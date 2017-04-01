- This vulnerability affects tons of smart phones (iPhone, Nexus, Samsung S*).
- The attack proceeds silently over WiFi -- you wouldn't see any indication you've been nailed.
- Mitigations and protections on WiFi embedded chips are weak.
- The second blog post will show how to fully commandeer the main phone processor by _hopping from the WiFi chip to the host_.
Imagine the havoc you could wreak by walking around a large city downtown, spewing out exploits to anyone who comes into WiFi range :-)
reply
https://support.apple.com/en-us/HT207688
Can this vulnerability cause content-owners and DRM vendors to no longer allow such devices to decode 4K content? I'm thinking of for example PlayReady certification that may be withdrawn/downgraded because of this issue, but I'm fuzzy on the details how this would work.
This blog post points to 4 Project Zero bugs for different Broadcom issues.
[0] https://bugs.chromium.org/p/project-zero/issues/detail?id=10...
[1] https://news.ycombinator.com/item?id=14024971
- This vulnerability affects tons of smart phones (iPhone, Nexus, Samsung S*). - The attack proceeds silently over WiFi -- you wouldn't see any indication you've been nailed. - Mitigations and protections on WiFi embedded chips are weak. - The second blog post will show how to fully commandeer the main phone processor by _hopping from the WiFi chip to the host_.
Imagine the havoc you could wreak by walking around a large city downtown, spewing out exploits to anyone who comes into WiFi range :-)
reply