Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security Cellphones News Linux

Silent, Easily Made Android Rootkit Released At DefCon 133

Posted by Soulskill from the it-slices-it-dices dept.
An anonymous reader writes with news that security experts from Spider Labs released a kernel level rootkit for Android devices at DefCon on Friday. "As a proof of concept, it is able to send an attacker a reverse TCP over 3G/WIFI shell upon receiving an incoming call from a 'trigger number.' This ultimately results in full root access on the Android device." The rootkit was developed over a period of two weeks, and has been handed out to DefCon attendees on DVD.
This discussion has been archived. No new comments can be posted.

Silent, Easily Made Android Rootkit Released At DefCon More

Silent, Easily Made Android Rootkit Released At DefCon

Comments Filter:

  • Apple (Score:1, Insightful)

    by Anonymous Coward on Saturday July 31, 2010 @12:34PM (#33095926)

    iPhone will always be the safest phone, all you linux and windows noobs getting your viruses and what not. All hail Apple!

  • Not Helpful (Score:2, Insightful)

    by Nom du Keyboard ( 633989 ) on Saturday July 31, 2010 @12:35PM (#33095928)
    This is not a helpful development. Just another assh--- trying to show off what he (or she) thinks he can do better.

  • Re:What it doesn't say (Score:3, Insightful)

    by camperslo ( 704715 ) on Saturday July 31, 2010 @12:50PM (#33096024)

    Wouldn't it be trivial for a developer to add the code to an app store offering that seems to have some legitimate need for any permissions requested?

  • Re:What it doesn't say (Score:5, Insightful)

    by AnEducatedNegro ( 1372687 ) on Saturday July 31, 2010 @01:17PM (#33096212)
    Ok as an android developer, you can't break out of the VM. period. that's the whole point of it. this exploit they are talking about is a kernel driver which you would include in a custom rom that you download from, say, sdx-developers (shoutout!). Now once you have a kernel rootkit, well you know the hell that can cause. But let's face it folks, mobile computing is here to stay. This is no different than having a rootkit on your windows box and tethering it through your phone. All the phone company sees are packets. It's also time to realize that our phones are full fledged computers. You gotta protect them.

  • Re:What it doesn't say (Score:3, Insightful)

    by Svartalf ( 2997 ) on Saturday July 31, 2010 @02:17PM (#33096520) Homepage

    Really? Can't break out of the VM, period?

    If the application uses this [android.com] little toolchain to provide a native code .so, you're able to break right on out of the VM, possibly never to return. It's not very hard at all- and there's a host of possible exploits to apply once you're in that space, all depending on how locked down the user account actually is on your Android device.

    Let's all face a real fact here. Security has little to do with technology in and of itself. There's an aspect of it within the design of something, but in the end it's people that provide security as well. You would fail at securing something outright- you lay entirely too much faith in things like a VM to protect your system design.

  • Re:What it doesn't say (Score:3, Insightful)

    by Anonymous Coward on Saturday July 31, 2010 @02:31PM (#33096612)

    This is no different than having a rootkit on your windows box and tethering it through your phone. All the phone company sees are packets. It's also time to realize that our phones are full fledged computers. You gotta protect them.

    Eh, oops... You just lost 99% of the general audience.

    The phone that will win the market is the phone made where the hardware/software/service providers are willing to guarantee to you to make consistent and continued effort to protect our phone from malware and problems, versus just declare it a "computer" and let YOU do it.

  • Re:NO. (Score:2, Insightful)

    by GreenTom ( 1352587 ) on Saturday July 31, 2010 @02:33PM (#33096622)
    I'd think I'd rather have my phone brick than get rooted, as long as there's some way I can reset it to factory config.

  • Re:Oh how clever... (Score:1, Insightful)

    by Anonymous Coward on Saturday July 31, 2010 @02:37PM (#33096640)

    If you're going to believe in advertising, you might as well believe in magic anyway

  • Re:Not Helpful (Score:3, Insightful)

    by fermion ( 181285 ) on Saturday July 31, 2010 @03:17PM (#33096900) Homepage Journal
    One can either leave the gate to the garden open or the gate to the garden closed. A closed and secured gate is a known security model with known consequences and benefits. If the gate is open, then it is important to show that other security measures, like limited access once is inside the garden to limit damage, provides sufficient security. If your garden is so uninteresting that no one ventures inside, then there is no evidence of security, just lameness.

    Therefore if the Android OS is to be shown to be secure, even against apps that user load on the phone, because there is no way a priori to know if an App is malicious, developers must write potentially malicious apps and test if they will cause harm or not. We already know from this conference that "Jackeeey Wallpaper" collects and publishes phone numbers and browser history from the phone, not a huge data breach, but shows the open garden is not fully protected.

  • Re:Oh how clever... (Score:1, Insightful)

    by Anonymous Coward on Saturday July 31, 2010 @03:33PM (#33096998)

    "A wise man once said that any sufficiently advanced technology is indistinguishable from magic"

    for many people we've reached that point

  • Re:At talk right now ... NON-ISSUE! (Score:1, Insightful)

    by Anonymous Coward on Saturday July 31, 2010 @04:50PM (#33097456)

    What the hell are you talking about?

    The OP makes a perfectly valid point...

    Little sensitive much?

  • Re:Oh how clever... (Score:3, Insightful)

    by blair1q ( 305137 ) on Saturday July 31, 2010 @05:24PM (#33097626) Journal

    In this case, the little old ladies already have to be holding the cudgel as well as the handbag.

  • Re:Oh how clever... (Score:2, Insightful)

    by A1rmanCha1rman ( 885378 ) on Saturday July 31, 2010 @07:57PM (#33098466)

    computers and other devices are simply magic.

    Why wouldn't they; some of them are even advertised that way.

    Like my electronics teacher told my class "if you really think that n-p-n junctions are actually how semi-conductors work, you'll believe anything you are told".

    The scientific and logical explanations for the phenomena that underlie the technology we use are simply that, explanations. You'll never see n-p-n junctions under any microscope, because there probably aren't any.

    Even if there were, think about it, it won't make the phenomena of natural processes any less magical.

    All is magic...

  • Re:More power to open source! (Score:3, Insightful)

    by SheeEttin ( 899897 ) <sheeettin@nosPam.gmail.com> on Sunday August 01, 2010 @02:08AM (#33099666) Homepage

    I deem myself lucky that all software I have installed on my N900 is open source, which means I (or anyone else) can check the code, compile it and improve it anytime I feel the need to

    And have you?
    If you haven't, you're not that much better off. Assuming others have read the source and checked for security isn't a very good policy.

Slashdot Top Deals

Those who can, do; those who can't, write. Those who can't write work for the Bell Labs Record.

Close