Cell Phones Responsible For Next Internet Worm? 109
nitsudima writes "The mobile devices you know and love are great for productivity, but they have completely changed the vulnerability state of our networks. Norm Laudermilch tells you why you should be afraid, very afraid." From the article: "The new and largely unexplored propagation vector for malicious code distribution is mobile devices. With 802.11, Bluetooth, WiFI, WiMAX, MMS, Infrared, and cellular data capabilities on almost all new models, these devices provide a wealth of opportunity for the transmission of data. With no notion of user access levels in the compact mobile operating systems, a lack of effective authentication, and no data encryption, these environments are prime targets for the incubation of malicious code."
Afraid (Score:5, Insightful)
I realize the submitter was probably joking, but has anyone else noticed that the same sentiment is exactly what comprises 90% (number pulled out of thin air) of media stories these days?
Counter productive (Score:2, Insightful)
Re:I want a refrigerator (Score:4, Insightful)
After that, it's all bloat as far as I'm concerned.
Disclaimer: I'm still cell-phone free.
Responsible? (Score:1, Insightful)
802.11 is the only real threat (Score:4, Insightful)
With 802.11 I can take a Nintendo DS with Linux and go to McDonalds, Starbucks, most local libraries and TV stations, and dozens of bussiness and port scan and/or brute force the hell out of the place.
If I find an open platform (it could even be the router) I then have the DS pull every bit of info out of it I can automatically. Then go home and look at my booty, like unencrypted passwords, stored in my handheld. Alterntively, I can inject tojans into the system that I scanning without anyone suspecting.
Ha (Score:4, Insightful)
Can i even say the words "perimeter security" with a straight face. Ha, no. This is a bunch FUD created by people (or one in particular) who doesn't have enough work to do over the course of a day.
Sure, mobile devices have a number of transmission channels. It makes them useful. The reason why they are not a real tangible risk is that they are incredibly difficult to configure and operate in a networked mode. Getting a windows mobile phone to connect to a network and do something useful takes about three minutes by hand. Not to mention that their programming API's usually contain a much smaller subset of functions than that of a full blown pc.
Reading through the article there are more outlandish claims such as "The native security features of today's mobile devices are not capable of protecting against attacks like [mobile to mobile propagation], so it would be trivial to infect, say, an entire coffee shop full of Bluetooth phones in just a few minutes."
Right, and monkeys might fly out of my butt. The mobile device market is incredibly diversified. There are so many phones and capabilities that the notion of One Worm to rule them all is preposterous. This also assumes that everyone in the coffee shop has their phone in whore mode, accepting connections from any shiny device that walks by.
He goes on to suggest that "The mobile devices then walk out of the coffee shop and in the front door of corporate offices all over the world, past the perimeter security devices and all other network security protections, cradle to the desktop, and infect organizations in the worst possible spot: at the heart of the network, where security controls are the thinnest."
How? Almost every desktop PC in a corporate network has AV software on it. Any malicious code coming from the handheld would be detected by the AV software. Not to mention that the desktop sync software would ALSO need to be vulnerable.
Lets also examine the likelihood of this occurring: It would require the following scenario: the handheld device has a flaw that allows the transfer and execution of malicious code, the infector and the infected must be of the same type, they would also both need to have BT or Wi-Fi enabled, though I suspect that BT is much more a risk than wi-fi (most mobile devices don't provide services via wi-fi, but they do via BT). The virus would also need to behave itself such that the OS won't crash. Usually upon infection there are obvious signs of corruption. Slow downs, crashes, restarts. Then corporate man/woman would need to plug his/her device into his PC. From here the handheld may, or may not have a bridged connection directly to the network. Alternatively the handheld might be able to exploit a hole in the sync software such that it can remotely execute code on the host desktop. Finally, the handheld would execute a PC based worm that would not be in an up to date virus def. file.
Is it just me or does it seem like the planets need to align nicely for this work?
Re:Security through Obscurity (Score:2, Insightful)
The gist I got was that they were secure because they are secure because they don't allow random software to run and don't expose any but secure APIs (requiring code-signing, etc.) to any software that does run, not that they were secure because their code was unpublished and not open-source.
One of us isn't reading the responses right.