Is it time to start thinking about smart phone viruses? [Corrected]
Major smart phone platforms appear safe for now, but how long will that last?
A research team at Rutgers University has demonstrated a series of potential holes that could theoretically puncture popular smart phones, allowing hackers to eavesdrop on conversations, track a person's movements or quickly drain the battery.
For the study, the team infected a phone running an open source operating system called Openmoko Freerunner, which is built on top of a version of Linux. Google's Android is built on Linux.
They were then able to send standard text-message commands to the infected phone. Those one-liners could activate functions, such as discretely calling another phone to listen in on meetings or transmitting GPS data.
"We did not discover any vulnerability in any of the existing smart phone OSes," Rutgers computer science professor Liviu Iftode, who worked on the study along with assistant professor Vinod Ganapathy and three students, wrote in an e-mail. "However, the attacks were real in the sense that they were fully implemented and installed in the smart phones we used for the demonstration."
While still a gap, smart phones are becoming increasingly similar in computing power to full-blown desktops and laptops. That could certainly make them a target for the more sophisticated hacks that primarily target Microsoft's Windows -- the dominant operating system.
The lack of a commanding mobile platform, especially in the U.S., could delay the inevitable risks. Worldwide, Symbian is by far the most-used smart phone system and is the choice platform for Nokia phones.
"The bottom line of our paper has been to make the community aware of the greater social consequences this type of malware may have on smart phones compared to desktops and to call for research in this direction," Iftode wrote.
Props to the first script kiddie who Rickrolls my iPhone.
[Corrected, 10:30 p.m. As two readers point out, Symbian is not built on Linux.]
-- Mark Milian