Protect Your Android Phone from the Latest MMS Bug

Yesterday, security researchers discovered a critical flaw that affects almost all Android phones, that’s about one billion smartphones worldwide if you want to quantify. The scary part is that attackers only need to know your phone number in order to take over your device! There’s a good chance, rather it’s almost certain that your device is also vulnerable. Don’t panic, though, this post is about how you can easily guard your phone against this Stagefright bug, but a bit of background first.

It works by exploiting a security hole in Stagefright library, which is used by Android OS to render incoming videos embedded within an MMS. Thus, attackers can remotely send a specially-crafted MMS to your number, and upon retrieval, a malicious code embedded in it can silently become a part of your phone. Heck, it can even stealthily remove any traces of the received MMS and much more.

Solution

First one will disable the transmission of any sort of MMS, the second involves stopping your messaging app from automatically downloading/retrieving incoming MMS, as that’s when the code gets executed.

Disable sending/receiving of all MMS messages:

  1. Open Settings > More > Mobile Networks. You will get to the first screen above.
  2. Tap “Access Point Names”.
  3. Choose the APN which handles your MMS settings
  4. At the details screen, tap APN to change the value of APN to any random string. Don’t forget to write down the existing value, as you’ll need it to restore MMS functionality

I recommend this method if you don’t use MMS messaging and are not expecting any incoming MMS either.

Disable auto-retrieve in your Messaging app:

The exact steps depend on the messaging app that you’re using. Here are the screenshots of Hangouts and Messenger (messaging client in Lollipop) app:

For Messenger:

  1. Go to Settings > Advanced and disable auto-retrieve

For Hangouts:

  1. Slide the drawer
  2. Go to Settings > SMS > and ‘uncheck Auto Retrieve MMS’.

Apply updates from your phone manufacturer

Note that the above fixes are temporary solutions. For a permanent fix, contact your phone manufacturer, see if they have any update on offer and how you can apply it. For rooted phones, the consequences can be particularly severe if a successful exploitation occurs.

This bug is not in the wild yet, that is, there are no reports of it being exploited at a mass scale, partly because the researchers who discovered it haven’t released a proof-of-concept yet.

They’re going to present it at Black Hat USA on August 5th though, and there’s a possibility of attacks emerging after that so apply the fixes or updates as soon as possible!

Slow PTCL DSL Solution during Submarine Cable Cut

Many internet users in Pakistan, particularly those using PTCL Broadband were left in extreme agony last night when their internet lines started failing—connections timing out, websites not loading and the refresh button getting abused!

It was due to a submarine fiber optic cable fault, one of those high-speed undersea cables through which PTCL runs its traffic. The particular culprit was SEA-ME-WE-4, also called SMW4. It’s not the first time that PTCL users had to bear this torture of slow internet due to a cable fault, last time it occurred was in 2013 and that too was a fault in SMW4.

Thankfully, though, Pakistan doesn’t rely on only one cable to connect to the outside world. It has multiple submarine cable links like TW1 (which is operated by Transworld Associates) and SEAMEWE3.

Solution

During cable outages, which mostly occur on SMW cables affecting PTCL users, the ISPs using Transworld Associates’ fiber optic cable (TW1) are Continue reading Slow PTCL DSL Solution during Submarine Cable Cut

Google.com.pk Hacked — Technical Details

Google.com.pk (Google Pakistan) website was hacked early morning today, and from the last several hours is still inaccessible. This domain gets all the traffic from Pakistan; people get redirected to it if a Pakistani IP opens Google.com.

Not only Google, other big names like Yahoo, Microsoft Pakistan and Apple are also apparently “hacked”. The domains Microsoft.pk, Yahoo.pk and Apple.pk remain inaccessible.

Turkish hacking group/individual “Eboz” has claimed responsibility by uploading a defaced page. The question, however is, were they all really “hacked“? Nope, not really. Let’s analyze a few things.

Performing a simple WHOIS lookup on Google.com.pk reveals the following DNS records, as of 9PM PST:

DNS records

name class type data time to live
google.com.pk IN A 127.0.0.1 3600s (01:00:00)
google.com.pk IN NS dns2.freehostia.com 3600s (01:00:00)
google.com.pk IN SOA
server: dns1.freehostia.com
email: support@freehostia.com
serial: 1353750918
refresh: 28800
retry: 7200
expire: 604800
minimum ttl: 86400
3600s (01:00:00)
google.com.pk IN NS dns1.freehostia.com 3600s (01:00:00)
google.com.pk IN MX
preference: 10
exchange: mbox.freehostia.com
3600s (01:00:00)

 

As you can see, the NS records, responsible for resolving a domain name to IP address have been changed freehostia.com’s nameservers. It’s a free web hosting provider, and Google, Apple or other affected big brands surely won’t be using a free hosting service!

What this reveals is that the hackers managed to take control of the domain registrar/registry and changed the DNS records. In this case, .pk domain names are handled by PKNIC.

It’s important to note that this doesn’t mean those hackers actually gained access servers of these companies. It’s highly unlikely! Rather, they just pointed the domain names to their own DNS records and people accessing these websites were redirected to the pages setup by hackers.

Google.com.pk is not opening because the IP address to which it points has been changed to 127.0.0.1. That’s a local loop IP address and if you try to open it, you just access your own computer’s port 80.

DIY: Mini UPS for DSL Modem and WiFi Routers

Load shedding and power outages: For those who can’t live without their computers and internet for any or no reason, this situation is a worst nightmare.

This is a rough, simple and not a sophisticated solution, but works in keeping your devices powered on! It can power not only DSL/WiFi routers, but also any other appliance that can work at 9V or 12V. Keep the internet alive, and use it on your laptop or cell phone, 24×7!

I use it to power my PTCL DSL ZXDSL 831CII DSL router and a TP-Link WR740N WiFi router. PTCL router’s ratings are 12VDC 500mA, TP-Link’s 9VDC 700mA.

That’s why I’ve taken two outputs.

Circuit Diagram – DIY UPS for DSL Modem/WiFi Router:

 

UPS for DSL Modem/WiFi Router
Click to Enlarge

 

Parts:

  • One 12V 7AH lead acid battery.
  • One 16 or 18V laptop charger, max 2-2.5A current to charge the battery.
  • Five 1N5404 diodes.
  • One LM338T linear voltage regulator with a heatsink.
  • One 0.1uF ceramic capacitor.
  • One 1uF electrolytic capacitor (note the polarity of capacitor).
  • Two resistors. R1 = 2.6kOhm, R2= 250 Ohms.

Things that you need to note:

  • Make sure you check the specs of your appliances, in this case, router/modem first.
  • If you are only using a single router, just remove the respective part from circuit diagram. E.g., if you are using a 12V router, you don’t need those 4 diodes and 9V output jack.
  • You need to attach a DC pin to the outputs of the circuit. The same pin that is connected to your adapters, which go into your modem. Now, you don’t need that adapter. Just buy the same pin from market.
  • You can give input from a laptop charger of 16V to 18V. Keep in mind the current rating of the charger, as higher current ratings can damage the battery quite quickly. Even 2A current is too much for a battery of 7AH. It should be around 700mA, but that will also cause slow charging.
  • You must also attach a heatsink with LM338T IC. It gets extremely hot during operation!

I used a veroboard to build the circuit. You can use either that (will have to solder things), or use a breadboard.

Thanks to folks at Wiredpakistan like Ijaz, jhagra and Asad for their help.

Chip Wars: Apple Using Samsung’s Help in iPad Manufacturing

With the rise of Android smartphones and tablets, Samsung and Apple have been fighting over patents all around the world. Apple tried to block the sales of Samsung Galaxy Tab in Europe and Australia but failed to do so in most of the countries. Samsung too is suing Apple in reaction whenever they find any of their patented technology being used by Apple.

One interesting fact was unveiled last year with the release of iPad 2 which has now got much prominence after the recent release of iPad 3 few days back. Last year, techinsights team disassembled the iPad 2 and found out that the heart of Apple’s iPad, the A5 processor was actually fabricated by a Samsung fabrication plant in Texas, USA. Read more here.

 

A5 is a 1GHz dual-core CPU with a processor die size of 12.1 x 10.1 mm. More interestingly, the A4 processor used in first iPad was also fabricated by Samsung. Confirmed by techinsights as well!

Apple seems quite helpless in this case it seems, because no one else can produce better chips than Samsung at this time 😉

 

This didn’t stop with iPad 2. With the recent launch of iPad 3, iFixit soon found out that Samsung again had fabricated a few major parts of Apple’s new tablet. (BBC)

One of them is the A5x CPU (pictured below):

Another is the 9.7 inch HD screen, which too is manufactured by Samsung! 😀

 

Isn’t it ironic? On one hand Apple picks up fights with Samsung and try to bring it down, while at the same time Apple is DEPENDENT on Samsung for manufacturing of their chips. I guess it’s about time that Apple accepts Samsung as an equal or perhaps even better and bigger competitor when it comes to tablets and smartphones. Lawsuits and suing each other is doing no good to anyone. They could put that money into more R&D to produce cheaper chips which could ultimately help the masses!

 

Video for Welcome Party – DCSE

Well, made this video (first video ever) in a hurry for welcome party that we (batch 12) had organized for batch 13, computer systems engineering department, UET Peshawar. Party was on 29th Feb. and I was working till 4AM that night.

Choosing the right soundtrack for the right sequence took most of the time. I think still the choice of soundtracks wasn’t the best.

Background music for starting intro I took from a video on YouTube. The acoustic guitar music which starts afterwards, when we’re coming in towards the camera I took from this video: http://www.youtube.com/watch?v=7Olj3bCK308

Guy is really talented. There was another cool beat I chose produced by Alam Khan of Pukhtunez but at the final moment went with the current one.

The second track starts with DCSE events & achievers, and is from the movie Top Gun. Chose this one, because I’m in love with Top Gun, its tracks and jets 😛

Third track is of Pirates of The Caribbean, pretty obvious. Software that I used for video editing is Sony Vegas Pro.

The actual video is: