• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / Hardware, Gadgets, and Products / Mobile Pwn2Own 2012 shows Galaxy S III and iPhone 4S hack

Mobile Pwn2Own 2012 shows Galaxy S III and iPhone 4S hack

2012-09-19

At the EUSecWest 2012 conference, a Mobile Pwn2Own is taking place to test vectors on smartphones mobile web browsers, operating systems, NFC, SMS, and cellular baseband. Prizes are offered to the security researchers able to compromise the device. They will be rewarded with a cash prize and the device itself.

A successful attack against these devices must require little or no user interaction and must compromise or exfiltrate useful data from the phone. Any attack that can incur cost upon the owner of the device (such as silently calling long-distance numbers, eavesdropping on conversations, and so forth) is within scope.

The rules for Mobile Pwn2Own 2012 are detailed at the Tipping Point site.

Vector : Prize

Mobile Web Browser: $30,000 USD
Mobile Operating System: $30,000 USD
NFC: $40,000 USD
SMS: $40,000 USD
Cellular Baseband: $100,000 USD

Devices

Nokia Lumia 900 (Windows Phone 7.5 OS version: 7.10.8779.8)

HTC Titan II (Windows Phone 7.5 OS version: 7.10.8112.7)

Samsung Galaxy Nexus (GT-I9250 Android version: 4.1.1)

Samsung Galaxy SIII (SGH-T999 )Android version: 4.0.4

Sony Xperia P (Android version: 4.0.4 Build number: 6.1.B.0.544)

BlackBerry Bold 9900 (7.1 Bundle 998 )

Apple iPhone 4S (Version 5.1.1 (9B206) Carrier AT&T 12.0)

(Image courtesy of ZDI Twitter)

So far, the iPhone 4S and Galaxy S 3 have been compromised according to tweets from the Zero Day Initiative.

MWR Labs detailed their exploit of the Galaxy S III running Android 4.0.4 in a posting at their website.

MWR showed an exploit against a previously undiscovered vulnerability on a Samsung Galaxy S3 phone running Android 4.0.4. Through NFC it was possible to upload a malicious file to the device, which allowed us to gain code execution on the device and subsequently get full control over the device using a second vulnerability for privilege escalation.

More demos and exploits are promised at the conference tomorrow, so watch for this article to be updated with further results.

Update: I guess that was it. No new pwnings surfaced on the second day of Mobile Pwn2Own 2012.

Filed Under: Hardware, Gadgets, and Products, Security and Privacy

Trending

  • Scan-To-Email with Office 365 from a multifunction copier or printer
    In Hardware, Gadgets, and Products
  • HP TouchPad Round-Up
    In Hardware, Gadgets, and Products
  • Simple Tip: Organize Start Menu alphabetically
    In Tech Solutions

Latest Media Posts

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

The WannaCry Post-Mortem

The WannaCry Post-Mortem

  • Popular
  • Latest
  • Today Week Month All
  • Microsoft Word: “This modification is not allowed because the selection is locked.” Microsoft Word: "This modification is not allowed because the selection is locked."
  • How to edit the message subject in Outlook 2016 How to edit the message subject in Outlook 2016
  • What is the AllJoyn Router Service on Windows 10? What is the AllJoyn Router Service on Windows 10?
  • Increase IIS Private Memory Limit to improve WSUS availability Increase IIS Private Memory Limit to improve WSUS availability
  • Scan-To-Email with Office 365 from a multifunction copier or printer Scan-To-Email with Office 365 from a multifunction copier or printer
  • 5 Factors To Look At When Choosing Web Hosting 5 Factors To Look At When Choosing Web Hosting
  • How managers can improve their team’s written communication skills How managers can improve their team’s written communication skills
  • Online Casino Technology – How Does It All Work? Online Casino Technology – How Does It All Work?
  • Virtual Assistant Devices Will Reshape Your Life in 2019 Virtual Assistant Devices Will Reshape Your Life in 2019
  • The 5 Most Common Problems with PC Gaming The 5 Most Common Problems with PC Gaming
Ajax spinner

Upcoming Tech Events

There are no upcoming events at this time.

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Follow Us

  • Facebook
  • Google+
  • RSS
  • Twitter
  • YouTube

Recent Posts

  • 5 Factors To Look At When Choosing Web Hosting
  • How managers can improve their team’s written communication skills
  • Online Casino Technology – How Does It All Work?

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2019 · 404TechSupport.com