Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Security

Crashing A Nokia Phone Via SMS 197

Atryn writes "An article at the Register reports that a recent Black Hat conference presenter demonstrated how to crash Nokia cell phones using malformed headers in SMS messaging protocols. Though the SIM card can be recovered by moving to a new phone, this is perhaps an interesting preview of security issues as data goes wireless." Of course, when you live in the US, where your wireless services are about eight years behind the curve, this is less of an issue. *grin*
This discussion has been archived. No new comments can be posted.

Crashing A Nokia Phone Via SMS

Comments Filter:
  • Nostalgia (Score:3, Funny)

    by Iamthefallen ( 523816 ) <Gmail name: Iamthefallen> on Friday November 30, 2001 @04:44PM (#2638285) Homepage Journal
    I remeber the days when a phone was actually used to call with, damn i feel old now...
  • Old news? (Score:2, Flamebait)

    Isn't this extremely old news [cnn.com]?
    • Re:Old news? (Score:2, Interesting)

      by FatRatBastard ( 7583 )
      Not sure? According to the CNN article its a temporary thing. The Reg says its a lot nastier.

      Plus, I think the Reg's angle was that there's now a Script Kiddie tool to do the job.
    • Re:Old news? (Score:3, Informative)

      by Not2Bryt64 ( 196716 )
      No. This is a new exploit, which I beleive does more damage. The old one just required a hard reboot (remove battery). The register article says that the phone cannot be turned back on until the message is removed from the SIM card.

  • swell (Score:1, Redundant)

    by hawk ( 1151 )
    Just what I need, a crashing phone. I *knew* there was another reason I never bothered with a cell phone.


    Now the *truly* malicious can set out to infect 911 with a virus that attacks the phone of callers . . .


    hawk, who now sees that touch-tone was a slippery slope and should have been stopped

  • by friscolr ( 124774 ) on Friday November 30, 2001 @04:47PM (#2638308) Homepage
    once the nokia Netbsd [netbsd.org] port is done, we'll be able to protect our phones using ipf (or maybe even a pf port, if the ipf license still isn't to your liking) and should be fine.
  • Only eight years? (Score:5, Insightful)

    by slykens ( 85844 ) on Friday November 30, 2001 @04:47PM (#2638316)
    I just got back from India and Europe and am thoroughly embarrassed by our government's and wireless carriers' inability to play ball with the rest of the world. At least AT&T finally got the clue, I hope.

    This talks about crashing a phone via SMS, but what about devices on CDPD or GPRS like those road signs or weather telemetry, or even electric meters in some locales. That's not only on the wireless network but on the IP network. Has anyone tried to muck with those devices yet? On most CDPD and GPRS plans the customer pays for each byte transmitted, what if someone just streams data towards a customer to run up their bill?
    • Re:Only eight years? (Score:3, Informative)

      by SirSlud ( 67381 )
      You are very unlikely to see much CDPD deployed on NA soil (I demo'd CDPD 5 years ago at a conference in Vancover .. if I'm wrong, someone let me know :). It's a technology which is perfect for the purposes you mention (telemetry, remote monitoring), but its cost and the fact that its most suited for geography that is both remote and difficult to access makes it somewhat difficult to justify why anyone would use it here (nevermind the limited bandwidth). Throw in that it'll likely never be a consumer level technology, and it seems that it is a technology which likely won't have a critical mass of deployment and visibility to make hacking a concern. Now that's not to say that it /couldn't/ be done .. :)
      • sure, no [omnisky.com] CDPD in NA.
        • ahhhh, cmon, so someone offers it .. then again, 80% of the world's fiber optic cabling is dark. So I'm more interested in how many subscribers this company has? Whats the total consumer/business CDPD subscriber base in NA?
          • I dunno about Omnisky, but GoAmerica, which another poster mentioned, is partnered with Compaq. Compaq's iPAQnet [compaq.com] CDPD service is through GoAmerica... a coworker got an iPAQ with iPAQnet service; it's kinda slow, but nifty. Seeing that Compaq is pushing CDPD as the wireless Internet solution for iPAQs, I suspect there are a decent number of subscribers.
      • Re:Only eight years? (Score:2, Informative)

        by tramm ( 16077 )
        You are very unlikely to see much CDPD deployed on NA soil (I demo'd CDPD 5 years ago at a conference in Vancover .. if I'm wrong, someone let me know :)
        It's been available for at least five years in the US. I had flat-rate service via Go America [goamerica.com] for several years for only $50/month. I even hacked my Novatel Minstrel to work with Linux [swcp.com] so that I could use it with my laptop.

        • I know its been available :) like I said, I demo'd it 5 years ago .. I'm speaking more about its adoption .. clearly, I was wrong about not seeing it marketed towards the consumer market. Thanks for the correction!
    • CDPD (Score:3, Insightful)

      by Fencepost ( 107992 )
      Don't expect CDPD to last all that much longer - at the very least its lifespan will end when analog cellular service (AMPS) does. It's also relatively expensive and slow (max 19.2Kbps) compared to what's going to be coming down the pike.

      It is fairly widely available in urban areas.

      Interface-wise most CDPD adapters seem to act as network cards; IBM at least also made a CDPD modem that actually had a modem interface, but it was fairly large.

    • hmm im pretty sure thats what the local 911 service uses to connect all police and emergency vehicles to their whole network..
    • Re:Only eight years? (Score:3, Informative)

      by Cato ( 8296 )
      GPRS initially allows only 'mobile originate', i.e. the phone initiates a GPRS session to a remote network (e.g. a walled-garden WAP service) and that network sends packets back. Unsolicited packets are dropped, so as long as nobody hacks into the WAP service this is fairly unlikely. The 'mobile terminate' feature would allow unsolicited packets to be sent to the phone is not yet implemented, I believe.

      This is going to become an interesting issue as GPRS networks connect to the Internet (many are WAP only on a private IP network) - perhaps the only mitigating factor is that GPRS connections to the Internet will probably go via a NAT, making it harder for unsolicited packets to get in (they'd have to spoof an active server and guess the port number on the NAT device, as well as hoping that a UDP session was in use since spoofing TCP sequence numbers is pretty hard).
  • SMS proxy? (Score:4, Interesting)

    by chrysalis ( 50680 ) on Friday November 30, 2001 @04:48PM (#2638318) Homepage
    It's time to code firewalls and applicative filtering proxies for mobile phones...

    • Not at all. It's time to code good software. You can't even DoS with SMS since they are *not* free. -J
      • Re:SMS proxy? (Score:3, Insightful)

        Even in the US most of the telco's I've seen now have a webpage where you can send SMS messages to any phone on their network for free and without limit.

        All it needs is a program that does contious HTTP POSTS to that form and you have a DoS to one or more phones.

        If you are on a phone contract where you pay for incomming SMS this could really hurt financially. As an ex-pat Brit I still find it hard to come to terms with paying for incoming calls to a mobile phone in the US.
        • > "Even in the US most of the telco's I've seen now have a webpage where you can send SMS messages to any phone on their network for free and without limit."

          Well, we don't have these in Europe. You can only send like 3 SMS a day, and extra SMS cost around 0.1 USD.

          Are you really sure it is really unlimited?
          It would only take a few lines codes to make a program that would send like 10 SMS a sec on random numbers.
          Spammers might like this stuff.

          -J
          • I wonder why it is so expensive. I have an SMS phone with VoiceStream. I get 500 messages for $5 a month (a penny a message for the math impaired), and no daily limit. I receive weather report and news headlines every day (6 messages daily), and use the AIM-to-SMS gateway all the time. 3 a day would suck.
          • ICQ has a free sms service.
    • by Mr_Icon ( 124425 ) on Friday November 30, 2001 @05:05PM (#2638442) Homepage

      It's time to code firewalls

      Wireless devices had had this stuff for years, except they're called "concretewalls".

  • by DAldredge ( 2353 ) <SlashdotEmail@GMail.Com> on Friday November 30, 2001 @04:48PM (#2638324) Journal
    So I guess the HandSpring Visor GSM phone I have with GSM service via Voicestream dosen't exist???

    • So I guess the HandSpring Visor GSM phone I have with GSM service via Voicestream dosen't exist???

      Yes, it does exist today, but how long have GSM networks been in the US? Maybe a few years at best. How about widespread deployment? Yah, in my small town (100,000 people) we just got our first GSM carrier this year, and they are some little podunk operation that won't do roaming. I can't wait until the AT&T conversion.

      • Re:8 years behind??? (Score:4, Interesting)

        by dave_c ( 137328 ) on Friday November 30, 2001 @05:00PM (#2638412)
        Yes, it does exist today, but how long have GSM networks been in the US? Maybe a few years at best. How about widespread deployment?

        Seriously. I have Voicestream GSM service & a tri-band phone, and have mediocre coverage in Washington, D.C., but last week had awesome coverage throughout Scotland and northern England (I'm talking small towns, not just cities like Edinburgh, etc.). Even got encrypted transmission service in Iceland. But in the U.S.? Nuthin' but crap.

        Maybe cell phones are more like fashion than technology: we American's like it 2 years after it's popular in London.
      • Yes, it does exist today, but how long have GSM networks been in the US?

        Actually, a while I belive. Wasn't Sprint Spectrum (claimed to be the first digital cell service in the states) GSM? I think they sold all of their GSM network to VoiceStream when it looked as if GSM was a dead duck in the states.

        AFAIK that's how VoiceStream became as large as they did. They bought up Sprint Spectrum and a whole bunch of smaller, regional GSM networks in the states (for fairly cheap) when the conventional wisdom was GSM was dead (here in the US of A).
      • GSM has been in the US since at least 1994 when Sprint Spectrum deployed it to the Washington DC Metro area.
  • Worms (Score:5, Funny)

    by Anonymous Coward on Friday November 30, 2001 @04:49PM (#2638332)
    I thought nokia phones already shipped worms [nokia.com] out-of-the-box.
  • by Exmet Paff Daxx ( 535601 ) on Friday November 30, 2001 @04:51PM (#2638347) Homepage Journal
    For the first time, hackers can kill [theregister.co.uk]. Considering the number of people who use their cell phones while driving, a random "crash" (what a terrible pun) while trying to send email or view stock quotes while driving should be enough to push a few drivers "over the edge" [theregister.co.uk].

    The good news is that if terrorists intend to use such "crash" attempts to crash cars or other vehicles, we at least have new legislation to stop them [ins.gov].
  • [US] wireless services are about eight years behind the curve

    Those who implement later can implement newer standards w/out obsoleting(and thus pissing off) all the existing users of the cellphone network.
  • when all you need to do is throw the phone to the pavment?
  • But the alternative (in the US) is f*cking advertisers sending phones messages when they're in the vicinity of certian stores.

    Anyone remember reading about the test of this little "technology" in Boulder CO (of all places)? The advertiser was "very pleased" with the number of people who READ the ad.

    Great, so they can trace who read the &^$%*& things as well. I think my Sprint phone gets 100 free text messages before I have to start _paying_. Which is great - the recipient gets to pay to be spammed...
    • I used to get *tons* of cellphone spam with the text messaging being as simple as @xxxxxxx.net.

      I don't know how many times I would get a 911 page at 2am to find out some other poor guy had been the victim of cell-phone shotgun spamming.

      It's gotten much better in about the last year, but don't rule out being spammed by our current system.
    • That, to me, is a joke that has the rest of the world laughing. We don't pay to get anything. Someone calls you, why should you pay. Someone sends you a text message or a cellular fax, why should you pay?

      And don't say it's to get lower calling rates, because most cellular rates here in Australia at least would make your jaw drop with their (low) cost.

  • Security through... (Score:4, Interesting)

    by 1010011010 ( 53039 ) on Friday November 30, 2001 @05:02PM (#2638419) Homepage
    Of course, when you live in the US, where your wireless services are about eight years behind the curve, this is less of an issue.

    Security through Inertia. Hmm...
  • by Junta ( 36770 ) on Friday November 30, 2001 @05:02PM (#2638423)
    I mean, look at this [xs4all.nl] logo on a nokia phone. As soon as you see this logo on a phone, you know trouble is coming. I think it is some sort of curse :)

    Btw, if you actually want this logo, go here [windowsxp.nu].
  • Of course, when you live in the US, where your wireless services are about eight years behind the curve, this is less of an issue. *grin*

    If I could get one of those big old 80s-early 90s cell phones (like the one that kid had in saved by the bell), I would use it. I don't need no stinkin' text-messaging WAP shit on my phone.

    • Re:Who cares? (Score:5, Insightful)

      by macpeep ( 36699 ) on Friday November 30, 2001 @06:23PM (#2638728)
      It's interesting that the people who have phones with text messaging find it extremely useful where as those who don't have it shrug it off with "I don't need no stinkin' text-messaging WAP shit", not even seeming to know what they are talking about, since WAP has absolutely nothing to do with text messaging and SMS messages.

      Personally, I find SMS messages extremely convenient in very much the same way as email is convenient. It's a lot less intrusive than a phone call since it doesn't demand the receivers attention RIGHT NOW. It's quiet and more private, you can write and read SMS's anywhere without disturbing other people or other people disturbing you. You can use it for services. Send "FIND Joe Sixpack" to number 400 and you get the address and phone number of Joe Sixpack in return. Send "WEATHER Helsinki" and you get the latest weather forecast for the Helsinki area.

      I worked in Singapore for six weeks last summer and it was extremely convenient to just bring my normal cell phone with me from Finland and everything working without any reconfiguration. Phone book entries, caller id, text messages, data. I used the phone to check my email with my Palm Pilot, Finnish news, Forumla 1 results riding home from work in a cab in the night etc.

      I'm not saying that everything should be crammed into a cellular phone. Some things work better in a laptop or a PDA if you want it mobile. The point is that things like SMS and WAP, which are totally basic features of GSM phones, are quite useful and have their own place. Instead of silly "I don't need no stinkin' text messaging WAP shit on my phone" outbursts, you might want to try it out. You just might discover how nice it is and how well it works!
  • by corky6921 ( 240602 ) on Friday November 30, 2001 @05:04PM (#2638436) Homepage
    Hi Slashdotters,

    We here at Slashdot would like to advise you to use the following format when submitting bug-related stories.

    "Crashing a [product] with [method used to crash it]"

    "An article at [source] reports that [security expert] demonstrated how to crash [product] using [Pick one: buffer overflow; malformed headers; Javascript]." [insert wizened statement about how this will affect future direction of products in this category] [attach silly remarks by Slashdot writer like "Well, that's why I use [competing product]!"]

    Also, please use the following template when replying:

    "Those @(#&@! bastards! Who do they think they are, making [product] so buggy! Why do they have to include [useless feature that no one wants/uses anyway]?? I'll never use a [company] [product] again! Please, fellow Slashdotters, I urge you to boycott [company]!"

    This will save us a lot of time and moderation points.

    Thank you,
    The Slashdot Team
  • by wackybrit ( 321117 ) on Friday November 30, 2001 @05:06PM (#2638444) Homepage Journal
    This is exactly why these new phone PDAs worry me. You've only got to have a copy of Outlook Express running and your phone will call everyone in your Address Book or send them frisky messages.

    Though my grandma might like to receive 'How are you sexy legs?', I'm not sure my boss would be quite as accepting.. (and if he is, I should quit)
  • ... i could find some code to test this out?
  • As far as I'm concerned this shouldn't even be an issue with Cell phones. I think that phones should be kept phones. If someone is really that interested in portable web. Then use a PDA.

    Yes, I'll be one of the first to admit that cell phones are wonderfull. But I use mine as a phone. Not a game consol, not as a web browser, or day planner... And yes, I think PDA's are good for a day planner, and even limited web browsing and gaming. But really, do we need to be playing Doom, or the latest, greatest, Quake game on our cell phones? Do you really need to use Yahoo! after getting talking with your mother from the bus?

    For me, there is such a thing as too many features. Web browsers on cell phones is one such case.
    • Fact of the matter is the new cell phone feature used to be a size decrease. You CAN'T decrease the size anymore without running into huge issues -- like someone swallowing it or something.

      Technology inside keeps decreasing, and there isn't much point in leaving empty space. Batteries are heavy, so you really don't want to add much more volume to it. Whats that leave? More and faster chips with neat new features that may or may not be useless.

      I'm not a cellphone owner, nor do I intend to become one... atleast until my landline becomes more expensive and cellphones.
  • by A_Non_Moose ( 413034 ) on Friday November 30, 2001 @05:15PM (#2638485) Homepage Journal
    "This phone has performed an illegal operation and will be shut down...if the problem persists, please call the vendor"....

    Hahahahahaha...{sniff}....hehehe.

    What is with the Grey screen of death comment being modded as overrated?
    Geez, you'd think you would have to be rated first.

    Maybe that should be submitted as a bug?
    You can't fix the moderators who do that kind of stuff (maybe spayed or neutered) but can you fix the system?

    Oh, well, don't worry, be happy..la la laaa
  • I have already discovered a bug in the old and rather basic nokia 3210 [see below]. I can't imagine how many of these there will be in a more complex phone like the nokia 7650 [slashdot.org]. A sms worm anyone ?

    I think some bugs are inevitable but I hope the developers will pay more attention to the the sofware they design than Bill Gates did in the early PC years - and even in the not early years ! And those new combined phone/pockeptPC will be fun to hack I bet.

    But I don't think the users are ready to accept too many bugs in a mobile phone/pda like they did with the windows OS.

    Responsability is not only on the shoulders of developers. A friend of mine crashed his visor and lost all the data he had difficultly typed in. He had no backup ! So there will be a lot of work to make the users more aware of security concerns about the digital tools.

    I hope the laws will also be appropriate to this new digital era. No way am I gonna tolerate sms spam !

    The nokia 3210 bug :
    When you type a message, then want to send it but go back to the typing screen before entering the phone number of the recipient, the T9 completion system is messed up : if you want to change a word, it doesn't use the one you have selected.
  • how lame is this:
    Once the message is received it is impossible to turn on an infected phone again.

    what kind of design went into this product? is there no way to force a hard-reboot of the phone or something similar, to reset it? what about detaching the battery briefly, etc??

    it would really suck to have this happen while on a business trip or something and have to run by the nearest Nokia store to exchange your phone for another, or have it unfrozen or whatnot. and i'm sure Nokia would just exchange/fix the phone for free (not)... they'd probably require that you mail it in to them and wait 4-6 weeks to get it back, finally fixed.

    --w
    • Have you read the article?

      In GSM phones SMS are stored on the SIM-card. Remove the card and your phone works again. Use another phone to delete the message from the card.

      Inconvenient, but not impossible.

  • ... that makes me happy I don't own one of those fancy new cellular phones.
  • by Anonymous Coward
    Those farking bastards! Who do they think they are, making Nokia phones so buggy! Why do they have to include Web access that no one wants/uses anyway?? I'll never use a Nokia phone again! Please, fellow Slashdotters, I urge you to boycott Nokia!
  • This one just needs a standard phone, but it's even easier to find DoS attacks against WAP phones.

    Interestingly enough I have found the Microsoft browser to be less prone to crash than all the others I've tried. (But no, I still don't know why anyone would want a web browser on a (2G) cellphone.)
  • Yep, my phone came free with my service. Didn't pay a dime. No, it doesn't play Fur Elise or the William Tell Overature, no it doesn't have calendering, no it doesn't have games, no it isn't internet ready, no doesn't do text messaging, and no, it doesn't crash.
  • Tut tut... (Score:2, Funny)

    by Nevrar ( 65761 )
    Bring back the old tin cans connected by string I say...

    I once crashed my friend's Alcatel One Touch Easy by flooding his phone from mtnsms.com...
  • I work for at a dealer for a national cell carrier here in Canada (Telus). We use CDMA. All of our digital phones have had the capacity for two way text messages for well over a year. The network just hasnt implemented it. One way (PC to Phone) SMS has worked fine for almost two years.

    I pay 15 dollars per month for web access, but it is UNLIMITED usage and I can use AIM for chatting to all my friends that I con into installing AIM so I am not so bored on the transit ride home. It's great. I just wish Nokia had a plug in keyboard for my 6185.

    Bell Canada, Telus, and Rogers-AT&T have actually recently made an agreement to allow full two way text messaging across their networks. So..Canada at least isnt 8 years behind.
    • by Anonymous Coward
      Remember, Canada is not the United States. That is, of course contrary to popular belief.
  • This is new? (Score:2, Interesting)

    by FLaMeBoY ( 177281 )
    Is this new? I have seen this happen a lot, and not just with nokia. The special characters from phillip's phones can crash quite a few phones. Alcatel seem to be one of the worst for crashing. Some phones seem to be fine, but an't delete the message from the sms through to the phone not working till the message is deleted from the sms on another phone.
  • My 7110 is easy to lock up. I got it just after it was released so maybe is should get a software update for it..

    1) Connecting to any wap service.
    Same bug always, requires removal of the battery. After that it works fine. It always happens the first time I try to connect it when I haven't used it in a while(only uses it to show to people why it suck)

    2) Using the IR connector, requires reboot to make it work again.
    Using the phone to dial up to the company ppp pool. It drops the connection after 5 minutes. Yes, I know it is slow but when staying in a boring hotel room in a boring city, slashdot at 9600 baud(i'd say it performs like 2300) ain't that bad.
    Also trying to sync my palm using the IR requires a reboot the next time I want to use it.

    3) Impossible to talk for a long time while driving, even using the handsfree kit with external antenna. When it have to switch bands while talking, always drops the connection. But I guess that is the phonecompany's fault.
  • 2001-11-29 15:40:51 simple SMS kills cell phones (articles,security) (rejected)

    sorry, I know that someone is going to mod me down for this... BUT THAT IS NOT FAIR!!!

    If someone with the same expierence reads this please reply or tell me about your unfair rejection by email me(at)sluggie.org.

    Thanks!
    sluggie out.
  • by Anonymous Coward
    That guy has disclosed a circunvention device to break one of our "top secret" products. Let's create a RIAA (based on phone companies) and bring the guy to court!

    Maybe he will face up to 25 years!

    But, hey! wait...

    Soon all the devices will have the enforced SSSCA so no need for that. The big companies will control every single piece of hardware and using the DMCA it will be ilegal to try to hack it... so ... WE GOT YOU!

    Start praying.

    NokiaMan
  • by AtariDatacenter ( 31657 ) on Friday November 30, 2001 @09:27PM (#2639600)
    My Nokia 5165 (like many other cell phones) has the ability for you to upload new ring tones and other delightful things to it. First, I was playing around with a few web sites that existed. Then I got ahold of the logic and created my own.

    In my case, all I had to do was to send an email to mytelephonenumber@mobile.att.net, and it would be processed by the phone. (Great way to act as a pager, too.)

    In my experiment with music ring tones, I found that it was quite easy to accidently craft a message (in my case, a new ring tone) that is malformed. And it actually hung my cell phone up.

    I probably should have published this as a cool DOS attack, but then again, I really didn't know WHERE to public cell phone DOS attacks, much less what could be done to counter it, so I kept it to myself.

    Play around enough, though, and you'll find your own special email you can send to a cell phone that'll lock it tight.

Profanity is the one language all programmers know best.

Working...