PC - Researchers use Siri and Google Now to silently hijack phones from a dista

Stream:

News Bot

Your News Bitch
3,282
0
0
0
Console: Headset:
10-15-2015 02:15 PM


You may already be aware that allowing Siri or Google Now to run on your lockscreen is a security risk. A pair of researchers have just shown why: they can hijack your phone from a distance thanks to your virtual assistant.
The duo who developed this incredible new attack work for France’s National Agency for the Security of Information Systems (abbreviated ANSSI in French). It’s an incredibly novel approach: they exploited the wire in earbuds/headphones and turned it into an antenna that could receive silent transmissions and feed instructions to Siri and Google now.
They refer to what their setup does as “inducing parasitic signals,” and so far they’ve been able to do it from about 16 feet away. In the right conditions, they could do things like fire off SMS messages or initiate phone calls to paid numbers, and force a browser window to open a malicious URL.
[embedded content]
You can see one of their experimental setups above. The higher-power version is comprised of an antenna, an amplifier, and a software-defined radio created with the help of the open source GNU Radio toolkit. At this size, the attack loses a bit of its stealth factor.
It can be scaled down, though. A smaller version can be easily tucked into a backpack, and it still has a range of six feet. That’s plenty of range to wreak havoc in a crowded coffee shop or transit station — and if your phone happened to be tucked in a bag or pocket, you might never have any idea what’s going on.
Fortunately, the attack is only possible if you’ve got earbuds or headphones plugged in when the signal is being broadcast — and Siri or Google Now has to be accessible from your lockscreen. It’s easy enough to protect yourself against the attack, but it’s still a frightening reminder of what the bad guys are capable of doing in 2015.
This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.



More...