The uncertainty is such that anyone could enter the web browser ‘s“smartphone” from a user and control
The researcher, Charlie Miller, has demonstrated in the Black Hat security conference that any ” hacker “ can take control of ” smartphones “ manufactured by Samsung and Nokia, thanks to the vulnerability of the Near Field Communication (NFC) exchange data wirelessly through which is possible, among others, the payment by mobile phone.
Only with the hacker in question is near a ” smartphone “ with NFC, and the attack may occur that will cause this to appropriate electronic form of the phone that received the attack. The attack works by putting the phone a few inches away from a chip (size of a quarter) or placing it so touching another NFC device. Then the code chip (controlled by the attacker) is transferred to your destination, which will open malicious files or web pages that will take advantage of the vulnerability of the document reader, browser, or in some cases, the operating system itself .
You just have to bring the mobile
Miller, principal research consultant for security firm Accuvant, has spent the last five years showing the faults and flaws that allow hackers to take control of Macs, iPhones, and ” smartphones “ of Android. During the security conference Black Hat Las Vegas this year he has focused on NFC capabilities of three popular mobile devices : Nexus Nexus S and Galaxy Samsung and Nokia N9. In the case of Nexus S, when it worked with Gingerbread (Android 2.3), was violated by Miller using nothing more than a label specifically designed to take control of the application daemon that controls the functions of NFC. In addition, Charlie Miller also said the label could be modified to run malicious code on the device.
Now, the latest version of Android, IceCream Sandwich (4.0) it appears that some of these security flaws have been fixed but not all . The insecurity of smart phones with NFC technology is such that anyone could enter the web browser ‘s ” smartphones “ from a user and control it without restrictions.
Miller explained referring to users saying, “What this means is that with an NFC tag if I touch your phone, or hear, your web browser, without you doing anything, open and go to the pagethat I say . ” The functionality that we currently have NFC tags is the same as when scanning QR codes, but more simple, since you only have to bring the phone to the tag to be read.