Tomek Kondrat · Nov 30, 2013 at 01:00 pm

Google Nexus Devices Vulnerable to DoS Attacks, Protect Yourself with Simple App

Due to their expedient updates and lack of potentially vulnerable carrier and OEM addons, Nexus devices are considered to be among the safest Android devices. Being certified by Google mean a lot, but everything has some vulnerabilities, and newest Nexus devices are no exemption.

According to Romanian security researcher Bogdan Alecu, the Nexus lineup is vulnerable to a denial-of-service attacks based on a special type of SMS. This attack relies on Flash SMS, short messages displayed on the screen without being stored in the inbox. These are most often seen in pre-paid contract plans, used by a carrier to send messages with recent costs.

As it turns out, Flash SMS messages sent in rapid succession can cause some unexpected behavior like freezing, crashing, or even rebooting. The newest Nexus phones will reboot after approximately 30 messages sent in a short time. Users won’t be able to realize that they device was attacked without looking at the screen. Sometimes some data loss occur, so many important calls can be missed because of this.

Alecu claims that Google was alerted about this problem about a year ago and promised to fix it in Android 4.3. Unfortunately, they didn’t fulfill their promise, and the issue is still present in KitKat on the Nexus 5. The situation is even more abnormal, as non-Nexus device are unaffected. The security researcher claims that he tested almost 20 various devices, and only Nexus devices were vulnerable.

The Google Play Store offers plenty of apps that can send Flash SMS messages, including one made by Bogdan Alecu himself. Luckily, Alecu was kind enough to release a proof of concept application that protects Nexus devices from these attacks as well.

These DoS attacks that are described by Bogdan Alecu are not the most malicious and dangerous. An attacker can’t control your device. However, the potential for data loss, pranking, and even stalking may make this a rather annoying glitch. Hopefully, Google will look into this issue and fix it as soon as possible.

[Thanks to XDA Recognized Contributor D™ for the tip]
_________
Want something on the XDA Portal? Send us a tip!
Mario Tomás Serrafero · Feb 28, 2015 at 03:45 pm · no comments

MWC 2015: What Are Your Predictions?

This wonderful Geek-Christmas time of the year is back once more, promising a lot of exciting reveals from big manufacturers such as HTC and Samsung, but also some pretty gems teased by other smaller OEMs. What kind of exciting products will we see? While we've got a lot of leaked information from the highly expected S6 and M9, there is still a lot to learn about both - and about everything else that will be shown. What kind of trends will...

XDA NEWS
Chris Gilliam · Feb 28, 2015 at 03:13 pm · 1 comment

Best Apps To View RAW Images On Android

Last week, I wrote about the best apps to unleash the raw photographic power of your Lollipop smartphone. All four of those cameras generate lossless DNG images with pounds of potential for apps like Photoshop to unlock, but what if you’re looking to edit or view those pics on the go? QuickPic, Google Photos, and the other mainstays treat raw images like they don't exist. This rundown seeks to fill the void and give you full control over your precious pictures....

XDA NEWS
Emil Kako · Feb 28, 2015 at 10:15 am · 1 comment

Which App Is Most Desperately in Need of an Update?

While the majority of the top apps have already incorporated Google's newest design language, there are still very many apps that are in need of some Material Design love. Which apps do you think are most desperately in need of an update?

DISCUSS
Share This