sellers86
Well-known member
Re: [ROM+Kernel] MiRaGe-CM7.2-IHO
I am very aware of this. I havent found a fix for GB yet, just ICS though. If it works, itll be included in a CNA update in the future. CM has a submission on their gerrit, I have no clue if they have accepted it or not.
Dialer attack vulnerability
I am a Republic Wireless beta community member and just saw a post over there that lists an URL to test for the dialer program being vulnerable to a USSD-based attack that triggers a phone reset by activating the reset function through a dialer string. I am still on the July 16th build so this may not apply to more recent releases. But if you go to dylanreeve.com/phone.php there is a script there that will test your dialer for the vulnerability by displaying your MEID in a dialog box (using the non-destructive *#06# IMEI code rather than the very damaging factory reset one). It displays my MEID so according to him that means that the default dialer program is vulnerable.
Just to be clear, both my Optimus V and my new Motorola XT557 display the vulnerability.
Is this already known to the devs?
There are apps available to block the attack. Look for TelStop (by @colimrm) and Auto-reset Blocker.
More info is available at: Remote USSD Attack - Prevention - dylan//posterous
I am very aware of this. I havent found a fix for GB yet, just ICS though. If it works, itll be included in a CNA update in the future. CM has a submission on their gerrit, I have no clue if they have accepted it or not.