alecu, a system administrator at Dutch IT services company Levi9, and affects all Android 4.x firmware versions on Google Galaxy Nexus, Nexus 4 and Nexus 5. Alecu is presenting the vulnerability Friday at the DefCamp security conference in Bucharest, Romania.
Class 0 SMS, or Flash SMS, is a type of message defined in the GSM specification that gets displayed directly on the phone's screen and doesn't automatically get stored on the device. After reading such a message, users have the option to save it or dismiss it.
On Google Nexus phones, when such a message is received, it gets displayed on top of all active windows and is surrounded by a semi-transparent black overlay that has a dimming effect on the rest of the screen. If that first message is not saved or dismissed, and a second message is then received, the latter is placed on top of the first one and the dimming effect increases.
To read this article in full or to leave a comment, please click here
ConversionConversion EmoticonEmoticon