GPS vulnerability could allow hackers to track, take over smartphones
A GPS weakness could allow hackers to remotely track smartphone users, or even completely take over mobile devices, University of Luxembourg researcher Ralf-Phillip Weinmann reported last night at Black Hat. Instead of directly using GPS satellites, most mobile devices receive much faster assisted GPS (A-GPS) signals from cellular networks to determine approximate location. However, Weinmann discovered that these A-GPS messages are transmitted over a non-secure internet link, and could be switched for messages from an attacker.
Weinmann demonstrated this vulnerability on several Android devices, and explained that a hacker could use this security hole to instruct the smartphone to report its location every time an A-GPS message is sent. He also explained that these messages are not processed by the phone's GPS or radio chip, but rather by the main processor, which means that hackers could use the messages to trigger a crash, and then use another exploit to completely gain control of the device.
This problem can be solved, Weinmann says, but smartphone manufacturers have not yet implemented the technology to prevent such an attack. Software developers and manufacturers alike will need to develop quick responses to these types of exploits as smartphones become an increasingly attractive target for hackers.
There are 27 Comments. Load 'Em Up. Show speed reading tips and settings
Shortcuts to mastering the comment thread. Use wisely.
C - Next Comment
X - Mark as Read
R - Reply
Z - Mark Read & Next
Shift + C - Previous
Shift + A - Mark All Read
Comment Settings
Live comment alert: Hide it!
Comments for this post are closed.