Tomek Kondrat · Nov 30, 2013 at 01:00 pm

Google Nexus Devices Vulnerable to DoS Attacks, Protect Yourself with Simple App

Due to their expedient updates and lack of potentially vulnerable carrier and OEM addons, Nexus devices are considered to be among the safest Android devices. Being certified by Google mean a lot, but everything has some vulnerabilities, and newest Nexus devices are no exemption.

According to Romanian security researcher Bogdan Alecu, the Nexus lineup is vulnerable to a denial-of-service attacks based on a special type of SMS. This attack relies on Flash SMS, short messages displayed on the screen without being stored in the inbox. These are most often seen in pre-paid contract plans, used by a carrier to send messages with recent costs.

As it turns out, Flash SMS messages sent in rapid succession can cause some unexpected behavior like freezing, crashing, or even rebooting. The newest Nexus phones will reboot after approximately 30 messages sent in a short time. Users won’t be able to realize that they device was attacked without looking at the screen. Sometimes some data loss occur, so many important calls can be missed because of this.

Alecu claims that Google was alerted about this problem about a year ago and promised to fix it in Android 4.3. Unfortunately, they didn’t fulfill their promise, and the issue is still present in KitKat on the Nexus 5. The situation is even more abnormal, as non-Nexus device are unaffected. The security researcher claims that he tested almost 20 various devices, and only Nexus devices were vulnerable.

The Google Play Store offers plenty of apps that can send Flash SMS messages, including one made by Bogdan Alecu himself. Luckily, Alecu was kind enough to release a proof of concept application that protects Nexus devices from these attacks as well.

These DoS attacks that are described by Bogdan Alecu are not the most malicious and dangerous. An attacker can’t control your device. However, the potential for data loss, pranking, and even stalking may make this a rather annoying glitch. Hopefully, Google will look into this issue and fix it as soon as possible.

[Thanks to XDA Recognized Contributor D™ for the tip]
_________
Want something on the XDA Portal? Send us a tip!
Emil Kako · Jan 30, 2015 at 12:54 pm · no comments

What’s the Worst Android Phone You’ve Ever Owned?

All of us here at XDA appreciate just how far Android has come. The incredible flagships of today come packed with bleeding edge technology and are hard to complain about, but it wasn't always like this. Tell us about the worst Android phone you've ever owned, and what made it so dreadful.

DISCUSS
Jimmy McGee · Jan 30, 2015 at 06:00 am · no comments

Note 4 CM12 Nightlies, Microsoft Investing in Cyanogen – XDA TV

CyanogenMod 12 Nightlies are now available for the Samsung Galaxy Note 4! That and much more news is covered by Jordan when he reviews all the important stories from this week. Included in this week's news is the announcement of factory images for the YU Yureka and be sure to check out the article talking about Microsoft investing in Cyanogen, Inc! That's not all that's covered in today's video! Jordan talks about the other videos released this week on XDA...

XDA NEWS
Mario Tomás Serrafero · Jan 29, 2015 at 04:28 pm · 4 comments

Microsoft To Invest in Cyanogen’s Future OS War?

Reports indicate that Microsoft is investing in the rogue Android forker Cyanogen. The funding round is said to be upwards of $70 million, and could allow for a cooperation between Cyanogen and the Silicon Valley giant in the ongoing battle of mobile operating systems. This could be a strategic movement in coordination with other investors given Cyanogen's expression of rebellion against Google's tightening control over Android, as the custom ROM maker has recently spoken out against the "tyranny" of Google in regards...

XDA NEWS