Hacker News new | comments | show | ask | jobs | submit login

Was there enough of a delay between the request and the reply to mitigate the risk of a bad actor flooding a particular cellphone with battery-discharging pings?

Props for finding the vuln.




The request-reply delay was between 3-5 seconds in most cases, but sometimes much higher for unknown reasons. I suspect that, if this is pinging the phone, you might be able to drain the battery remotely, but that's a fairly secondary concern considering the magnitude of the primary issue.


There is no phone pinging going on. The carriers most likely keep a database of most recent location of their customers based on customer phones pinging towers.

At most, hitting location smart over and over would probably just hit the carrier databases over and over.


> The carriers most likely keep a database of most recent location of their customers based on customer phones pinging towers.

You can strike “most likely” from your statement. Carriers definitively do this.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: