By Caroline Coles, Fresh Business Thinking
As mobile technology develops the demand for user applications grows with it. The ability to access files outside of the office, on the train or even away on holiday is becoming a common reality for many smartphone users bringing new possibilities to employees.
However, with these developments the threat of security poses an imminent risk. With more data now being downloaded onto mobile devices, the question that needs to be asked is ‘how safe is your phone?’
Not as safe as you think, as Charlie Miller, a research consultant at security firm Accuvant, has revealed. At the Black Hat hacker conference in Las Vegas, he demonstrated how he was successfully able to hijack Android smartphones via a short-range radio.
The phones he used were: the Samsung Nexus S, the Google Galaxy Nexus – which both run Android – and the Nokia N9, which runs on the MeeGo system.
To attack the Android phones Mr Miller wrote software to control a reader tag that works in conjunction with Near Field Communication (NFC) to abuse a feature of the smartphones known as Android beam. As its name implies, NFC works when devices are brought close together or are placed near a reader chip.
In one demo he was able to force a handset to visit any weblink or open any file sent to it. It was via this route he was able to force handsets to visit websites that ran code written to exploit known vulnerabilities in Android.
“The fact that, without you doing anything, all of a sudden your browser is going to my website, is not ideal,” Mr Miller told tech news website Ars Technica.
Although it’s not all bad news, as for the hack to be successful on an Android phone they must be running a particular version of the Android beam, be unlocked and have their screen active – so you can leave it on the side without worrying too much about hijacking!