- Jul 22, 2014
- 2,525
Another reason to avoid those DEF CON charging stations.
Google has capped a dangerous but somewhat obscure boot mode vulnerability that allowed infected PCs and chargers to put top end Nexus phones into denial of service states.
IBM reported the flaw (CVE-2016-8467) which allows infected computers and malicious power chargers to compromise Nexus 6 and 6p phones.
Google badged the bug high severity and prevented locked bootloaders from booting into the necessary risky boot modes. Nexus 6 devices were patched in November while 6P devices received the update this month.
The vulnerability overcomes the normal requirement that phones already have adb enabled in developer options.
However, users in physical control of handsets will need to tap a prompt to authorise adb connectivity with the infected PC or charger for the attacks to work.
That is a function familar with those used to modifying their devices to install custom ROMs, something even security-minded individuals practice, and less so to users running stock phones.
more in the link above....
Google has capped a dangerous but somewhat obscure boot mode vulnerability that allowed infected PCs and chargers to put top end Nexus phones into denial of service states.
IBM reported the flaw (CVE-2016-8467) which allows infected computers and malicious power chargers to compromise Nexus 6 and 6p phones.
Google badged the bug high severity and prevented locked bootloaders from booting into the necessary risky boot modes. Nexus 6 devices were patched in November while 6P devices received the update this month.
The vulnerability overcomes the normal requirement that phones already have adb enabled in developer options.
However, users in physical control of handsets will need to tap a prompt to authorise adb connectivity with the infected PC or charger for the attacks to work.
That is a function familar with those used to modifying their devices to install custom ROMs, something even security-minded individuals practice, and less so to users running stock phones.
more in the link above....
