
Do you believe the Bezos phone hack using video? - enGMzizo
Question for my fellow tech engineers , Can someone hack phone using a video ?
======
db48x
I don't know what's been said about Bezos' phone, but I think you're asking if
a video you receive from someone else can hack your phone? Sure, it's
possible. Any program running on your phone (or any other computer) that
interacts in any way with data that came from someone else could have bugs
which could be exploited in one way or another.

The simplest of these are called buffer overruns. If I tell the program on
your phone that I'm going to send 1000 bytes of data, but I actually send
2000, then there's a chance the programmer made mistakes and the program will
allocate space in memory for 1000 bytes of data, but actually copy all 2000
bytes into that space. The extra bytes will be written to memory that is
outside the allocation, overwriting whatever was there. This is almost always
exploitable, allowing me to include machine code as part of those 2000 bytes
that I sent. The phone will end up running the code that I sent instead of the
program. My code can then do anything that program could do.

Computers these days have a lot of mitigations and protections from these
sorts of problems, but even so new exploitable bugs are discovered every day.
Usually you don't hear about them, because the software vendor fixed them
without telling anyone at all. Other times they put out a security update but
don't give a lot of details. A few times a year there will be something that
makes the news, but those are just the tip of the iceberg.

