At the Black Hat Conference in Las Vegas Wednesday, Accuvant Labs researcher Charlie Miller showed how he figured out a way to break into both the Google/Samsung Nexus S and Nokia N9 by means of the Near Field Communication (NFC) capability in the smartphones.
NFC is still new but it’s starting to become adopted for use in smartphone-based purchasing in particular. The experimentation that Miller did, which he demonstrated at the event, showed it’s possible to set up NFC-based radio communication to share content with the smartphones to play tricks, such as writing an exploit to crash phones and even in certain circumstances read files on the phone and more.
“I can read all the files,” said Miller about how he managed to break into the Nokia 9 when his home-made NFC-based device is in very close proximity to the targeted smartphone. “I can make phone calls, too.” Vulnerabilities he identified in the Android-powered Nexus S were located in the browser surface, he said. NFC works at near-contact range, and it could not be used to attack from any distance.
Miller said his efforts involved nine months of experimentation with NFC “fuzzing” techniques, and help from a cast of friends and fellow researchers. He said he plans to make his home-grown NFC fuzzing tool available to help with testing of NFC implementations “since there really aren’t any today.”
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org.